$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: vLxsXKDPdMIAj4f52pBMQgtMedumynMUBzRvGXKXbK8= Subject key identifier: A6:50:7C:D8:36:B7:BC:BC:BD:E5:B9:36:B9:FE:4D:E7:3D:C3:53:C4 Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 01A3 Signing time: Sun 15 Jun 2025 02:34:16 +0000 Manifest this update: Sun 15 Jun 2025 02:34:16 +0000 Manifest next update: Sun 22 Jun 2025 02:34:16 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: ALQ7MP2kfk53ocCsn90rH/a63FYdXPhd4U1PU50kESY=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:34:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Jun 15 02:34:16 2025 GMT Not After : Jun 22 02:34:16 2025 GMT Subject: CN=684e3128-2eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b7:86:7a:c4:9e:30:6b:79:60:f0:49:77:0b: 63:42:4d:06:e3:48:24:1c:6f:3d:58:c8:56:c7:26: 07:85:5b:a5:29:1f:28:83:8b:91:26:b4:61:3f:3f: 4a:9d:66:6d:0f:79:2d:d7:5a:a4:0c:84:9f:c5:b4: 19:54:8b:3d:3d:4a:a7:06:06:55:ba:c1:11:c1:cc: d1:e4:ca:b7:7b:c6:21:ed:cf:92:15:d2:b1:be:6a: 77:64:66:d2:17:7f:3b:ec:73:43:14:c3:96:23:70: 42:8f:80:de:91:d3:7e:34:4c:3b:79:2b:3d:1f:49: bf:a3:82:df:a0:f6:fd:59:5a:03:99:8d:09:26:3b: 9e:45:10:f8:0d:0f:c7:ee:21:97:04:61:06:35:f4: 24:46:e7:28:bc:63:b1:80:b3:c4:4e:8e:51:9e:93: 12:42:48:ff:3b:e6:a5:65:d6:8d:30:35:bf:9c:d2: a0:35:fe:d9:93:d4:bf:41:d9:94:49:ac:0d:cd:fb: 96:cd:dc:16:87:37:13:17:bf:a9:ac:a8:f9:a9:bf: b1:60:c8:ba:5c:cf:44:e4:fe:ad:5c:12:1d:36:01: 6b:51:cb:f5:62:dd:17:cd:94:cd:cc:1c:09:7c:b6: f5:ac:39:84:2d:19:78:c9:e5:cf:20:3e:f3:45:7a: 19:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:50:7C:D8:36:B7:BC:BC:BD:E5:B9:36:B9:FE:4D:E7:3D:C3:53:C4 X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:c5:de:2e:09:90:1f:b6:c1:61:84:c2:aa:cf:4f:e9:cd:5a: b6:7b:8f:54:d0:5e:b8:9b:c1:c9:21:c3:45:b4:e4:3e:a7:05: c9:bd:df:1a:c1:9a:53:d2:9b:f4:85:4d:36:58:ee:a3:0e:2e: 0c:71:a0:64:8b:7e:09:3b:87:1c:83:9a:bf:01:87:fa:f1:87: 1c:46:d7:ab:6a:72:44:a5:31:5c:b1:be:cd:7b:05:62:a5:f7: 8e:87:fa:6f:2e:c8:cf:25:ac:b6:7a:05:0e:4a:5c:3c:f5:43: e4:9b:6c:41:79:06:9f:e9:7c:20:23:ec:17:c0:4e:d5:88:d4: 2b:a0:37:d2:b5:c9:4d:34:c3:54:69:ae:d8:22:f5:21:65:c2: 19:15:4f:e7:75:b0:c6:be:cb:65:8b:86:a6:9b:ef:2e:ae:15: 52:1c:1a:33:5e:b0:7e:35:09:bf:92:9d:99:41:be:2a:4d:0f: 8b:3b:5e:5e:85:2e:a4:76:bd:bc:ac:16:e8:f9:cf:ac:da:08: b0:2e:42:6b:43:65:65:fb:a5:61:c5:cd:1a:ba:cb:3d:6e:b8: 74:53:1c:1a:b4:72:2c:ed:31:47:6e:c5:e1:9d:99:fa:8f:62: 14:1f:89:ca:0b:be:20:d6:60:6b:d5:a0:b1:97:5d:9b:80:dc: 49:df:a6:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUwNjE1MDIzNDE2WhcNMjUwNjIyMDIzNDE2WjAYMRYwFAYD VQQDEw02ODRlMzEyOC0yZWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoreGesSeMGt5YPBJdwtjQk0G40gkHG89WMhWxyYHhVulKR8og4uRJrRhPz9K nWZtD3kt11qkDISfxbQZVIs9PUqnBgZVusERwczR5Mq3e8Yh7c+SFdKxvmp3ZGbS F3877HNDFMOWI3BCj4DekdN+NEw7eSs9H0m/o4LfoPb9WVoDmY0JJjueRRD4DQ/H 7iGXBGEGNfQkRucovGOxgLPETo5RnpMSQkj/O+alZdaNMDW/nNKgNf7Zk9S/QdmU SawNzfuWzdwWhzcTF7+prKj5qb+xYMi6XM9E5P6tXBIdNgFrUcv1Yt0XzZTNzBwJ fLb1rDmELRl4yeXPID7zRXoZIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKZQfNg2 t7y8veW5Nrn+Tec9w1PEMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3xd4uCZAftsFhhMKqz0/pzVq2e49U0F64m8HJIcNFtOQ+pwXJvd8a wZpT0pv0hU02WO6jDi4McaBki34JO4ccg5q/AYf68YccRteranJEpTFcsb7NewVi pfeOh/pvLsjPJay2egUOSlw89UPkm2xBeQaf6XwgI+wXwE7ViNQroDfStclNNMNU aa7YIvUhZcIZFU/ndbDGvstli4amm+8urhVSHBozXrB+NQm/kp2ZQb4qTQ+LO15e hS6kdr28rBbo+c+s2giwLkJrQ2Vl+6Vhxc0auss9brh0UxwatHIs7TFHbsXhnZn6 j2IUH4nKC74g1mBr1aCxl12bgNxJ36Z0 -----END CERTIFICATE-----Generated at Sun Jun 15 10:07:33 2025 by rpki-client