$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft File: CekFd0f2O6Ciga54ATZozt6kCrQ.mft (raw, json) Hash identifier: kI6AlRvXkYURtcK4ekXNsENSH77IUtceDhgylrrZPOk= Subject key identifier: CC:E0:98:13:13:A8:C5:CE:1B:C2:8A:DD:14:18:68:B8:02:59:45:4B Authority key identifier: 09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 Certificate issuer: /CN=A91CDAFB/serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Certificate serial: 017F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft Manifest number: 017C Signing time: Sun 15 Jun 2025 02:53:52 +0000 Manifest this update: Sun 15 Jun 2025 02:53:52 +0000 Manifest next update: Sun 22 Jun 2025 02:53:52 +0000 Files and hashes: 1: CekFd0f2O6Ciga54ATZozt6kCrQ.crl (hash: /4sfp04uh++YYOMlRHEzXNKqZlE1QmbxjiJOcvwnFyI=) 2: 2815D106041A11EEA67A6B4DC4F9AE02.roa (hash: SwrvoVYgU6/JlbNtHbJmqe4zyeb9jSsFgyQPBZNxoww=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 383 (0x17f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CDAFB, serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Validity Not Before: Jun 15 02:53:52 2025 GMT Not After : Jun 22 02:53:52 2025 GMT Subject: CN=684e35c0-ec48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c7:05:33:5f:c9:7d:6d:b1:a6:00:54:83:49: ab:31:46:22:bf:7e:cd:e7:0a:77:0d:07:02:11:d3: 6f:c6:0b:f5:46:e3:29:01:a0:e7:59:53:b4:38:cd: 97:f6:76:04:e7:c8:65:61:27:2a:95:b1:c0:3e:c5: fe:47:71:90:f7:93:0f:2f:8b:f2:25:fc:71:8a:c2: b5:29:35:dc:f5:a6:96:13:c1:16:1f:b0:2c:e4:d5: 5c:a0:bd:13:0b:c2:e3:02:0b:08:75:b3:31:7f:6a: ee:32:e9:b4:de:de:11:ef:3a:c1:ed:ba:ab:78:13: 40:be:77:46:72:94:af:e0:67:be:7b:18:36:9c:2d: 7b:37:37:08:51:41:84:ac:d0:74:0c:82:29:a5:f2: 81:55:f3:93:20:1e:9f:1d:f9:51:12:63:ae:36:41: f6:9a:ce:dd:f4:da:19:df:c0:15:fa:c7:a3:72:9e: ad:02:58:fb:40:82:49:2e:b0:a3:57:b9:42:af:3b: 40:1e:86:95:66:3a:ae:8f:a0:d4:b4:a8:f1:7f:54: db:ab:d6:5e:3a:54:f8:fd:a8:4e:b7:ff:dc:c5:c7: ad:33:8b:5f:9e:58:d7:f4:0b:d2:98:f2:82:99:f3: a4:7d:63:43:93:15:6d:83:d6:8b:a9:e5:ff:03:67: 4d:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:E0:98:13:13:A8:C5:CE:1B:C2:8A:DD:14:18:68:B8:02:59:45:4B X509v3 Authority Key Identifier: keyid:09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:84:09:bf:18:13:36:8b:47:7d:35:94:2e:b6:2a:b9:ff:c8: 7a:d9:d0:63:01:bb:6e:1a:f3:7f:57:06:44:da:e1:79:34:bd: 52:ed:c7:d6:f2:a1:a3:a0:9c:a2:15:5f:5a:30:1f:00:7a:bd: 7a:dc:7f:bc:0b:52:db:44:61:38:ee:d8:85:7b:e7:80:77:20: d8:33:97:79:45:3c:03:57:50:13:c9:c9:a5:93:6d:94:f8:c8: 96:b7:74:28:9f:4e:4b:4b:0d:ac:09:aa:8b:89:93:fa:02:93: 16:21:67:53:2b:7f:a4:15:31:f1:6d:22:5a:d9:0b:1d:b0:5e: 45:ca:53:9c:15:6b:38:08:0b:90:ef:75:e1:57:30:81:49:c3: 07:cd:26:bb:3b:05:85:2c:37:15:87:66:77:19:0f:69:7a:c4: a1:92:f2:a9:f9:3b:2e:df:8f:9e:09:08:26:ae:d5:18:0f:f4: 8a:0c:5d:6a:d0:6d:5b:8e:3c:bf:df:cf:c6:2e:87:8c:1f:23: 9f:32:3a:05:2b:44:0d:af:7e:bf:60:89:3f:7b:62:6c:bc:26: 59:7a:46:d4:6e:a6:c4:d3:40:cb:4c:37:23:1f:92:1f:fc:2d: 5d:5f:63:50:17:24:9f:51:16:6b:0c:2a:3c:47:3a:9f:e0:97: 3f:d9:e9:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0RBRkIxMTAvBgNVBAUTKDA5RTkwNTc3NDdGNjNCQTBBMjgxQUU3ODAxMzY2OENF REVBNDBBQjQwHhcNMjUwNjE1MDI1MzUyWhcNMjUwNjIyMDI1MzUyWjAYMRYwFAYD VQQDEw02ODRlMzVjMC1lYzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3McFM1/JfW2xpgBUg0mrMUYiv37N5wp3DQcCEdNvxgv1RuMpAaDnWVO0OM2X 9nYE58hlYScqlbHAPsX+R3GQ95MPL4vyJfxxisK1KTXc9aaWE8EWH7As5NVcoL0T C8LjAgsIdbMxf2ruMum03t4R7zrB7bqreBNAvndGcpSv4Ge+exg2nC17NzcIUUGE rNB0DIIppfKBVfOTIB6fHflREmOuNkH2ms7d9NoZ38AV+sejcp6tAlj7QIJJLrCj V7lCrztAHoaVZjquj6DUtKjxf1Tbq9ZeOlT4/ahOt//cxcetM4tfnljX9AvSmPKC mfOkfWNDkxVtg9aLqeX/A2dN0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMzgmBMT qMXOG8KK3RQYaLgCWUVLMB8GA1UdIwQYMBaAFAnpBXdH9jugooGueAE2aM7epAq0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDREFGQi9FQzBGNkEzODAz NDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82Q2lnYTU0QVRab3p0NmtD clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nla0ZkMGYyTzZDaWdhNTRBVFpvenQ2a0NyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD REFGQi9FQzBGNkEzODAzNDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82 Q2lnYTU0QVRab3p0NmtDclEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXhAm/GBM2i0d9NZQutiq5/8h62dBjAbtuGvN/VwZE2uF5NL1S7cfW 8qGjoJyiFV9aMB8Aer163H+8C1LbRGE47tiFe+eAdyDYM5d5RTwDV1ATycmlk22U +MiWt3Qon05LSw2sCaqLiZP6ApMWIWdTK3+kFTHxbSJa2QsdsF5FylOcFWs4CAuQ 73XhVzCBScMHzSa7OwWFLDcVh2Z3GQ9pesShkvKp+Tsu34+eCQgmrtUYD/SKDF1q 0G1bjjy/38/GLoeMHyOfMjoFK0QNr36/YIk/e2JsvCZZekbUbqbE00DLTDcjH5If /C1dX2NQFySfURZrDCo8Rzqf4Jc/2elt -----END CERTIFICATE-----Generated at Sun Jun 15 09:49:18 2025 by rpki-client