$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: Od8Ntf0jURO1TZkYU9ls+S706IeV8CmIBgXQjbxcEAw= Subject key identifier: 1D:2F:1F:CB:F1:77:F1:CE:1D:47:39:F1:75:D6:2F:A8:33:20:47:87 Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 258B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 2580 Signing time: Sat 14 Jun 2025 15:42:44 +0000 Manifest this update: Sat 14 Jun 2025 15:42:44 +0000 Manifest next update: Sat 21 Jun 2025 15:42:44 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: 8vrW7lqJ9g9Eov1KEy3n1ZLjMr89DHoozz503hedCig=) 2: 96F26DD8E4A511EF8259C769C4F9AE02.roa (hash: Fcy0t/fzkFaWJQcPeRfi9B3H65XjHBViUmgSczRX2lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 15:42:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9611 (0x258b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: Jun 14 15:42:44 2025 GMT Not After : Jun 21 15:42:44 2025 GMT Subject: CN=684d9874-d689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:39:73:07:26:96:bf:f8:82:51:fd:ad:37:3f: e6:89:65:e0:b9:bc:5c:c9:25:d7:db:dc:59:d3:d0: 08:41:f2:f1:72:f4:64:b9:4f:c0:41:63:70:c3:ab: 81:c2:6c:98:46:99:65:25:2b:e2:2a:fb:cc:21:2e: b5:98:fb:ce:59:38:ab:25:32:23:c0:56:8a:c7:24: 93:92:b3:4e:28:25:af:06:e0:40:e9:2b:bc:bb:10: 2e:3f:20:b1:ab:9c:48:72:d8:7f:89:81:ec:d4:04: 58:4a:74:4b:f9:ce:2f:1d:39:ae:76:00:f5:fd:1b: 03:0e:6e:ac:50:92:77:5b:26:67:85:33:a2:a1:3a: 3c:f7:74:85:a4:bd:f9:e6:5d:cd:e0:7a:b3:9f:a0: 93:e6:d9:27:33:ab:09:8b:1a:34:ad:fc:4b:bd:e2: 37:d8:7e:f5:60:13:fe:00:05:42:91:b1:bc:a0:b1: 5b:65:f9:25:c3:e2:e5:d0:dd:a8:df:54:4c:0b:bd: 0f:d7:63:d6:fe:d0:ec:b6:07:f0:65:7e:da:1f:63: 63:36:25:41:09:39:fd:8a:2f:5a:db:d2:48:b0:32: b4:50:31:96:71:29:37:8e:72:7f:35:3c:d7:ab:0f: 89:60:96:8f:fa:17:d4:2e:45:9a:30:f3:50:9c:56: 78:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:2F:1F:CB:F1:77:F1:CE:1D:47:39:F1:75:D6:2F:A8:33:20:47:87 X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:48:8c:75:2e:21:7d:59:b1:08:b2:1e:9d:08:9a:bf:b4:20: 1c:69:53:11:ef:c4:a4:3f:99:e8:9a:f8:1c:da:01:27:48:82: e1:a0:ad:7b:fd:fe:3c:ef:b2:a2:2e:63:f4:b8:27:10:59:de: 70:3d:83:43:e3:77:d2:c8:50:99:45:c2:d2:29:50:9b:68:22: 9a:0b:cc:ca:d6:81:80:87:f4:f9:70:d7:79:22:02:64:0d:b2: e6:c4:63:c9:6b:5e:09:aa:30:c8:18:89:c1:40:d0:17:15:77: cc:8f:9c:81:21:c6:5b:a6:33:c5:ff:63:56:37:9e:6d:b3:f7: fc:28:07:4a:76:9d:9a:cf:71:0e:30:10:fd:18:ff:a1:02:9b: 01:25:14:18:f0:74:89:71:20:4b:80:2e:45:c6:08:ad:54:a5: 4c:fe:12:63:dc:7a:0c:1e:dd:48:f3:fb:a2:75:e1:2c:1e:e7: ea:3e:5d:d5:89:b8:0a:68:d7:3f:6a:2e:6d:ce:c1:58:24:2a: b4:06:e4:86:7a:c3:82:64:8c:1d:32:36:61:e0:29:89:1a:fa: 71:c7:1d:17:29:6b:56:6b:e8:a1:4c:b2:16:40:8a:b4:2b:9d: 81:ac:f7:ec:17:3a:a3:3d:b7:7a:69:67:a4:90:7b:30:f5:27: 3b:d0:ab:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjUwNjE0MTU0MjQ0WhcNMjUwNjIxMTU0MjQ0WjAYMRYwFAYD VQQDEw02ODRkOTg3NC1kNjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoTlzByaWv/iCUf2tNz/miWXgubxcySXX29xZ09AIQfLxcvRkuU/AQWNww6uB wmyYRpllJSviKvvMIS61mPvOWTirJTIjwFaKxySTkrNOKCWvBuBA6Su8uxAuPyCx q5xIcth/iYHs1ARYSnRL+c4vHTmudgD1/RsDDm6sUJJ3WyZnhTOioTo893SFpL35 5l3N4Hqzn6CT5tknM6sJixo0rfxLveI32H71YBP+AAVCkbG8oLFbZfklw+Ll0N2o 31RMC70P12PW/tDstgfwZX7aH2NjNiVBCTn9ii9a29JIsDK0UDGWcSk3jnJ/NTzX qw+JYJaP+hfULkWaMPNQnFZ4MQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB0vH8vx d/HOHUc58XXWL6gzIEeHMB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAESIx1LiF9WbEIsh6dCJq/tCAcaVMR78SkP5nomvgc2gEnSILhoK17 /f4877KiLmP0uCcQWd5wPYND43fSyFCZRcLSKVCbaCKaC8zK1oGAh/T5cNd5IgJk DbLmxGPJa14JqjDIGInBQNAXFXfMj5yBIcZbpjPF/2NWN55ts/f8KAdKdp2az3EO MBD9GP+hApsBJRQY8HSJcSBLgC5FxgitVKVM/hJj3HoMHt1I8/uideEsHufqPl3V ibgKaNc/ai5tzsFYJCq0BuSGesOCZIwdMjZh4CmJGvpxxx0XKWtWa+ihTLIWQIq0 K52BrPfsFzqjPbd6aWekkHsw9Sc70Ktb -----END CERTIFICATE-----Generated at Sat Jun 14 18:44:27 2025 by rpki-client