$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft File: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft (raw, json) Hash identifier: X7M0bITkywWdH0cpqdWQZ15OysXKfC9Q/n0xzNjdlyE= Subject key identifier: C3:AA:01:07:F0:7B:FC:30:2B:3B:44:65:28:EA:58:3F:1D:74:4E:91 Authority key identifier: 89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 Certificate issuer: /CN=A91F2046/serialNumber=894809630956924382CC39D460FA4764B0175934 Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft Manifest number: 0BF8 Signing time: Thu 12 Jun 2025 18:34:33 +0000 Manifest this update: Thu 12 Jun 2025 18:34:33 +0000 Manifest next update: Thu 19 Jun 2025 18:34:33 +0000 Files and hashes: 1: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl (hash: XCURcovuk3tmaluSIdp5R/CqSXwPpIO95RipH+giEdo=) 2: 0D2573FA173E11EA947B2976C4F9AE02.roa (hash: LIAL0RVUWvTNgpPqawClJ1GtfpOkeD0nFPnq/+uTw9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 18:34:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2046, serialNumber=894809630956924382CC39D460FA4764B0175934 Validity Not Before: Jun 12 18:34:33 2025 GMT Not After : Jun 19 18:34:33 2025 GMT Subject: CN=684b1db9-4710 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:10:d2:2a:fa:a6:7c:1a:de:2d:44:fe:86:75: 1d:b3:d7:3f:e1:56:8c:39:0b:75:17:1d:14:ae:2d: c2:c3:8d:f3:d1:0f:9e:eb:27:3c:81:07:29:49:71: d6:76:93:4a:01:74:ff:82:f3:6f:0a:c6:b6:00:22: 61:38:4d:d3:c8:ff:f7:11:07:0d:4e:b1:7d:bc:a6: 09:2e:88:5f:83:a3:43:36:e9:1c:20:37:3c:b6:cd: d7:bf:00:34:1c:75:5e:a7:68:0c:d5:d0:5a:f2:f8: 56:42:8c:a9:91:5e:4d:cf:c0:7b:48:aa:70:49:43: 69:29:02:c3:0b:0b:45:e5:a3:42:4c:19:7b:c0:c6: 56:1b:90:07:55:25:2c:e4:12:a3:c6:c6:25:ad:6d: 98:f3:74:9d:e1:67:47:3a:5d:48:96:99:e9:37:c3: 21:ea:5c:9f:0b:dd:9f:2c:68:43:57:b1:d1:d7:0c: 97:aa:d4:cf:da:4c:e3:4a:e0:3b:ec:cc:13:ec:60: d6:c1:69:bf:0b:af:fb:e9:78:4d:90:43:b0:ac:a3: 8d:b4:97:e3:96:24:e3:0b:06:5f:20:dd:a3:ba:5a: 2d:4d:47:c1:4d:c6:69:5d:5a:81:33:35:f5:9e:c4: 2f:70:16:89:50:72:0a:fa:ae:3f:10:7b:90:64:25: d7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:AA:01:07:F0:7B:FC:30:2B:3B:44:65:28:EA:58:3F:1D:74:4E:91 X509v3 Authority Key Identifier: keyid:89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:c0:62:cd:00:e2:7f:b8:04:21:b1:b0:bf:87:e7:31:ab:4d: d8:f3:8e:ea:a1:ef:42:62:34:3c:1b:a5:92:fd:a6:2e:79:93: ee:5c:98:65:e5:8d:e0:a8:42:c4:e0:34:d4:20:ba:4c:fe:6c: 5a:b0:60:d0:ab:5e:9f:97:6f:ea:31:5b:ab:9c:14:31:34:f8: 25:ff:04:0a:47:d5:b7:91:56:05:eb:87:79:48:e2:1b:26:fb: aa:e1:a0:49:c6:0a:1e:9c:5e:54:f3:cb:d8:29:2d:4e:3d:49: 33:b0:f8:bb:f6:c8:67:6c:cd:e2:f0:37:dd:7f:ba:bf:b2:9b: 50:2e:5e:f3:1f:48:c7:71:2a:58:d7:af:49:c8:f3:1d:ea:86: ab:e8:d4:fd:10:01:61:e3:da:54:6b:43:b0:bc:c7:68:d6:d9: 5a:e3:86:e6:32:0d:42:df:b2:94:7d:77:41:b2:3d:dc:20:29: 05:d0:9d:9b:c9:2e:9d:4a:22:9a:f1:6e:3e:f9:5e:79:a6:b7: 04:95:f2:31:9f:d9:36:42:38:5a:03:df:6a:db:40:9f:e7:c2: 90:fe:1b:b3:88:aa:f3:e4:c6:74:6b:67:ed:5d:e0:1e:26:ca: cd:33:67:b4:d9:db:4e:2f:03:54:97:d8:3a:1d:f4:c9:32:5c: cf:4f:2d:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIwNDYxMTAvBgNVBAUTKDg5NDgwOTYzMDk1NjkyNDM4MkNDMzlENDYwRkE0NzY0 QjAxNzU5MzQwHhcNMjUwNjEyMTgzNDMzWhcNMjUwNjE5MTgzNDMzWjAYMRYwFAYD VQQDEw02ODRiMWRiOS00NzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtBDSKvqmfBreLUT+hnUds9c/4VaMOQt1Fx0Uri3Cw43z0Q+e6yc8gQcpSXHW dpNKAXT/gvNvCsa2ACJhOE3TyP/3EQcNTrF9vKYJLohfg6NDNukcIDc8ts3XvwA0 HHVep2gM1dBa8vhWQoypkV5Nz8B7SKpwSUNpKQLDCwtF5aNCTBl7wMZWG5AHVSUs 5BKjxsYlrW2Y83Sd4WdHOl1IlpnpN8Mh6lyfC92fLGhDV7HR1wyXqtTP2kzjSuA7 7MwT7GDWwWm/C6/76XhNkEOwrKONtJfjliTjCwZfIN2julotTUfBTcZpXVqBMzX1 nsQvcBaJUHIK+q4/EHuQZCXX5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOqAQfw e/wwKztEZSjqWD8ddE6RMB8GA1UdIwQYMBaAFIlICWMJVpJDgsw51GD6R2SwF1k0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjA0Ni8zRkIwMkFFMjE0 RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2trT0N6RG5VWVBwSFpMQVhX VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lVZ0pZd2xXa2tPQ3pEblVZUHBIWkxBWFdUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjA0Ni8zRkIwMkFFMjE0RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2tr T0N6RG5VWVBwSFpMQVhXVFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQwGLNAOJ/uAQhsbC/h+cxq03Y847qoe9CYjQ8G6WS/aYueZPuXJhl 5Y3gqELE4DTUILpM/mxasGDQq16fl2/qMVurnBQxNPgl/wQKR9W3kVYF64d5SOIb Jvuq4aBJxgoenF5U88vYKS1OPUkzsPi79shnbM3i8Dfdf7q/sptQLl7zH0jHcSpY 169JyPMd6oar6NT9EAFh49pUa0OwvMdo1tla44bmMg1C37KUfXdBsj3cICkF0J2b yS6dSiKa8W4++V55prcElfIxn9k2QjhaA99q20Cf58KQ/huziKrz5MZ0a2ftXeAe JsrNM2e02dtOLwNUl9g6HfTJMlzPTy3h -----END CERTIFICATE-----Generated at Sat Jun 14 19:35:14 2025 by rpki-client