$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.mft File: o1D687bxS8juGymW7tSOJwIOEIM.mft (raw, json) Hash identifier: gD0t2iG7HMKY/EdHLnhwXPyZEZcUl6lkIdEcnk4F7rU= Subject key identifier: 97:41:87:66:9A:E5:41:6D:B9:0B:14:02:44:4A:88:39:73:FE:01:48 Authority key identifier: A3:50:FA:F3:B6:F1:4B:C8:EE:1B:29:96:EE:D4:8E:27:02:0E:10:83 Certificate issuer: /CN=A91D4834/serialNumber=A350FAF3B6F14BC8EE1B2996EED48E27020E1083 Certificate serial: 0864 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1D687bxS8juGymW7tSOJwIOEIM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.mft Manifest number: 0853 Signing time: Sat 14 Jun 2025 20:31:45 +0000 Manifest this update: Sat 14 Jun 2025 20:31:45 +0000 Manifest next update: Sat 21 Jun 2025 20:31:45 +0000 Files and hashes: 1: o1D687bxS8juGymW7tSOJwIOEIM.crl (hash: cHByHTFbZqPj7OM71X/ztu/jELAl9CMNrLMgsBUj928=) 2: C286BE40C4C711EDAFA9AF17C4F9AE02.roa (hash: wm0PciNiC4cbLFQcb4SHn/OMRIvkGpQeYyT8rS6bdpU=) 3: 032132A0E0D011ECAF88A30DC4F9AE02.roa (hash: Oqme3hgS+ErgCZrhOMJFY6E0bgLfBlO2jysH8V+HitY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.crl rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1D687bxS8juGymW7tSOJwIOEIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 20:31:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2148 (0x864) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4834, serialNumber=A350FAF3B6F14BC8EE1B2996EED48E27020E1083 Validity Not Before: Jun 14 20:31:45 2025 GMT Not After : Jun 21 20:31:45 2025 GMT Subject: CN=684ddc31-57e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:80:92:98:bb:96:01:0b:b7:37:10:fd:e9:94: d2:6c:67:d3:94:3e:b7:2b:73:2f:e7:5b:47:77:3e: 3c:94:1b:41:bd:aa:ab:ce:9d:df:98:90:2f:38:9f: 84:68:4f:5c:54:72:29:c0:13:67:ee:eb:2c:76:c5: 40:a2:cc:37:e1:ab:93:c6:3c:c8:ee:33:30:19:d0: b0:d4:c3:ca:7a:5b:5b:e2:0c:96:10:15:ca:6c:11: 1d:19:1b:1b:b0:94:b0:57:11:e5:53:a6:4a:74:a1: 40:cb:33:46:63:a3:b1:72:93:f9:3e:1e:91:26:40: 45:6c:f5:d0:57:dd:6b:7a:f7:8a:6e:4b:0c:e3:6a: 20:9e:3b:66:aa:82:e1:19:82:2b:80:a6:cb:eb:b2: 2b:ed:0e:e8:61:60:24:e7:bd:9b:45:f7:82:ef:da: da:4a:cd:01:db:c7:e5:54:c8:a7:ef:f3:8a:3f:57: 4a:aa:3c:98:4b:a2:2d:3f:63:a3:cd:6b:65:a2:db: ab:d7:fd:2a:5e:54:b1:81:ed:47:af:19:57:d6:01: b8:13:1c:b1:73:03:84:43:09:2f:aa:c2:b7:c5:11: b6:21:0c:2b:2d:d7:c0:22:c0:c9:6e:c4:b5:e1:09: 5d:f0:cb:dd:3b:f7:a7:07:e1:46:bf:93:13:54:3b: 98:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:41:87:66:9A:E5:41:6D:B9:0B:14:02:44:4A:88:39:73:FE:01:48 X509v3 Authority Key Identifier: keyid:A3:50:FA:F3:B6:F1:4B:C8:EE:1B:29:96:EE:D4:8E:27:02:0E:10:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1D687bxS8juGymW7tSOJwIOEIM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4834/51BEDFC4CC8D11EAAFFEDB36C4F9AE02/o1D687bxS8juGymW7tSOJwIOEIM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:db:b9:f7:d7:2c:1f:77:e3:d4:73:54:e5:06:f4:97:1e:52: 4f:90:3d:45:c8:46:16:06:66:34:96:f6:01:e9:71:e1:46:09: d9:dc:77:6f:54:12:61:75:5e:38:40:69:23:77:c5:12:e8:9e: c6:c1:6d:65:a3:c7:84:e4:ec:de:24:22:c2:ae:04:c5:07:55: 1b:10:01:e2:62:fd:54:41:82:d0:0b:1a:7f:c8:31:5f:ef:4a: 7e:3b:95:f1:bf:7d:d1:a1:c4:8a:49:30:c7:18:b0:a2:65:9a: 39:af:fd:2c:bf:56:6b:67:98:e1:65:60:30:a5:5e:42:00:19: 27:36:6b:d5:fb:21:c2:31:d6:55:e4:71:c8:f6:00:48:49:66: db:f7:a6:e8:50:d2:08:84:93:87:45:b7:47:ec:6d:9d:fe:62: ca:ee:fe:04:af:c1:d0:95:d5:2b:45:69:70:75:72:2b:d5:a6: d7:b2:a1:27:2a:9b:81:3f:82:f9:d9:29:4b:86:c1:81:00:49: a0:f5:dc:31:3a:51:17:c5:ba:61:2d:28:41:ea:14:9c:d3:43: f6:14:f2:05:8d:e1:96:00:3a:fa:d6:d1:a3:19:96:a7:ef:aa: dd:99:ea:97:f9:36:bc:b1:ba:d4:15:bb:44:93:2b:ac:64:d2: 4f:a8:b7:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ4MzQxMTAvBgNVBAUTKEEzNTBGQUYzQjZGMTRCQzhFRTFCMjk5NkVFRDQ4RTI3 MDIwRTEwODMwHhcNMjUwNjE0MjAzMTQ1WhcNMjUwNjIxMjAzMTQ1WjAYMRYwFAYD VQQDEw02ODRkZGMzMS01N2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvYCSmLuWAQu3NxD96ZTSbGfTlD63K3Mv51tHdz48lBtBvaqrzp3fmJAvOJ+E aE9cVHIpwBNn7ussdsVAosw34auTxjzI7jMwGdCw1MPKeltb4gyWEBXKbBEdGRsb sJSwVxHlU6ZKdKFAyzNGY6OxcpP5Ph6RJkBFbPXQV91reveKbksM42ognjtmqoLh GYIrgKbL67Ir7Q7oYWAk572bRfeC79raSs0B28flVMin7/OKP1dKqjyYS6ItP2Oj zWtlotur1/0qXlSxge1HrxlX1gG4ExyxcwOEQwkvqsK3xRG2IQwrLdfAIsDJbsS1 4Qld8MvdO/enB+FGv5MTVDuYOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJdBh2aa 5UFtuQsUAkRKiDlz/gFIMB8GA1UdIwQYMBaAFKNQ+vO28UvI7hsplu7UjicCDhCD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDgzNC81MUJFREZDNEND OEQxMUVBQUZGRURCMzZDNEY5QUUwMi9vMUQ2ODdieFM4anVHeW1XN3RTT0p3SU9F SU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28xRDY4N2J4UzhqdUd5bVc3dFNPSndJT0VJTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDgzNC81MUJFREZDNENDOEQxMUVBQUZGRURCMzZDNEY5QUUwMi9vMUQ2ODdieFM4 anVHeW1XN3RTT0p3SU9FSU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAk27n31ywfd+PUc1TlBvSXHlJPkD1FyEYWBmY0lvYB6XHhRgnZ3Hdv VBJhdV44QGkjd8US6J7GwW1lo8eE5OzeJCLCrgTFB1UbEAHiYv1UQYLQCxp/yDFf 70p+O5Xxv33RocSKSTDHGLCiZZo5r/0sv1ZrZ5jhZWAwpV5CABknNmvV+yHCMdZV 5HHI9gBISWbb96boUNIIhJOHRbdH7G2d/mLK7v4Er8HQldUrRWlwdXIr1abXsqEn KpuBP4L52SlLhsGBAEmg9dwxOlEXxbphLShB6hSc00P2FPIFjeGWADr61tGjGZan 76rdmeqX+Ta8sbrUFbtEkyusZNJPqLec -----END CERTIFICATE-----Generated at Sun Jun 15 10:04:12 2025 by rpki-client