$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: LAW05bGDUoyLLcAVErYdVf8NyVkJYWg/KSQ1I3HEm9A= Subject key identifier: E8:44:E4:60:D3:75:ED:6F:DB:08:FA:6D:6C:90:78:83:84:4D:24:16 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 39 Signing time: Fri 13 Jun 2025 06:29:21 +0000 Manifest this update: Fri 13 Jun 2025 06:29:21 +0000 Manifest next update: Fri 20 Jun 2025 06:29:21 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: fMLe7DeKvoiFzkfzzDdHFOZme4FmFxz0Ylx8EpEPDV8=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 06:29:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985, serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Validity Not Before: Jun 13 06:29:21 2025 GMT Not After : Jun 20 06:29:21 2025 GMT Subject: CN=684bc541-5f36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4b:21:5d:12:05:6b:77:3e:e2:4e:99:25:24: b4:66:b2:8c:5c:e8:8a:b7:ce:66:bb:92:bc:53:43: cd:23:c9:6d:77:5d:f7:c2:01:7a:89:17:6f:d8:4d: 6c:e2:7b:11:f2:be:89:00:ac:b6:d8:11:eb:cb:92: 22:06:5f:22:e0:e9:bc:49:5a:1c:ca:ed:76:d0:fa: 20:f5:1d:3b:bb:c6:a4:48:95:e6:1f:a9:28:fc:14: 0c:5f:93:e6:d0:7d:4e:ca:8b:fd:66:e7:14:76:e8: 0e:5d:ee:6c:d1:6d:f0:b8:fe:75:ac:84:26:79:48: 70:52:8b:6a:09:93:f4:6b:24:0d:2b:1a:09:7d:77: bd:25:20:05:76:7b:01:ba:fb:a6:bf:1a:98:44:f6: d1:81:31:a2:cd:5b:f2:e1:c9:b1:12:6b:88:7e:d6: 71:bc:73:26:99:37:be:6c:f6:5f:40:66:fd:a5:dd: f3:6e:f9:75:a9:95:43:39:0e:46:ae:8a:aa:07:59: d6:cc:d2:dc:5c:1b:a0:a5:7d:e3:5b:9c:9c:d0:59: 81:f2:61:da:f6:1a:79:b9:fa:db:0e:85:c6:c4:a2: 70:37:5e:c2:27:74:6e:64:09:2b:55:e7:2d:50:d6: 68:a5:3f:fc:e3:7e:70:1d:de:7e:46:09:17:78:5d: 1b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:44:E4:60:D3:75:ED:6F:DB:08:FA:6D:6C:90:78:83:84:4D:24:16 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:64:d1:52:9a:cf:8d:a0:5d:08:b7:8f:62:94:0a:6d:fe:81: a9:c5:3a:d5:0e:a7:3e:31:20:aa:31:8b:b1:68:4e:46:9b:f4: 2a:be:de:c1:3f:35:d2:e5:48:68:ed:5d:b5:2c:3e:ee:93:a5: 03:ab:40:52:3a:22:c8:c5:d6:93:95:be:e8:a2:e3:b1:e8:91: 2e:e0:7f:21:a2:ae:a7:de:17:a0:56:ff:67:45:b0:a3:6a:c8: 3a:bb:3f:b6:7b:e7:51:f6:01:57:6d:a2:1f:e4:2f:47:93:90: 7c:15:07:b1:a9:f5:64:7d:b2:1b:a4:3a:a7:e8:22:e0:f4:bb: b9:a6:ac:e4:85:c7:d8:d9:72:04:c5:4d:3b:18:66:fa:ab:65: aa:54:6d:40:67:8d:7d:8a:71:e3:49:ea:14:d4:76:0e:8f:f5: 50:7f:ad:64:a0:f0:5d:2f:65:4b:8e:d2:b7:64:f1:2e:50:21: 2b:7a:fc:f2:1d:85:ea:3f:d1:32:cc:a2:fa:60:f5:24:28:e7: 7c:eb:2a:46:22:6c:f5:73:ba:ad:08:93:99:aa:92:cd:eb:89: 02:59:66:6b:25:bc:de:59:c7:64:e8:b8:be:b4:85:95:c5:91: e2:f7:7f:90:1a:15:0c:72:49:1c:55:b6:1a:62:b8:19:0a:b1: 68:64:b1:83 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Qzk4NTExMC8GA1UEBRMoMjlBREIzOUI2MjBFQUUzQ0I4QUZDQTJDQTE4NUY1QzQ4 NzZGRDA0MzAeFw0yNTA2MTMwNjI5MjFaFw0yNTA2MjAwNjI5MjFaMBgxFjAUBgNV BAMTDTY4NGJjNTQxLTVmMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCXSyFdEgVrdz7iTpklJLRmsoxc6Iq3zma7krxTQ80jyW13XffCAXqJF2/YTWzi exHyvokArLbYEevLkiIGXyLg6bxJWhzK7XbQ+iD1HTu7xqRIleYfqSj8FAxfk+bQ fU7Ki/1m5xR26A5d7mzRbfC4/nWshCZ5SHBSi2oJk/RrJA0rGgl9d70lIAV2ewG6 +6a/GphE9tGBMaLNW/LhybESa4h+1nG8cyaZN75s9l9AZv2l3fNu+XWplUM5Dkau iqoHWdbM0txcG6ClfeNbnJzQWYHyYdr2Gnm5+tsOhcbEonA3XsIndG5kCStV5y1Q 1milP/zjfnAd3n5GCRd4XRuLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU6ETkYNN1 7W/bCPptbJB4g4RNJBYwHwYDVR0jBBgwFoAUKa2zm2IOrjy4r8osoYX1xIdv0EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDOTg1LzY3M0FBMkY0RjVC NzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Eyem0ySU9yank0cjhvc29ZWDF4SWR2MEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD OTg1LzY3M0FBMkY0RjVCNzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5 NHI4b3NvWVgxeElkdjBFTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKhk0VKaz42gXQi3j2KUCm3+ganFOtUOpz4xIKoxi7FoTkab9Cq+3sE/ NdLlSGjtXbUsPu6TpQOrQFI6IsjF1pOVvuii47HokS7gfyGirqfeF6BW/2dFsKNq yDq7P7Z751H2AVdtoh/kL0eTkHwVB7Gp9WR9shukOqfoIuD0u7mmrOSFx9jZcgTF TTsYZvqrZapUbUBnjX2KceNJ6hTUdg6P9VB/rWSg8F0vZUuO0rdk8S5QISt6/PId heo/0TLMovpg9SQo53zrKkYibPVzuq0Ik5mqks3riQJZZmslvN5Zx2TouL60hZXF keL3f5AaFQxySRxVthpiuBkKsWhksYM= -----END CERTIFICATE-----Generated at Sat Jun 14 19:40:00 2025 by rpki-client