$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft File: dOW7m208x_jCmoO9yEkrllnw7hc.mft (raw, json) Hash identifier: my72i0dILm+HZPjVnUT74CIULEpyCLfyJzecXTC3DTo= Subject key identifier: 82:1E:B8:08:FA:C4:A7:11:CB:CE:49:20:3B:F3:B4:7C:60:AE:E0:13 Authority key identifier: 74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17 Certificate issuer: /CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17 Certificate serial: 0EA5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft Manifest number: 0D67 Signing time: Wed 02 Jul 2025 19:16:57 +0000 Manifest this update: Wed 02 Jul 2025 19:16:56 +0000 Manifest next update: Wed 09 Jul 2025 19:16:56 +0000 Files and hashes: 1: dOW7m208x_jCmoO9yEkrllnw7hc.crl (hash: 0VMuZwCqVcLGSfOEmHbtM4y+g6P6zfYcD033M9MG5bY=) 2: 1CC3EA9EF83911EF9736296CC4F9AE02.roa (hash: FUaxIwT8oQPFQvtlBuPBG4NZ0X8Kt1OafVy1ZW0KAks=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:16:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3749 (0xea5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91620E0, serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17 Validity Not Before: Jul 2 19:16:56 2025 GMT Not After : Jul 9 19:16:56 2025 GMT Subject: CN=686585a8-25a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a4:28:95:f8:4b:fd:2f:ae:7c:6d:4f:8a:58: 4e:30:62:a1:bf:c4:b0:46:40:f6:16:df:c6:b4:d9: c3:cf:4e:f9:cd:33:e0:c8:8e:14:b5:a5:f6:a6:6b: 30:00:eb:f4:90:52:22:c5:aa:ea:60:95:21:31:08: 2b:76:7e:76:60:ed:83:60:44:8f:b3:97:f9:16:b0: cd:48:22:dd:2d:03:06:29:98:a7:a8:68:da:9b:42: 16:5b:34:d9:00:79:3c:90:38:25:5a:81:a1:d8:d1: 92:73:cf:dd:40:77:1a:ba:01:2a:17:82:7b:68:4a: e0:15:3f:55:b8:ac:0f:46:f0:ff:00:cd:cb:06:8c: 4e:7f:b5:9f:7a:c1:3d:64:ca:17:45:db:b3:09:b4: 7f:81:fa:31:1c:eb:e7:c3:a7:34:e4:8f:1b:84:3d: f2:6e:cd:ed:6c:7c:e4:e9:29:75:02:2e:53:ca:0b: 34:40:e7:3c:1b:c2:07:ff:dc:95:4e:b2:f0:db:1a: a8:9c:3d:0d:80:3c:c8:9e:1b:20:65:63:0c:16:a7: 92:8a:e9:e5:95:75:a1:e3:d9:d2:c1:26:31:66:8f: dd:89:2d:b3:27:aa:4b:74:ea:e0:46:5f:8c:cb:4f: e0:ce:e6:3e:5e:34:5e:97:a0:07:b1:42:b1:39:a7: 38:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:1E:B8:08:FA:C4:A7:11:CB:CE:49:20:3B:F3:B4:7C:60:AE:E0:13 X509v3 Authority Key Identifier: keyid:74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:12:a7:52:11:1b:0e:9e:4c:2a:c4:ce:de:ef:fe:0d:30:11: 81:7b:69:cb:f4:7d:62:1a:76:0e:11:29:c3:21:d1:a9:72:89: 55:55:3b:44:44:f8:0d:0b:67:dd:2d:e0:2e:1e:b4:2e:11:34: 89:50:c6:19:3e:6e:f2:41:23:79:8b:02:8b:7f:10:cb:77:ff: d7:c0:54:11:38:ed:7f:14:86:e4:04:ab:e2:30:ca:b6:89:26: d2:7e:4c:ac:4d:d2:09:af:d9:f4:96:a8:89:6d:28:0e:44:17: 61:1c:5e:3f:11:12:c0:f8:2f:c4:b1:8d:38:f8:ea:3d:20:96: b2:64:9e:38:04:3d:53:01:80:2b:8b:a2:6b:f5:c7:31:57:ec: 20:c7:94:aa:4a:ce:d3:f3:a4:69:37:fd:fb:26:28:12:60:00: fc:74:b6:62:e4:95:90:f9:27:de:e8:ce:56:40:fa:ed:6b:ba: 91:52:45:77:75:a2:83:1a:f5:5d:14:d6:a8:ae:37:54:04:81: d8:81:6a:ba:69:cf:c6:1d:b7:e8:ce:1f:41:ba:57:22:72:e8: d0:2a:bd:00:93:0e:8f:a2:9d:fa:83:d9:8b:35:33:ff:2d:38: ca:3a:8c:fb:da:e7:32:90:13:f9:75:64:40:bc:ad:1f:cd:db: e9:04:92:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjIwRTAxMTAvBgNVBAUTKDc0RTVCQjlCNkQzQ0M3RjhDMjlBODNCREM4NDkyQjk2 NTlGMEVFMTcwHhcNMjUwNzAyMTkxNjU2WhcNMjUwNzA5MTkxNjU2WjAYMRYwFAYD VQQDEw02ODY1ODVhOC0yNWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtqQolfhL/S+ufG1PilhOMGKhv8SwRkD2Ft/GtNnDz075zTPgyI4UtaX2pmsw AOv0kFIixarqYJUhMQgrdn52YO2DYESPs5f5FrDNSCLdLQMGKZinqGjam0IWWzTZ AHk8kDglWoGh2NGSc8/dQHcaugEqF4J7aErgFT9VuKwPRvD/AM3LBoxOf7WfesE9 ZMoXRduzCbR/gfoxHOvnw6c05I8bhD3ybs3tbHzk6Sl1Ai5Tygs0QOc8G8IH/9yV TrLw2xqonD0NgDzInhsgZWMMFqeSiunllXWh49nSwSYxZo/diS2zJ6pLdOrgRl+M y0/gzuY+XjRel6AHsUKxOac4LQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIIeuAj6 xKcRy85JIDvztHxgruATMB8GA1UdIwQYMBaAFHTlu5ttPMf4wpqDvchJK5ZZ8O4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9EOTY0QjQ4MjMx MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhfakNtb085eUVrcmxsbnc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RPVzdtMjA4eF9qQ21vTzl5RWtybGxudzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MjBFMC9EOTY0QjQ4MjMxMEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhf akNtb085eUVrcmxsbnc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmEqdSERsOnkwqxM7e7/4NMBGBe2nL9H1iGnYOESnDIdGpcolVVTtE RPgNC2fdLeAuHrQuETSJUMYZPm7yQSN5iwKLfxDLd//XwFQROO1/FIbkBKviMMq2 iSbSfkysTdIJr9n0lqiJbSgORBdhHF4/ERLA+C/EsY04+Oo9IJayZJ44BD1TAYAr i6Jr9ccxV+wgx5SqSs7T86RpN/37JigSYAD8dLZi5JWQ+Sfe6M5WQPrta7qRUkV3 daKDGvVdFNaorjdUBIHYgWq6ac/GHbfozh9BulcicujQKr0Akw6Pop36g9mLNTP/ LTjKOoz72ucykBP5dWRAvK0fzdvpBJII -----END CERTIFICATE-----Generated at Thu Jul 3 23:37:50 2025 by rpki-client