$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft File: akXWGoN3DJDQWMdBUx2NnGtnk1o.mft (raw, json) Hash identifier: qD0P63BFfWiT1+jSbv4thkEbnU3sHHgt7Z9P2w4Culo= Subject key identifier: 93:54:F0:6D:31:94:20:EC:D9:0B:F1:BE:25:3D:98:61:64:78:96:C4 Authority key identifier: 6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A Certificate issuer: /CN=A91D1AC7/serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A Certificate serial: 0A48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft Manifest number: 0A33 Signing time: Thu 12 Jun 2025 19:33:34 +0000 Manifest this update: Thu 12 Jun 2025 19:33:34 +0000 Manifest next update: Thu 19 Jun 2025 19:33:34 +0000 Files and hashes: 1: akXWGoN3DJDQWMdBUx2NnGtnk1o.crl (hash: 0cmwlQ1It5TBr65lEZFjrCVumo34xYnPPYMYzHdzvqY=) 2: 57C25DB2E42811EA881AB667C4F9AE02.roa (hash: E9181+VVT+rwNNkc7uINFuNWW6wPgms9gTqr7A850dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:33:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2632 (0xa48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1AC7, serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A Validity Not Before: Jun 12 19:33:34 2025 GMT Not After : Jun 19 19:33:34 2025 GMT Subject: CN=684b2b8e-9a60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:98:89:2c:7a:4d:c5:4a:b4:de:45:61:c6:10: f2:63:a5:5e:e2:0b:b0:e7:01:1d:cf:ba:8e:f4:5e: d1:0b:24:0d:7a:46:e4:ce:f0:2f:24:d1:bd:fb:c1: 95:50:c8:86:3a:52:91:f7:c5:22:61:8b:0b:b5:ab: 81:68:4f:a2:91:58:71:6f:d6:ee:5a:03:f1:c8:56: 69:ab:22:f0:75:e1:67:29:12:c1:27:2f:f4:29:6a: 01:94:ec:d6:d5:bd:e8:42:8e:e7:b1:5c:f8:92:28: ac:e9:10:a7:78:94:f0:49:e6:9c:30:3c:98:09:1f: 12:8a:4d:b8:6c:e8:4c:62:73:a8:37:7e:84:8b:e5: 6d:66:96:6e:71:8f:01:92:08:7b:e2:0d:89:d2:71: d7:c2:de:c3:aa:14:cf:22:dd:80:d3:bc:4b:80:7b: ce:cd:be:be:b9:47:a1:19:e1:39:79:6e:4f:71:0e: f1:97:03:7b:9e:31:7a:05:62:57:ea:53:45:5b:c4: a2:90:fc:59:04:aa:81:29:73:68:32:28:e8:60:d2: 2a:f5:09:c3:74:5f:42:39:8e:db:a9:f1:47:1c:0b: 3b:b1:08:9d:57:94:26:79:ab:24:a0:e9:d4:b3:ed: df:b9:8e:a4:ea:a0:51:b4:b6:ed:1d:ab:4c:c5:8d: fa:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:54:F0:6D:31:94:20:EC:D9:0B:F1:BE:25:3D:98:61:64:78:96:C4 X509v3 Authority Key Identifier: keyid:6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:75:65:b6:94:c6:63:5d:b8:f5:36:43:7b:e0:98:46:7d:03: 30:b5:f7:38:8a:d7:ab:1d:05:07:6d:a1:fe:9f:6d:30:98:22: f6:38:1b:f0:75:0a:d3:bc:53:c2:f4:95:21:bb:d9:68:04:70: ad:81:1d:45:93:09:9e:3a:d1:fe:ad:fb:3c:49:ff:76:b5:62: 68:d6:ce:9d:6f:7b:47:ef:dc:12:ff:2b:02:6a:0f:aa:fb:59: 9b:ef:ee:01:af:ca:b5:30:8b:3d:76:52:98:53:e9:20:e8:79: 14:b1:cb:89:05:44:0e:f5:b3:15:29:5a:51:67:f6:bb:48:32: 3b:7b:b7:6a:de:de:6a:43:1f:a7:3d:d8:10:69:6e:84:cc:f6: 8a:6e:29:42:54:1d:fd:e0:21:0b:8e:c9:88:59:f1:89:13:fd: dd:cb:ab:23:51:c5:96:61:f1:9d:28:09:67:fd:6a:3d:ee:30: 91:27:79:c8:97:6c:27:98:df:1b:06:ef:38:ab:79:57:92:ec: 9f:20:e2:a0:44:16:1e:8e:74:51:2e:fb:69:1f:38:a0:22:d6: d8:be:a7:f5:5c:0b:80:f3:e6:70:1b:e8:f4:2b:10:61:ff:1f: 53:db:75:67:d7:eb:41:78:ab:39:f3:33:60:b3:7b:e3:18:41: 7c:bd:28:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFBQzcxMTAvBgNVBAUTKDZBNDVENjFBODM3NzBDOTBEMDU4Qzc0MTUzMUQ4RDlD NkI2NzkzNUEwHhcNMjUwNjEyMTkzMzM0WhcNMjUwNjE5MTkzMzM0WjAYMRYwFAYD VQQDEw02ODRiMmI4ZS05YTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx5iJLHpNxUq03kVhxhDyY6Ve4guw5wEdz7qO9F7RCyQNekbkzvAvJNG9+8GV UMiGOlKR98UiYYsLtauBaE+ikVhxb9buWgPxyFZpqyLwdeFnKRLBJy/0KWoBlOzW 1b3oQo7nsVz4kiis6RCneJTwSeacMDyYCR8Sik24bOhMYnOoN36Ei+VtZpZucY8B kgh74g2J0nHXwt7DqhTPIt2A07xLgHvOzb6+uUehGeE5eW5PcQ7xlwN7njF6BWJX 6lNFW8SikPxZBKqBKXNoMijoYNIq9QnDdF9COY7bqfFHHAs7sQidV5QmeaskoOnU s+3fuY6k6qBRtLbtHatMxY36YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJNU8G0x lCDs2QvxviU9mGFkeJbEMB8GA1UdIwQYMBaAFGpF1hqDdwyQ0FjHQVMdjZxrZ5Na MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUFDNy84MUE0QzRENjZF NDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RKRFFXTWRCVXgyTm5HdG5r MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FrWFdHb04zREpEUVdNZEJVeDJObkd0bmsxby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUFDNy84MUE0QzRENjZFNDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RK RFFXTWRCVXgyTm5HdG5rMW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASdWW2lMZjXbj1NkN74JhGfQMwtfc4iterHQUHbaH+n20wmCL2OBvw dQrTvFPC9JUhu9loBHCtgR1FkwmeOtH+rfs8Sf92tWJo1s6db3tH79wS/ysCag+q +1mb7+4Br8q1MIs9dlKYU+kg6HkUscuJBUQO9bMVKVpRZ/a7SDI7e7dq3t5qQx+n PdgQaW6EzPaKbilCVB394CELjsmIWfGJE/3dy6sjUcWWYfGdKAln/Wo97jCRJ3nI l2wnmN8bBu84q3lXkuyfIOKgRBYejnRRLvtpHzigItbYvqf1XAuA8+ZwG+j0KxBh /x9T23Vn1+tBeKs58zNgs3vjGEF8vShD -----END CERTIFICATE-----Generated at Sat Jun 14 18:56:40 2025 by rpki-client