$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: 22jYj3shor9Qb09OZA7zQinJmFLljLjCg5DMihIBNZ0= Subject key identifier: 1B:18:37:D5:73:2D:DF:17:10:2D:58:5D:E8:A3:01:07:EB:0C:68:CA Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 095F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 0959 Signing time: Thu 12 Jun 2025 19:58:15 +0000 Manifest this update: Thu 12 Jun 2025 19:58:14 +0000 Manifest next update: Thu 19 Jun 2025 19:58:14 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: kBBXSl8L8D6CCxinzgUIPgZ3p6LL5U4Ds1DqW0tWSHE=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: S4ZaaJwKZSnUQdUJjzEBewIqlA4hqhU0xKL1nfod00M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:58:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2399 (0x95f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Jun 12 19:58:14 2025 GMT Not After : Jun 19 19:58:14 2025 GMT Subject: CN=684b3157-e404 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e4:b0:52:ae:66:f9:57:b9:f2:ed:6d:8c:cd: b7:3b:06:f7:1e:ef:7d:7b:42:2a:3a:03:02:27:21: 79:b1:8d:79:9d:f9:fb:43:f2:e8:e1:b9:39:b1:e9: bf:3b:a0:45:1f:17:09:88:e3:24:fa:32:04:2b:86: 40:59:4c:ab:d1:be:10:3c:ce:37:67:24:c3:1d:7b: 62:ad:53:11:cd:27:45:d7:8c:9d:98:a8:ea:48:d6: c7:f6:4f:b2:cd:77:fe:96:ac:da:7e:7e:f9:37:73: c1:97:e0:07:85:4a:7b:4b:38:2d:e8:3d:e8:2e:32: 4a:68:fb:13:ee:2d:7b:57:ad:ff:c4:f9:b5:d0:6d: 37:88:e9:45:fd:26:44:0f:72:e3:39:b7:f4:e4:31: 25:6e:56:e2:eb:cc:00:7c:6d:b0:4f:ec:40:a9:68: 11:c9:1b:6e:0d:50:90:d0:b3:01:0a:d7:73:e5:39: 62:e0:25:c0:cd:c6:e2:54:f8:64:44:db:1e:54:f2: 55:b0:1d:68:df:8f:4d:e0:94:94:86:65:c2:8f:52: 65:3b:2b:f6:f3:45:cf:47:50:e0:63:a5:1b:9f:1b: 50:a3:e5:b4:6d:be:8c:79:f0:7d:0f:e1:a1:14:73: 58:50:12:47:2f:ad:00:45:c8:09:fd:59:b5:6c:24: 40:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:18:37:D5:73:2D:DF:17:10:2D:58:5D:E8:A3:01:07:EB:0C:68:CA X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:58:cc:de:82:75:f9:fd:e1:b5:4a:4b:bb:c9:97:40:0b:99: 54:75:18:b6:00:a8:62:9a:c8:18:f8:26:6d:b7:5a:0a:45:8d: a4:e3:84:c2:09:04:72:13:74:a1:c8:03:24:6d:cd:51:07:28: f9:69:91:42:1d:3c:05:2f:a3:86:05:68:eb:6d:19:d5:ef:f9: da:b9:d8:b7:55:ef:75:7b:ad:0d:83:22:87:16:f8:8a:f7:44: 17:89:06:09:5d:9e:09:d2:66:1d:2e:b8:b0:0f:9c:91:33:eb: a3:7e:bb:98:ac:ed:04:fb:db:f0:a7:28:6e:a1:6e:d4:3c:ce: d2:59:11:07:f8:d9:78:26:84:d3:f2:91:cd:2e:09:88:1e:df: 5c:bc:fa:ad:99:86:d0:4e:f7:50:22:d4:69:42:b6:10:7b:70: ed:da:a6:e4:74:9e:e2:55:6c:4c:28:2d:e1:e5:7d:d4:6a:fa: fd:20:d9:45:15:4b:b8:c9:20:22:9b:28:8c:82:a4:02:1a:98: d4:55:57:b4:9c:8a:e2:90:11:64:27:5d:e9:12:b3:52:4e:b3: 34:9e:4d:b4:69:d4:25:ca:6f:18:23:a3:a7:c3:14:86:5f:ca: 4a:f5:b1:61:1b:6d:42:55:25:5f:cf:9c:91:b4:0c:cf:e0:36: 99:fb:b9:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwNjEyMTk1ODE0WhcNMjUwNjE5MTk1ODE0WjAYMRYwFAYD VQQDEw02ODRiMzE1Ny1lNDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvuSwUq5m+Ve58u1tjM23Owb3Hu99e0IqOgMCJyF5sY15nfn7Q/Lo4bk5sem/ O6BFHxcJiOMk+jIEK4ZAWUyr0b4QPM43ZyTDHXtirVMRzSdF14ydmKjqSNbH9k+y zXf+lqzafn75N3PBl+AHhUp7Szgt6D3oLjJKaPsT7i17V63/xPm10G03iOlF/SZE D3LjObf05DElblbi68wAfG2wT+xAqWgRyRtuDVCQ0LMBCtdz5Tli4CXAzcbiVPhk RNseVPJVsB1o349N4JSUhmXCj1JlOyv280XPR1DgY6UbnxtQo+W0bb6MefB9D+Gh FHNYUBJHL60ARcgJ/Vm1bCRAdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBsYN9Vz Ld8XEC1YXeijAQfrDGjKMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHWMzegnX5/eG1Sku7yZdAC5lUdRi2AKhimsgY+CZtt1oKRY2k44TC CQRyE3ShyAMkbc1RByj5aZFCHTwFL6OGBWjrbRnV7/naudi3Ve91e60NgyKHFviK 90QXiQYJXZ4J0mYdLriwD5yRM+ujfruYrO0E+9vwpyhuoW7UPM7SWREH+Nl4JoTT 8pHNLgmIHt9cvPqtmYbQTvdQItRpQrYQe3Dt2qbkdJ7iVWxMKC3h5X3Uavr9INlF FUu4ySAimyiMgqQCGpjUVVe0nIrikBFkJ13pErNSTrM0nk20adQlym8YI6OnwxSG X8pK9bFhG21CVSVfz5yRtAzP4DaZ+7nh -----END CERTIFICATE-----Generated at Sat Jun 14 17:44:36 2025 by rpki-client