$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft File: -D3DokbRIVGsh6dyzsoO3SFfhio.mft (raw, json) Hash identifier: yRROd77EATC/FPlTqmBLBxU61EV2VKavrosv6jWW1BY= Subject key identifier: 2C:8F:7A:53:72:B4:E9:AB:D2:D4:7F:3A:CD:BD:14:3B:81:35:47:57 Authority key identifier: F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A Certificate issuer: /CN=A91DDFF2/serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Certificate serial: E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft Manifest number: E7 Signing time: Sun 15 Jun 2025 04:31:44 +0000 Manifest this update: Sun 15 Jun 2025 04:31:44 +0000 Manifest next update: Sun 22 Jun 2025 04:31:44 +0000 Files and hashes: 1: -D3DokbRIVGsh6dyzsoO3SFfhio.crl (hash: /dU9EfUTmmHkBzMUvgyb9ADXIc/+SVzSsTBgkn4J3eI=) 2: EC7311FEE5C311EEBF217685C4F9AE02.roa (hash: qmFjn7wAfMqWkF24WNm8IekVR4ecxQdIio3RLzGcoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 233 (0xe9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDFF2, serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Validity Not Before: Jun 15 04:31:44 2025 GMT Not After : Jun 22 04:31:44 2025 GMT Subject: CN=684e4cb0-85c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:29:3c:13:d4:37:c4:63:fd:d0:d9:d4:20:05: 37:40:3a:ee:0d:3d:89:68:5f:90:6b:5b:06:e5:6f: 68:f0:94:3a:0b:9a:33:a5:b5:bd:c5:28:f5:34:8e: 55:70:dc:98:a7:d5:e9:09:70:8f:17:35:9c:7d:e7: 1d:c3:06:d5:d0:8e:98:17:f8:f8:dd:90:a3:9b:09: 67:3f:0e:50:8e:1e:96:18:78:63:fc:0e:67:15:ac: 07:2e:80:aa:70:50:32:fa:60:37:94:6e:8e:d3:2d: cd:85:d4:bb:0a:6e:e4:28:3f:32:58:e4:fe:c9:d8: 25:97:e8:1c:6e:9e:c6:a3:e4:19:88:f7:6a:dd:85: bc:4a:3b:49:cb:cc:a8:09:34:3e:72:8c:89:55:30: 70:df:18:b2:b3:ec:05:7e:a0:51:b3:36:59:5f:e6: c4:f3:b9:10:bd:f0:1d:4d:29:53:8a:19:52:97:bc: ad:9d:82:d5:fc:50:4b:09:c1:d8:c5:e6:a3:5c:52: 97:62:5f:a1:1a:ae:33:e7:a9:06:90:dd:6c:bf:7e: ed:26:3d:16:55:8b:61:88:c0:0b:da:cb:b0:89:c7: 0e:44:5d:00:ad:8d:c5:37:de:bb:5a:1e:c9:1b:99: 70:27:91:6c:c4:1f:d2:75:41:4f:30:60:72:2e:f2: 33:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:8F:7A:53:72:B4:E9:AB:D2:D4:7F:3A:CD:BD:14:3B:81:35:47:57 X509v3 Authority Key Identifier: keyid:F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:e2:e4:2a:4c:2e:16:af:56:5d:f4:f6:ee:77:35:55:71:b7: fb:8f:b2:0e:25:06:83:07:bd:9a:13:4b:8c:f7:36:fe:21:58: 89:05:f4:6f:48:cc:e0:58:3f:aa:7c:fe:7e:83:be:22:c7:a7: a8:b6:d9:dc:3f:8d:e9:5c:8e:ca:24:73:04:1f:59:ca:97:df: 02:18:3c:a7:b8:2c:86:ae:5e:c1:f5:43:7c:87:53:3c:0c:af: b3:2a:98:f5:d3:16:1e:41:e5:e0:68:09:68:d8:d8:58:ae:33: 32:56:a0:be:6d:14:ad:49:45:e2:f5:b1:3d:72:5d:65:69:46: 1a:35:8a:db:8f:f8:5c:f8:9b:42:85:f6:53:a4:81:45:dd:67: 3f:4a:56:78:bb:50:3e:28:14:b4:69:e9:5d:32:bd:d3:9e:fc: e3:4e:b1:f0:0a:bb:7b:08:45:30:57:3a:3d:0e:af:62:be:c4: b4:c1:5b:91:5e:20:11:29:0e:7c:81:91:b2:e3:b4:a6:60:2a: d1:2a:97:17:d7:9b:45:83:10:df:38:7a:0e:af:a8:8c:2f:82: fc:8b:06:e4:ef:22:56:f4:74:7f:03:fa:7d:47:9f:43:3c:a0: 89:b8:3f:c8:1e:49:97:a5:3d:65:3b:e1:4a:77:8d:1b:c3:20: 2a:5f:dd:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERGRjIxMTAvBgNVBAUTKEY4M0RDM0EyNDZEMTIxNTFBQzg3QTc3MkNFQ0EwRURE MjE1Rjg2MkEwHhcNMjUwNjE1MDQzMTQ0WhcNMjUwNjIyMDQzMTQ0WjAYMRYwFAYD VQQDEw02ODRlNGNiMC04NWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtyk8E9Q3xGP90NnUIAU3QDruDT2JaF+Qa1sG5W9o8JQ6C5ozpbW9xSj1NI5V cNyYp9XpCXCPFzWcfecdwwbV0I6YF/j43ZCjmwlnPw5Qjh6WGHhj/A5nFawHLoCq cFAy+mA3lG6O0y3NhdS7Cm7kKD8yWOT+ydgll+gcbp7Go+QZiPdq3YW8SjtJy8yo CTQ+coyJVTBw3xiys+wFfqBRszZZX+bE87kQvfAdTSlTihlSl7ytnYLV/FBLCcHY xeajXFKXYl+hGq4z56kGkN1sv37tJj0WVYthiMAL2suwiccORF0ArY3FN967Wh7J G5lwJ5FsxB/SdUFPMGByLvIzxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCyPelNy tOmr0tR/Os29FDuBNUdXMB8GA1UdIwQYMBaAFPg9w6JG0SFRrIencs7KDt0hX4Yq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEREZGMi9DOUFGMjkzNEU1 QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklWR3NoNmR5enNvTzNTRmZo aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1EM0Rva2JSSVZHc2g2ZHl6c29PM1NGZmhpby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE REZGMi9DOUFGMjkzNEU1QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklW R3NoNmR5enNvTzNTRmZoaW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCM4uQqTC4Wr1Zd9PbudzVVcbf7j7IOJQaDB72aE0uM9zb+IViJBfRv SMzgWD+qfP5+g74ix6eottncP43pXI7KJHMEH1nKl98CGDynuCyGrl7B9UN8h1M8 DK+zKpj10xYeQeXgaAlo2NhYrjMyVqC+bRStSUXi9bE9cl1laUYaNYrbj/hc+JtC hfZTpIFF3Wc/SlZ4u1A+KBS0aeldMr3TnvzjTrHwCrt7CEUwVzo9Dq9ivsS0wVuR XiARKQ58gZGy47SmYCrRKpcX15tFgxDfOHoOr6iML4L8iwbk7yJW9HR/A/p9R59D PKCJuD/IHkmXpT1lO+FKd40bwyAqX91D -----END CERTIFICATE-----Generated at Sun Jun 15 08:36:02 2025 by rpki-client