$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: b2JT1W5C/SSd0qNnSWzNuW5ovV3CwuL5VZU6T/gPpYY= Subject key identifier: 7A:C8:43:BB:2E:88:F7:E7:C9:50:8B:0C:06:61:D9:A1:21:3D:EC:CB Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12CE Signing time: Wed 18 Jun 2025 17:02:45 +0000 Manifest this update: Wed 18 Jun 2025 17:02:44 +0000 Manifest next update: Wed 25 Jun 2025 17:02:44 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: G4Ivf/JMFu/IZNV2WD5l2KXoZrEK5oG3KEDxjBCwHb4=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 17:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4831 (0x12df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Jun 18 17:02:44 2025 GMT Not After : Jun 25 17:02:44 2025 GMT Subject: CN=6852f135-89eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:64:4a:22:19:b1:07:e8:75:8b:08:04:f6:d8: 03:13:6c:ac:16:2e:72:3e:02:77:1f:5f:69:ab:ac: 51:dc:d0:4d:62:38:35:71:17:2b:77:c1:fe:32:40: 67:2c:42:5a:88:a9:b4:bc:32:a1:50:f3:65:d5:17: c0:ca:ba:8c:4f:1f:d0:92:2e:ae:76:9c:b9:b5:44: 9e:b5:73:34:20:34:cb:cb:49:f3:20:46:77:0b:40: 58:91:c2:11:19:0f:81:27:47:96:3a:e9:80:4f:d2: e0:11:0f:92:03:52:8a:43:a1:e9:e4:1b:25:9d:ef: 1c:5f:90:3b:6b:f7:e0:a1:66:3c:df:67:81:2a:8c: e7:05:b4:4b:d0:63:11:cb:3a:49:3b:40:29:b3:f3: 55:c6:d5:01:98:6d:da:01:4e:79:c2:f0:37:d9:2d: d4:a2:a8:b6:73:ad:7b:3c:81:ec:b0:13:10:0f:72: 19:38:ff:3b:ba:46:15:e1:81:a8:c9:d5:4a:e9:04: 52:bd:70:26:e3:a3:0c:48:22:d9:35:d0:12:07:76: d0:dc:b8:40:d1:8d:ac:9b:78:ae:81:34:85:6a:34: 8f:2b:41:5f:76:c0:90:0e:94:60:65:dc:7d:28:14: d7:ca:f3:2a:51:4b:d1:38:e2:58:01:e3:8b:82:1a: fe:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:C8:43:BB:2E:88:F7:E7:C9:50:8B:0C:06:61:D9:A1:21:3D:EC:CB X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:5f:39:af:41:8c:d9:d9:a6:17:ab:2c:81:38:f5:a6:9d:f2: b3:1b:67:a5:29:ae:5a:bb:71:c7:8f:b6:95:f8:25:e4:9d:7f: a5:1e:d7:2a:64:0d:46:9e:72:6a:d3:3f:f1:70:71:0b:15:6f: 1e:68:81:27:d1:a4:63:e2:e2:10:ac:ef:82:11:c1:06:7f:2f: 07:d2:36:54:06:95:8b:43:a0:d6:ad:0e:05:7c:31:ac:e7:cc: a7:8b:6f:a5:1e:1e:7d:25:1d:88:b6:fb:7d:e5:bb:c6:25:fe: bd:54:d6:ab:0f:ae:67:60:6f:b6:30:11:b5:ef:42:25:c0:c4: 42:9b:b6:8f:fb:c3:b5:b7:2c:fa:70:84:60:7a:54:a3:05:aa: 5a:b6:b3:f1:d1:77:49:38:7e:53:88:5e:77:d8:68:17:72:51: f1:eb:df:49:4b:31:ec:86:56:1d:59:43:e8:8c:d2:1a:60:b9: b9:93:63:06:5d:61:12:cb:96:d5:f3:74:e2:f3:0f:7b:1d:f8: 92:27:1d:3b:42:e0:80:c5:6f:4c:44:71:e9:86:9b:e7:6c:d1: 81:7f:4c:fa:7c:7d:3d:ee:06:b6:70:56:75:4e:82:65:ea:af: 93:3d:59:88:87:bb:d4:26:f3:13:9e:21:20:7d:ec:ac:51:1b: f0:93:fa:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwNjE4MTcwMjQ0WhcNMjUwNjI1MTcwMjQ0WjAYMRYwFAYD VQQDEw02ODUyZjEzNS04OWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoWRKIhmxB+h1iwgE9tgDE2ysFi5yPgJ3H19pq6xR3NBNYjg1cRcrd8H+MkBn LEJaiKm0vDKhUPNl1RfAyrqMTx/Qki6udpy5tUSetXM0IDTLy0nzIEZ3C0BYkcIR GQ+BJ0eWOumAT9LgEQ+SA1KKQ6Hp5Bslne8cX5A7a/fgoWY832eBKoznBbRL0GMR yzpJO0Aps/NVxtUBmG3aAU55wvA32S3Uoqi2c617PIHssBMQD3IZOP87ukYV4YGo ydVK6QRSvXAm46MMSCLZNdASB3bQ3LhA0Y2sm3iugTSFajSPK0FfdsCQDpRgZdx9 KBTXyvMqUUvROOJYAeOLghr+cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHrIQ7su iPfnyVCLDAZh2aEhPezLMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/XzmvQYzZ2aYXqyyBOPWmnfKzG2elKa5au3HHj7aV+CXknX+lHtcq ZA1GnnJq0z/xcHELFW8eaIEn0aRj4uIQrO+CEcEGfy8H0jZUBpWLQ6DWrQ4FfDGs 58yni2+lHh59JR2Itvt95bvGJf69VNarD65nYG+2MBG170IlwMRCm7aP+8O1tyz6 cIRgelSjBapatrPx0XdJOH5TiF532GgXclHx699JSzHshlYdWUPojNIaYLm5k2MG XWESy5bV83Ti8w97HfiSJx07QuCAxW9MRHHphpvnbNGBf0z6fH097ga2cFZ1ToJl 6q+TPVmIh7vUJvMTniEgfeysURvwk/rH -----END CERTIFICATE-----Generated at Fri Jun 20 17:14:38 2025 by rpki-client