$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft File: MGcPYbflDgsLiOclHeh4TAPJ5GI.mft (raw, json) Hash identifier: nEna3X9b4eCpohGvUiOSCIg4vqgHX/xjwF5Cb2+sFVY= Subject key identifier: 1D:35:68:34:7F:67:67:52:6D:E0:D1:A5:47:9F:85:05:19:5E:39:04 Authority key identifier: 30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 Certificate issuer: /CN=A91CE6EC/serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Certificate serial: C3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft Manifest number: C1 Signing time: Mon 16 Jun 2025 15:49:16 +0000 Manifest this update: Mon 16 Jun 2025 15:49:15 +0000 Manifest next update: Mon 23 Jun 2025 15:49:15 +0000 Files and hashes: 1: MGcPYbflDgsLiOclHeh4TAPJ5GI.crl (hash: d5FZQKc8NT90qqMPqfKaeeTt9Ul/6r1FP6jhf0MDfDk=) 2: 038610FC2D1E11EFA25C6D16C4F9AE02.roa (hash: nEx36xMYEspoRTHpBzsjyglWKve6HGzaUV9gJlWDtWQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 15:49:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Validity Not Before: Jun 16 15:49:15 2025 GMT Not After : Jun 23 15:49:15 2025 GMT Subject: CN=68503cfb-0ebf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b3:bd:9a:99:8b:ab:c7:6b:0b:41:67:b6:fc: 65:0b:e3:5e:4d:89:f3:7d:dd:9b:51:d9:d1:8a:d7: b2:dd:ce:cc:1c:da:24:78:d1:d5:a6:8f:43:f1:99: 51:53:3f:a4:b2:c4:7d:40:bb:5e:c3:14:db:0b:0f: 05:b1:69:da:35:71:83:68:27:53:dd:3e:f2:bd:2e: 36:40:16:62:1e:1a:59:d1:a1:16:21:03:57:b3:f8: 35:66:c0:c8:ed:f5:ed:3c:6d:9f:60:12:b3:a1:cd: d8:81:c4:40:57:16:ee:43:fa:bc:bb:65:09:2e:1a: 2a:48:43:fd:3e:4b:08:c2:8d:95:33:55:13:44:d2: 3f:f0:cc:33:18:29:9c:05:e0:3f:ac:78:bd:e2:c5: be:59:ed:65:d8:bc:be:48:b0:88:3e:e9:7d:6e:a3: 05:e7:70:b0:d3:87:96:9b:ff:3c:d1:b9:30:b6:0a: 85:5e:34:6a:e7:14:25:64:9f:35:aa:dc:82:33:7d: 9d:b7:68:34:c5:09:b6:89:95:c2:86:7f:ef:35:7e: ff:49:07:ca:e0:92:56:04:8e:d1:a9:33:dd:74:7a: f7:bf:2e:4c:93:29:bb:1c:e0:bb:34:e0:d7:d2:b7: 10:c7:ba:21:05:c2:60:3f:c9:4e:28:8a:f6:a3:40: bf:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:35:68:34:7F:67:67:52:6D:E0:D1:A5:47:9F:85:05:19:5E:39:04 X509v3 Authority Key Identifier: keyid:30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:67:ed:14:27:64:f1:d1:b9:39:59:44:17:88:95:2f:82:20: 70:03:bf:39:b9:b3:1b:dd:d8:77:3b:f3:18:a8:4a:79:5e:5c: 18:f5:da:5d:23:a7:76:af:eb:dd:42:7e:0a:4f:ea:98:39:02: 45:29:bd:46:89:93:5c:b6:85:a0:ad:57:d6:e9:f0:ef:ad:77: 16:58:b1:45:bc:46:af:e5:21:69:93:d1:81:0e:30:1c:ed:4e: 24:19:ce:e4:c7:e2:a8:e1:71:6e:ac:b5:36:e9:2e:fe:6f:7b: db:18:7c:f5:c0:20:18:eb:61:3b:e3:3c:8b:8c:d6:36:97:c5: b8:f0:13:ff:14:52:65:f8:25:f0:ed:db:9a:25:60:48:7a:48: 18:2b:8f:71:27:9d:bd:5c:39:a1:01:79:43:e3:4f:2f:ce:b0: c7:b1:ce:51:86:6b:ac:90:e4:1e:8c:ef:bb:13:35:69:9d:72: 68:d1:7e:bd:8a:f6:e9:61:29:75:9a:50:95:66:b5:91:5e:61: 79:e4:cb:23:0c:c8:a3:26:26:bc:cc:dd:b9:23:31:de:b3:2c: 11:e1:d8:ed:9f:9f:1b:55:ff:ef:b5:45:68:43:78:55:5e:04: c1:44:24:88:f4:7e:2f:79:43:50:55:2b:57:5a:53:b2:a2:b8: 62:ac:0b:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKDMwNjcwRjYxQjdFNTBFMEIwQjg4RTcyNTFERTg3ODRD MDNDOUU0NjIwHhcNMjUwNjE2MTU0OTE1WhcNMjUwNjIzMTU0OTE1WjAYMRYwFAYD VQQDEw02ODUwM2NmYi0wZWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyrO9mpmLq8drC0FntvxlC+NeTYnzfd2bUdnRitey3c7MHNokeNHVpo9D8ZlR Uz+kssR9QLtewxTbCw8FsWnaNXGDaCdT3T7yvS42QBZiHhpZ0aEWIQNXs/g1ZsDI 7fXtPG2fYBKzoc3YgcRAVxbuQ/q8u2UJLhoqSEP9PksIwo2VM1UTRNI/8MwzGCmc BeA/rHi94sW+We1l2Ly+SLCIPul9bqMF53Cw04eWm/880bkwtgqFXjRq5xQlZJ81 qtyCM32dt2g0xQm2iZXChn/vNX7/SQfK4JJWBI7RqTPddHr3vy5Mkym7HOC7NODX 0rcQx7ohBcJgP8lOKIr2o0C/TQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB01aDR/ Z2dSbeDRpUefhQUZXjkEMB8GA1UdIwQYMBaAFDBnD2G35Q4LC4jnJR3oeEwDyeRi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy8wODJBODlGMDJB MjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERnc0xpT2NsSGVoNFRBUEo1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL01HY1BZYmZsRGdzTGlPY2xIZWg0VEFQSjVHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy8wODJBODlGMDJBMjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERn c0xpT2NsSGVoNFRBUEo1R0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDNZ+0UJ2Tx0bk5WUQXiJUvgiBwA785ubMb3dh3O/MYqEp5XlwY9dpd I6d2r+vdQn4KT+qYOQJFKb1GiZNctoWgrVfW6fDvrXcWWLFFvEav5SFpk9GBDjAc 7U4kGc7kx+Ko4XFurLU26S7+b3vbGHz1wCAY62E74zyLjNY2l8W48BP/FFJl+CXw 7duaJWBIekgYK49xJ529XDmhAXlD408vzrDHsc5RhmuskOQejO+7EzVpnXJo0X69 ivbpYSl1mlCVZrWRXmF55MsjDMijJia8zN25IzHesywR4djtn58bVf/vtUVoQ3hV XgTBRCSI9H4veUNQVStXWlOyorhirAvl -----END CERTIFICATE-----Generated at Tue Jun 17 21:40:31 2025 by rpki-client