$ rpki-client -vvf rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.mft File: AZgxEf1vCyfiQEY7aKehmEXHuwo.mft (raw, json) Hash identifier: zeC53nfMiO3mM95U55+pSAvfC0+vTYsA69sPXQoq318= Subject key identifier: B1:71:B5:F8:84:F8:A2:2C:D3:E8:E8:36:52:44:E9:86:2E:12:95:04 Authority key identifier: 01:98:31:11:FD:6F:0B:27:E2:40:46:3B:68:A7:A1:98:45:C7:BB:0A Certificate issuer: /CN=A91513B0/serialNumber=01983111FD6F0B27E240463B68A7A19845C7BB0A Certificate serial: 0517 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AZgxEf1vCyfiQEY7aKehmEXHuwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.mft Manifest number: 0509 Signing time: Sat 28 Jun 2025 23:14:31 +0000 Manifest this update: Sat 28 Jun 2025 23:14:31 +0000 Manifest next update: Sat 05 Jul 2025 23:14:31 +0000 Files and hashes: 1: AZgxEf1vCyfiQEY7aKehmEXHuwo.crl (hash: IqlqKLckUBeq4w5sRvJ1i+2ujQTRLr+qVsEA470Qo8I=) 2: 4FE459C8B97211EFA7B7E47DC4F9AE02.roa (hash: m7WV1VKI7ClZpgbpWthM6Ip2WNf7bXuqABVjburQENc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.crl rsync://rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AZgxEf1vCyfiQEY7aKehmEXHuwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 23:14:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1303 (0x517) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91513B0, serialNumber=01983111FD6F0B27E240463B68A7A19845C7BB0A Validity Not Before: Jun 28 23:14:31 2025 GMT Not After : Jul 5 23:14:31 2025 GMT Subject: CN=68607757-47a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:29:16:7b:ed:80:ec:09:51:2f:8c:92:30:58: 21:56:93:56:ba:cb:02:97:6c:e5:53:6b:57:e7:a3: ef:59:ab:8b:fd:06:6c:ff:86:36:69:2b:56:f0:19: 0a:5a:93:f7:5a:4d:0e:88:9f:4a:03:99:91:13:bf: 2b:33:a2:9c:b8:cd:34:3b:ad:b6:ed:50:be:1f:15: b6:86:af:1a:ce:0e:35:2e:2f:bb:0e:40:bd:d6:72: 62:11:b7:2e:47:e4:9c:4d:b0:3e:c4:8e:62:e7:32: 16:67:85:64:48:7a:64:d1:8c:1b:b3:d2:20:41:79: cb:50:7f:5f:e0:a3:15:70:62:4d:59:93:0e:82:80: f9:a7:3f:cd:ad:17:15:97:08:01:79:8f:22:26:f5: ec:99:41:16:57:c7:a2:04:80:d9:fc:53:45:96:2a: 99:3d:ad:5f:ee:b0:4d:e9:6f:8f:46:b4:05:90:c1: ee:b5:b6:95:bd:ee:9c:16:72:ac:8a:35:a1:a1:e0: 95:60:c7:f3:53:81:ef:5c:d3:34:3b:00:86:a1:fe: 49:fe:11:67:34:f4:1a:39:c5:d6:56:87:6e:f8:84: 8e:7b:13:ad:4d:5e:bb:49:5e:43:a3:50:3f:93:a7: 7a:20:d2:43:3f:3a:0d:19:05:d1:dc:0a:d8:d0:28: d1:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:71:B5:F8:84:F8:A2:2C:D3:E8:E8:36:52:44:E9:86:2E:12:95:04 X509v3 Authority Key Identifier: keyid:01:98:31:11:FD:6F:0B:27:E2:40:46:3B:68:A7:A1:98:45:C7:BB:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AZgxEf1vCyfiQEY7aKehmEXHuwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91513B0/138E1430144F11EC8917D00CC4F9AE02/AZgxEf1vCyfiQEY7aKehmEXHuwo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c6:b3:8c:8e:ae:9e:ff:6e:8d:0e:da:fd:aa:c6:5f:0e:86:47: 54:07:45:8b:1e:8f:7f:aa:36:02:12:d7:38:6e:b6:ec:c0:0f: 7f:a1:af:11:68:b1:4e:2d:af:2e:b2:cf:da:d7:cc:9b:7f:f7: 87:de:73:9c:eb:27:53:57:76:06:28:16:e7:91:91:4c:b1:ec: 52:1c:f1:3e:96:87:1d:2f:2b:dc:1a:1d:73:fd:48:61:26:3d: 32:58:5b:c1:de:d7:72:2f:99:7d:d5:c1:80:4c:3e:8d:e8:58: ba:01:de:0c:2b:77:40:27:1d:f0:31:87:2c:b9:96:21:9c:83: 51:67:0b:a8:ad:67:b6:11:1f:82:40:f4:3a:aa:fa:30:46:b1: 97:09:dc:2e:5a:c9:f5:29:25:d7:d3:4b:80:ae:6d:2f:25:8b: ac:4b:71:23:d9:51:c5:1c:21:8f:48:ca:e0:d9:c2:a4:6e:6c: 02:c6:3a:03:bb:72:96:d3:5c:2e:35:67:b9:67:be:a0:14:07: 70:63:b1:d4:f6:f8:24:f6:bb:d6:b3:f5:5b:61:88:a6:f9:b1: f1:b5:7d:fc:db:c0:8c:f3:7c:9c:ae:f8:1b:71:be:9c:7d:14: 3b:74:e9:b5:55:65:0a:8c:60:03:2f:d6:1c:4c:60:7a:c0:c6: b5:a5:00:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTEzQjAxMTAvBgNVBAUTKDAxOTgzMTExRkQ2RjBCMjdFMjQwNDYzQjY4QTdBMTk4 NDVDN0JCMEEwHhcNMjUwNjI4MjMxNDMxWhcNMjUwNzA1MjMxNDMxWjAYMRYwFAYD VQQDEw02ODYwNzc1Ny00N2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+SkWe+2A7AlRL4ySMFghVpNWussCl2zlU2tX56PvWauL/QZs/4Y2aStW8BkK WpP3Wk0OiJ9KA5mRE78rM6KcuM00O6227VC+HxW2hq8azg41Li+7DkC91nJiEbcu R+ScTbA+xI5i5zIWZ4VkSHpk0Ywbs9IgQXnLUH9f4KMVcGJNWZMOgoD5pz/NrRcV lwgBeY8iJvXsmUEWV8eiBIDZ/FNFliqZPa1f7rBN6W+PRrQFkMHutbaVve6cFnKs ijWhoeCVYMfzU4HvXNM0OwCGof5J/hFnNPQaOcXWVodu+ISOexOtTV67SV5Do1A/ k6d6INJDPzoNGQXR3ArY0CjRRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLFxtfiE +KIs0+joNlJE6YYuEpUEMB8GA1UdIwQYMBaAFAGYMRH9bwsn4kBGO2inoZhFx7sK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTNCMC8xMzhFMTQzMDE0 NEYxMUVDODkxN0QwMENDNEY5QUUwMi9BWmd4RWYxdkN5ZmlRRVk3YUtlaG1FWEh1 d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FaZ3hFZjF2Q3lmaVFFWTdhS2VobUVYSHV3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTNCMC8xMzhFMTQzMDE0NEYxMUVDODkxN0QwMENDNEY5QUUwMi9BWmd4RWYxdkN5 ZmlRRVk3YUtlaG1FWEh1d28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDGs4yOrp7/bo0O2v2qxl8OhkdUB0WLHo9/qjYCEtc4brbswA9/oa8R aLFOLa8uss/a18ybf/eH3nOc6ydTV3YGKBbnkZFMsexSHPE+locdLyvcGh1z/Uhh Jj0yWFvB3tdyL5l91cGATD6N6Fi6Ad4MK3dAJx3wMYcsuZYhnINRZwuorWe2ER+C QPQ6qvowRrGXCdwuWsn1KSXX00uArm0vJYusS3Ej2VHFHCGPSMrg2cKkbmwCxjoD u3KW01wuNWe5Z76gFAdwY7HU9vgk9rvWs/VbYYim+bHxtX3828CM83ycrvgbcb6c fRQ7dOm1VWUKjGADL9YcTGB6wMa1pQCT -----END CERTIFICATE-----Generated at Sun Jun 29 11:39:31 2025 by rpki-client