$ rpki-client -vvf rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft File: GLHIjO5o9jwhzWoMsbgx1db11s8.mft (raw, json) Hash identifier: 0N4I0PFjHVGyXkSzk9X6ofrOzffqIfswtPGlr0Eb6nc= Subject key identifier: F7:5C:98:AD:8C:3F:14:99:93:94:E1:80:D3:38:BD:BB:81:11:EE:B4 Authority key identifier: 18:B1:C8:8C:EE:68:F6:3C:21:CD:6A:0C:B1:B8:31:D5:D6:F5:D6:CF Certificate issuer: /CN=A91DAFA2/serialNumber=18B1C88CEE68F63C21CD6A0CB1B831D5D6F5D6CF Certificate serial: 1C0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft Manifest number: 1C04 Signing time: Wed 18 Jun 2025 16:13:41 +0000 Manifest this update: Wed 18 Jun 2025 16:13:40 +0000 Manifest next update: Wed 25 Jun 2025 16:13:40 +0000 Files and hashes: 1: GLHIjO5o9jwhzWoMsbgx1db11s8.crl (hash: k8M2Z4WdHwzlLaUXhCoKUGWLW6CGvpXBsHyICsjNK8c=) 2: 02FB1DCAEF6A11E69A4AD551C4F9AE02.roa (hash: 87Eagj9nbEvxROvw6iIl3FH0KdIVxp+aZzvllNFI0J8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.crl rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 16:13:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7183 (0x1c0f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DAFA2, serialNumber=18B1C88CEE68F63C21CD6A0CB1B831D5D6F5D6CF Validity Not Before: Jun 18 16:13:40 2025 GMT Not After : Jun 25 16:13:40 2025 GMT Subject: CN=6852e5b4-3b21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7c:f8:00:84:de:c9:de:4c:21:9f:f0:67:13: 62:22:1d:d9:78:55:a9:ab:8f:c9:83:7a:ea:ed:d2: 03:46:e1:58:ac:d8:6f:8a:9b:e4:59:27:20:b6:e0: 1f:5e:ac:63:85:c8:35:86:c3:c9:f7:d4:07:40:dc: dc:b4:c8:9c:8c:70:6c:ca:3e:26:db:d2:cd:37:cc: 55:18:c8:78:90:7c:89:f0:41:2f:ee:77:c2:68:44: dc:4d:6f:26:6c:de:fc:86:0e:d5:e3:11:85:ec:d2: b7:21:02:31:d2:24:b5:56:de:a0:de:be:54:f1:38: 8d:31:2a:da:19:2a:97:8f:f5:54:d3:00:cc:26:22: ca:a4:a1:9f:81:58:97:6b:9b:42:4d:7e:12:22:41: 6d:8d:50:91:4c:6a:6c:a1:6d:87:b6:27:66:96:c6: 0f:9d:cc:6d:99:49:1e:41:27:04:a3:87:bf:23:07: 3e:3d:3f:ca:d6:73:5c:ea:3e:17:1c:21:fe:fe:d4: a1:9c:27:78:b1:4e:e4:c3:e7:5f:79:4d:09:86:a8: ce:4e:02:ac:2f:77:3f:ce:71:72:03:2b:f8:a0:d7: e9:ba:94:f5:ab:25:88:51:b3:76:bf:01:93:e0:2f: 0d:15:87:07:8e:16:fd:a9:5f:6e:f2:0e:38:b5:08: ec:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:5C:98:AD:8C:3F:14:99:93:94:E1:80:D3:38:BD:BB:81:11:EE:B4 X509v3 Authority Key Identifier: keyid:18:B1:C8:8C:EE:68:F6:3C:21:CD:6A:0C:B1:B8:31:D5:D6:F5:D6:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:ae:87:57:c0:cb:cc:c8:15:b2:56:85:b2:cf:56:09:44:ae: 77:85:3d:25:ac:23:b9:b8:04:b8:bd:db:28:91:19:8c:bb:5c: 8d:17:c5:07:0b:71:3c:6f:2c:7f:62:ac:d0:e8:19:21:5a:0d: 1d:9f:3b:3c:9e:4c:57:7a:20:36:8b:a6:f8:e6:cc:b2:a5:d2: 79:84:35:d9:15:61:01:74:36:50:6e:89:c4:f7:52:4f:99:55: 21:a6:84:9b:79:89:14:47:83:32:e3:81:2a:01:37:ce:55:33: 64:a0:9e:9e:79:95:30:fd:bc:08:37:cc:eb:27:8b:0f:ad:ac: 53:f7:e1:6d:2b:01:a6:d9:46:87:76:d7:a5:75:7b:da:c2:e1: 19:0c:cb:a6:a5:f5:11:d3:06:ba:b0:47:c3:ac:63:1a:0c:33: 71:bf:42:fb:9b:6e:10:ec:68:b5:9d:a4:78:ad:6d:bc:4d:69: a1:09:49:84:3f:92:e6:e3:6a:3f:ee:cd:6b:5c:2b:f6:3d:dc: dd:23:5c:71:91:9a:02:fc:22:e9:d2:11:81:bf:60:98:9b:ac: d6:03:1d:b5:54:e8:06:d4:3d:9c:55:25:76:4e:2f:9a:c8:5a: bb:3f:e0:09:83:98:9c:00:dc:a4:de:34:76:89:27:e6:d0:79: df:9c:6f:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REFGQTIxMTAvBgNVBAUTKDE4QjFDODhDRUU2OEY2M0MyMUNENkEwQ0IxQjgzMUQ1 RDZGNUQ2Q0YwHhcNMjUwNjE4MTYxMzQwWhcNMjUwNjI1MTYxMzQwWjAYMRYwFAYD VQQDEw02ODUyZTViNC0zYjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Hz4AITeyd5MIZ/wZxNiIh3ZeFWpq4/Jg3rq7dIDRuFYrNhvipvkWScgtuAf Xqxjhcg1hsPJ99QHQNzctMicjHBsyj4m29LNN8xVGMh4kHyJ8EEv7nfCaETcTW8m bN78hg7V4xGF7NK3IQIx0iS1Vt6g3r5U8TiNMSraGSqXj/VU0wDMJiLKpKGfgViX a5tCTX4SIkFtjVCRTGpsoW2HtidmlsYPncxtmUkeQScEo4e/Iwc+PT/K1nNc6j4X HCH+/tShnCd4sU7kw+dfeU0JhqjOTgKsL3c/znFyAyv4oNfpupT1qyWIUbN2vwGT 4C8NFYcHjhb9qV9u8g44tQjswQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPdcmK2M PxSZk5ThgNM4vbuBEe60MB8GA1UdIwQYMBaAFBixyIzuaPY8Ic1qDLG4MdXW9dbP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQUZBMi9CN0I2Nzc2MEVG NjkxMUU2QkQ3M0M2NTFDNEY5QUUwMi9HTEhJak81bzlqd2h6V29Nc2JneDFkYjEx czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dMSElqTzVvOWp3aHpXb01zYmd4MWRiMTFzOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QUZBMi9CN0I2Nzc2MEVGNjkxMUU2QkQ3M0M2NTFDNEY5QUUwMi9HTEhJak81bzlq d2h6V29Nc2JneDFkYjExczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhrodXwMvMyBWyVoWyz1YJRK53hT0lrCO5uAS4vdsokRmMu1yNF8UH C3E8byx/YqzQ6BkhWg0dnzs8nkxXeiA2i6b45syypdJ5hDXZFWEBdDZQbonE91JP mVUhpoSbeYkUR4My44EqATfOVTNkoJ6eeZUw/bwIN8zrJ4sPraxT9+FtKwGm2UaH dteldXvawuEZDMumpfUR0wa6sEfDrGMaDDNxv0L7m24Q7Gi1naR4rW28TWmhCUmE P5Lm42o/7s1rXCv2PdzdI1xxkZoC/CLp0hGBv2CYm6zWAx21VOgG1D2cVSV2Ti+a yFq7P+AJg5icANyk3jR2iSfm0HnfnG+1 -----END CERTIFICATE-----Generated at Wed Jun 18 19:59:40 2025 by rpki-client