$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: PWOiBMaKJU6O/Tbl6hRv07wYD+2fSnRZHaSAn8qbPWc= Subject key identifier: 16:F4:C6:F0:A4:CB:94:79:AB:72:C4:06:68:69:78:8A:BC:BD:3F:1E Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 357E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 34FA Signing time: Wed 18 Jun 2025 14:16:18 +0000 Manifest this update: Wed 18 Jun 2025 14:16:18 +0000 Manifest next update: Wed 25 Jun 2025 14:16:18 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: z4dIf7imo5WXMC7RKLabgb1NiwOf6XdbvKKaaBSYyn0=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 14:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13694 (0x357e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Jun 18 14:16:18 2025 GMT Not After : Jun 25 14:16:18 2025 GMT Subject: CN=6852ca32-7bdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:18:47:17:0d:7f:51:9c:7b:9b:73:18:6b:71: b6:07:89:56:c3:c8:75:b4:19:87:86:7e:4e:be:34: 52:9e:55:f1:7f:c5:c9:2b:cc:c9:08:29:10:8f:bc: 1e:bb:72:98:d1:ae:9e:02:72:49:2b:55:1f:ff:75: 89:92:7f:8d:a7:7c:45:38:ef:fb:02:dc:ad:6c:7e: bb:59:c9:13:06:1c:c1:d5:af:85:b1:37:d7:1c:14: 26:7f:ff:94:fa:35:96:ab:8f:bb:77:b2:95:7a:68: e5:1c:c8:56:91:12:09:d0:d8:6e:7d:92:37:83:ac: 7f:9c:59:39:94:c5:aa:76:3d:e3:04:28:54:97:14: c3:28:58:06:f9:a8:9a:7e:bf:16:0a:d2:d0:72:4e: 48:bb:48:94:56:07:7c:62:98:aa:ec:8d:46:0b:f4: db:d5:30:79:7b:6b:ad:61:87:6e:a7:d3:c2:b7:14: ff:1f:5d:43:10:3f:1d:4c:73:88:8b:e3:a1:65:f5: c1:b6:f3:37:93:eb:38:01:18:2f:4a:5f:09:be:42: 4c:5c:26:5d:18:33:5e:f6:10:43:11:26:12:c4:4b: df:d0:1e:51:3f:75:d2:27:1b:3d:6f:34:b9:62:88: 50:fd:7e:f1:6c:e1:af:44:46:98:07:4d:48:89:b0: 56:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F4:C6:F0:A4:CB:94:79:AB:72:C4:06:68:69:78:8A:BC:BD:3F:1E X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:7d:b4:3b:84:3a:74:f2:6b:3c:fe:43:56:21:c4:5e:c3:ca: 7d:71:62:c7:a7:97:42:4f:10:8f:64:8a:b9:b4:a0:20:2c:bb: 93:dc:a4:a5:ba:f5:47:03:2f:50:85:ac:40:c6:db:d4:d8:01: af:5e:dd:61:9c:ac:bd:9e:32:26:22:77:f8:57:07:f9:56:66: b2:19:07:58:52:97:22:06:15:38:09:ea:40:0b:b2:2e:36:f4: e9:52:9b:c3:88:06:66:d2:d3:89:75:b3:e6:07:d6:9d:26:b0: 3d:db:2f:90:67:c6:96:c0:b6:85:68:61:2d:13:02:25:b7:17: 2e:bd:3b:3a:f5:6e:70:7a:01:08:eb:22:a2:7a:cd:49:e7:3f: e5:62:20:f5:19:98:12:77:99:67:6c:0e:24:9f:01:bf:f3:0d: 9d:c3:7c:37:5b:b8:b1:53:1a:a9:e9:dc:23:2c:19:3b:65:97: 9b:af:e7:2e:4d:4f:16:a9:0e:fd:59:1c:3b:6d:e2:c5:ea:07: 00:02:dc:a6:ca:87:5a:3b:d5:68:8a:10:88:b1:bf:b9:69:cb: 28:13:d4:ba:a0:22:cd:d1:9f:d2:54:b8:ae:67:21:04:63:e6: 83:0f:8e:24:b9:19:23:c8:f2:94:6a:38:6b:5f:c6:89:74:f4: 99:e7:db:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwNjE4MTQxNjE4WhcNMjUwNjI1MTQxNjE4WjAYMRYwFAYD VQQDEw02ODUyY2EzMi03YmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1BhHFw1/UZx7m3MYa3G2B4lWw8h1tBmHhn5OvjRSnlXxf8XJK8zJCCkQj7we u3KY0a6eAnJJK1Uf/3WJkn+Np3xFOO/7AtytbH67WckTBhzB1a+FsTfXHBQmf/+U +jWWq4+7d7KVemjlHMhWkRIJ0NhufZI3g6x/nFk5lMWqdj3jBChUlxTDKFgG+aia fr8WCtLQck5Iu0iUVgd8Ypiq7I1GC/Tb1TB5e2utYYdup9PCtxT/H11DED8dTHOI i+OhZfXBtvM3k+s4ARgvSl8JvkJMXCZdGDNe9hBDESYSxEvf0B5RP3XSJxs9bzS5 YohQ/X7xbOGvREaYB01IibBWfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBb0xvCk y5R5q3LEBmhpeIq8vT8eMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxfbQ7hDp08ms8/kNWIcRew8p9cWLHp5dCTxCPZIq5tKAgLLuT3KSl uvVHAy9QhaxAxtvU2AGvXt1hnKy9njImInf4Vwf5VmayGQdYUpciBhU4CepAC7Iu NvTpUpvDiAZm0tOJdbPmB9adJrA92y+QZ8aWwLaFaGEtEwIltxcuvTs69W5wegEI 6yKies1J5z/lYiD1GZgSd5lnbA4knwG/8w2dw3w3W7ixUxqp6dwjLBk7ZZebr+cu TU8WqQ79WRw7beLF6gcAAtymyodaO9VoihCIsb+5acsoE9S6oCLN0Z/SVLiuZyEE Y+aDD44kuRkjyPKUajhrX8aJdPSZ59uT -----END CERTIFICATE-----Generated at Thu Jun 19 11:08:38 2025 by rpki-client