$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft File: 5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft (raw, json) Hash identifier: VegfRyq29uelIb5qsU0Jq44/PUfDaT4YR1Zh3oDGHKc= Subject key identifier: C3:78:14:2F:54:0A:5D:1B:F3:CE:9A:E4:2C:DD:72:3F:D9:62:5C:55 Authority key identifier: E7:3F:B8:86:8D:D3:B4:61:EA:1A:67:3C:7A:36:94:52:35:E9:CA:AE Certificate issuer: /CN=A91FCEB1/serialNumber=E73FB8868DD3B461EA1A673C7A36945235E9CAAE Certificate serial: 070B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft Manifest number: 2187 Signing time: Wed 18 Jun 2025 15:58:19 +0000 Manifest this update: Wed 18 Jun 2025 15:58:18 +0000 Manifest next update: Wed 25 Jun 2025 15:58:18 +0000 Files and hashes: 1: 5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl (hash: 3ZIddk8Jz1nBcyU9lR6yAnfTLqN+zTp+eLN/A1iGYRE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 15:58:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1803 (0x70b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCEB1, serialNumber=E73FB8868DD3B461EA1A673C7A36945235E9CAAE Validity Not Before: Jun 18 15:58:18 2025 GMT Not After : Jun 25 15:58:18 2025 GMT Subject: CN=6852e21b-c0c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:7c:3c:25:0a:84:89:67:d5:66:fc:32:33:dd: 12:b9:c9:b4:58:4e:ce:0e:79:6c:03:a8:23:69:6b: 61:02:57:f3:3c:22:1b:76:37:de:9f:43:d2:37:1c: 75:23:db:0b:9d:2a:53:d5:85:20:70:a3:d8:13:b2: 74:e2:a6:26:6a:9f:79:ee:7b:56:25:f4:f1:89:85: 73:55:23:87:33:5b:81:14:e4:42:58:eb:2c:ec:a7: 88:d5:6d:e2:bc:f9:73:13:cf:f0:2d:ca:bc:f1:9a: 00:a4:1c:da:f9:06:d1:61:b9:62:34:8f:69:9f:c1: d1:7a:ff:f4:dc:90:07:a8:c4:4a:73:90:22:06:8e: af:2e:a1:ce:39:f4:ca:a2:94:29:5c:1a:0b:ca:71: 65:dc:3c:15:5d:fc:4d:8f:52:7e:76:b2:14:3c:30: 0c:3c:59:f3:29:a3:d1:f4:8b:17:00:b6:70:96:76: 47:c2:78:f9:b2:db:78:f5:5f:e6:c5:ff:73:30:d6: ad:23:f4:a1:4c:39:ee:94:b6:59:8d:c0:5e:eb:45: ef:66:c4:4d:a9:3b:98:af:a8:13:8a:8f:a9:5d:89: 56:45:7d:f2:17:ea:42:4c:81:b4:8d:1e:1b:42:cc: c3:25:e8:de:4f:f6:fc:0d:6f:05:95:42:43:11:14: b9:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:78:14:2F:54:0A:5D:1B:F3:CE:9A:E4:2C:DD:72:3F:D9:62:5C:55 X509v3 Authority Key Identifier: keyid:E7:3F:B8:86:8D:D3:B4:61:EA:1A:67:3C:7A:36:94:52:35:E9:CA:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5z-4ho3TtGHqGmc8ejaUUjXpyq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/9C14B4063A2111E79AA0D51CC4F9AE02/5z-4ho3TtGHqGmc8ejaUUjXpyq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:32:9f:68:40:64:69:b4:20:2b:96:e5:a0:ad:b0:9f:9f:c5: 36:6b:f6:04:89:f8:11:59:d1:0b:be:61:36:f9:ff:e8:82:6f: 36:f4:ce:b5:78:d6:1c:ff:71:20:f7:02:8a:49:98:13:9d:ac: 3f:aa:30:09:b3:2f:46:77:0a:d3:05:b4:ef:ce:b3:b5:f6:56: b2:03:ba:29:88:05:c5:d1:fa:6c:ed:be:45:16:90:aa:4b:02: 4a:4d:8f:93:6f:56:9c:0f:75:d2:c8:9b:95:ed:5e:69:3f:68: 05:37:a3:2b:ee:de:8b:07:cf:2f:6d:e5:e5:82:41:b7:84:ff: e9:77:4a:f8:67:ef:f4:13:7c:d8:d4:11:b9:a1:8f:8c:4b:86: 1c:22:aa:e0:60:f4:6c:6d:40:10:05:b8:c3:ba:bf:80:3f:84: 4d:26:ab:b9:d4:3e:e8:36:0b:84:f4:20:fb:97:98:c1:39:f6: d3:05:0e:8b:98:83:50:b8:0e:20:9f:c3:32:39:fa:4d:da:de: 3c:38:c1:fa:17:f8:d3:3d:60:bd:2e:25:92:e2:49:81:5f:8a: 22:84:6a:78:39:ae:14:ef:84:9e:e7:56:2c:ee:90:46:2e:b2: 67:5a:d9:ed:7d:ee:8b:db:f3:eb:3a:b2:98:47:57:15:98:c3: 16:cd:96:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNFQjExMTAvBgNVBAUTKEU3M0ZCODg2OEREM0I0NjFFQTFBNjczQzdBMzY5NDUy MzVFOUNBQUUwHhcNMjUwNjE4MTU1ODE4WhcNMjUwNjI1MTU1ODE4WjAYMRYwFAYD VQQDEw02ODUyZTIxYi1jMGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4nw8JQqEiWfVZvwyM90Sucm0WE7ODnlsA6gjaWthAlfzPCIbdjfen0PSNxx1 I9sLnSpT1YUgcKPYE7J04qYmap957ntWJfTxiYVzVSOHM1uBFORCWOss7KeI1W3i vPlzE8/wLcq88ZoApBza+QbRYbliNI9pn8HRev/03JAHqMRKc5AiBo6vLqHOOfTK opQpXBoLynFl3DwVXfxNj1J+drIUPDAMPFnzKaPR9IsXALZwlnZHwnj5stt49V/m xf9zMNatI/ShTDnulLZZjcBe60XvZsRNqTuYr6gTio+pXYlWRX3yF+pCTIG0jR4b QszDJejeT/b8DW8FlUJDERS5gQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMN4FC9U Cl0b886a5Czdcj/ZYlxVMB8GA1UdIwQYMBaAFOc/uIaN07Rh6hpnPHo2lFI16cqu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0VCMS85QzE0QjQwNjNB MjExMUU3OUFBMEQ1MUNDNEY5QUUwMi81ei00aG8zVHRHSHFHbWM4ZWphVVVqWHB5 cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzV6LTRobzNUdEdIcUdtYzhlamFVVWpYcHlxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0VCMS85QzE0QjQwNjNBMjExMUU3OUFBMEQ1MUNDNEY5QUUwMi81ei00aG8zVHRH SHFHbWM4ZWphVVVqWHB5cTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUMp9oQGRptCArluWgrbCfn8U2a/YEifgRWdELvmE2+f/ogm829M61 eNYc/3Eg9wKKSZgTnaw/qjAJsy9GdwrTBbTvzrO19layA7opiAXF0fps7b5FFpCq SwJKTY+Tb1acD3XSyJuV7V5pP2gFN6Mr7t6LB88vbeXlgkG3hP/pd0r4Z+/0E3zY 1BG5oY+MS4YcIqrgYPRsbUAQBbjDur+AP4RNJqu51D7oNguE9CD7l5jBOfbTBQ6L mINQuA4gn8MyOfpN2t48OMH6F/jTPWC9LiWS4kmBX4oihGp4Oa4U74Se51Ys7pBG LrJnWtntfe6L2/PrOrKYR1cVmMMWzZZ4 -----END CERTIFICATE-----Generated at Thu Jun 19 23:13:45 2025 by rpki-client