$ rpki-client -vvf rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft File: x40eWVkb4MdSTTa9-FyKxuoZD44.mft (raw, json) Hash identifier: dCAru/FRKNTpPjwQ2o0U/W+XmPN94ZKOrfcUEe76rXw= Subject key identifier: 0D:0F:C2:FE:34:E4:E1:25:F3:88:22:8B:FC:AA:E3:01:E3:66:6C:43 Authority key identifier: C7:8D:1E:59:59:1B:E0:C7:52:4D:36:BD:F8:5C:8A:C6:EA:19:0F:8E Certificate issuer: /CN=A91554E6/serialNumber=C78D1E59591BE0C7524D36BDF85C8AC6EA190F8E Certificate serial: 0141 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft Manifest number: 041C Signing time: Tue 01 Jul 2025 01:59:23 +0000 Manifest this update: Tue 01 Jul 2025 01:59:23 +0000 Manifest next update: Tue 08 Jul 2025 01:59:23 +0000 Files and hashes: 1: x40eWVkb4MdSTTa9-FyKxuoZD44.crl (hash: vM6YksqjLUWG85Q1kNhal36oLGhmVdhpgwng9OySoOQ=) 2: 2F9887306F0D11EE9B369C60C4F9AE02.roa (hash: 1zvSdpAHw0fs7lwNzlneLRJlvrtEo2uuRtlcQwqc+2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.crl rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:59:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 321 (0x141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91554E6, serialNumber=C78D1E59591BE0C7524D36BDF85C8AC6EA190F8E Validity Not Before: Jul 1 01:59:23 2025 GMT Not After : Jul 8 01:59:23 2025 GMT Subject: CN=686340fb-d5ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b9:3b:b3:0c:33:10:12:e5:1c:76:c9:f4:aa: 5e:2c:fc:58:31:3a:69:7c:96:19:c9:f6:74:69:a7: 10:02:d3:c9:24:29:3d:ae:d2:94:f3:4e:fb:80:dd: 19:56:42:a1:ec:1d:46:b6:68:89:a6:19:5d:ee:80: 60:53:b6:23:d0:47:54:32:2e:fa:16:5c:5e:b7:1f: 4a:77:e9:b1:a0:aa:55:bf:47:b4:36:6b:29:d8:9e: 74:37:76:67:52:bf:a1:1e:ee:8a:c2:bd:7c:54:35: f5:54:5b:82:5d:bf:75:f2:4f:83:cc:65:ed:14:6a: 6a:11:a3:56:1b:72:81:60:a3:4e:74:7b:14:96:e6: ff:c9:e5:4e:65:41:59:02:d3:23:78:e0:fb:61:5f: c9:9f:b1:3b:61:1f:0b:f3:4a:7f:58:6a:6c:2b:6c: 74:5c:66:6a:bb:e0:d7:28:5f:9a:a7:b0:a9:01:47: 2c:f9:e6:8a:b6:02:6f:fb:d7:c6:1e:6d:9f:74:46: 2f:52:c0:98:32:e5:27:a2:40:90:04:96:c6:4a:6c: 6b:8d:9c:66:62:e8:21:ba:37:c0:d6:18:ed:25:0a: 00:1f:79:c5:7d:a2:6b:08:a1:8a:a0:e6:97:24:46: d3:3b:1d:7b:3c:30:d8:5b:6d:38:69:73:be:54:dc: 52:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:0F:C2:FE:34:E4:E1:25:F3:88:22:8B:FC:AA:E3:01:E3:66:6C:43 X509v3 Authority Key Identifier: keyid:C7:8D:1E:59:59:1B:E0:C7:52:4D:36:BD:F8:5C:8A:C6:EA:19:0F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:49:23:9e:1c:59:d5:aa:f7:04:e9:d6:1f:c6:d5:3e:0f:30: 52:f8:5f:2e:d8:ce:4a:7a:42:56:fe:ef:dd:25:56:89:4a:a2: f6:50:91:c6:83:62:f9:1c:80:2d:22:ba:01:5b:f4:37:df:d2: cf:02:50:b1:b3:9f:3d:64:8b:f2:66:0b:0b:25:59:66:dd:3b: 90:86:3d:88:01:f2:86:e7:70:66:ee:d7:76:de:6e:51:ea:aa: cd:33:c3:64:2a:ec:d6:4d:8b:bf:c8:f7:49:d7:9f:f8:28:6b: b0:5c:b2:2f:dd:59:f5:2f:ca:91:f6:b2:4e:65:6d:4f:cd:60: 67:2a:e3:6c:7c:db:fc:e0:dd:37:c1:b5:c1:dd:fb:43:e3:8e: 98:58:cc:82:a2:c1:9a:b9:e8:76:ed:4a:e3:f7:b0:38:94:60: 08:fa:73:c4:9d:7d:0f:a0:5a:8c:bf:05:b2:e6:8e:c7:75:e1: 68:47:fe:6f:09:55:54:cd:5b:2f:85:0b:0b:1f:bf:26:db:28: 1b:5d:fb:b2:05:a1:47:69:70:74:fb:40:b3:31:af:62:ed:bc: dc:08:5e:c3:46:54:c6:9c:4a:21:0d:fd:67:35:cb:13:55:2f: 51:09:e9:02:c8:ca:52:40:dc:c4:60:5b:19:12:9e:05:3f:df: 8d:9d:92:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU0RTYxMTAvBgNVBAUTKEM3OEQxRTU5NTkxQkUwQzc1MjREMzZCREY4NUM4QUM2 RUExOTBGOEUwHhcNMjUwNzAxMDE1OTIzWhcNMjUwNzA4MDE1OTIzWjAYMRYwFAYD VQQDEw02ODYzNDBmYi1kNWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7k7swwzEBLlHHbJ9KpeLPxYMTppfJYZyfZ0aacQAtPJJCk9rtKU8077gN0Z VkKh7B1GtmiJphld7oBgU7Yj0EdUMi76Flxetx9Kd+mxoKpVv0e0Nmsp2J50N3Zn Ur+hHu6Kwr18VDX1VFuCXb918k+DzGXtFGpqEaNWG3KBYKNOdHsUlub/yeVOZUFZ AtMjeOD7YV/Jn7E7YR8L80p/WGpsK2x0XGZqu+DXKF+ap7CpAUcs+eaKtgJv+9fG Hm2fdEYvUsCYMuUnokCQBJbGSmxrjZxmYughujfA1hjtJQoAH3nFfaJrCKGKoOaX JEbTOx17PDDYW204aXO+VNxSnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0Pwv40 5OEl84gii/yq4wHjZmxDMB8GA1UdIwQYMBaAFMeNHllZG+DHUk02vfhcisbqGQ+O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTRFNi85RjA2Nzc0OEVE NEIxMUVDQUI4RkFBNzdDNEY5QUUwMi94NDBlV1ZrYjRNZFNUVGE5LUZ5S3h1b1pE NDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g0MGVXVmtiNE1kU1RUYTktRnlLeHVvWkQ0NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTRFNi85RjA2Nzc0OEVENEIxMUVDQUI4RkFBNzdDNEY5QUUwMi94NDBlV1ZrYjRN ZFNUVGE5LUZ5S3h1b1pENDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBsSSOeHFnVqvcE6dYfxtU+DzBS+F8u2M5KekJW/u/dJVaJSqL2UJHG g2L5HIAtIroBW/Q339LPAlCxs589ZIvyZgsLJVlm3TuQhj2IAfKG53Bm7td23m5R 6qrNM8NkKuzWTYu/yPdJ15/4KGuwXLIv3Vn1L8qR9rJOZW1PzWBnKuNsfNv84N03 wbXB3ftD446YWMyCosGaueh27Urj97A4lGAI+nPEnX0PoFqMvwWy5o7HdeFoR/5v CVVUzVsvhQsLH78m2ygbXfuyBaFHaXB0+0CzMa9i7bzcCF7DRlTGnEohDf1nNcsT VS9RCekCyMpSQNzEYFsZEp4FP9+NnZLA -----END CERTIFICATE-----Generated at Wed Jul 2 04:14:12 2025 by rpki-client