$ rpki-client -vvf rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft File: 2QhMrcO-yMIAxalrcu2v1KAOrug.mft (raw, json) Hash identifier: XMN9yM6b8SFCoJ3+RVKsw+fgSwjapr19Dz3W1rr+NkE= Subject key identifier: 31:4E:CB:F0:D5:70:4A:23:08:47:4A:79:FF:D4:27:54:F0:A1:E3:D5 Authority key identifier: D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 Certificate issuer: /CN=A91719F1/serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Certificate serial: 025F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft Manifest number: 0258 Signing time: Sat 05 Jul 2025 02:22:48 +0000 Manifest this update: Sat 05 Jul 2025 02:22:48 +0000 Manifest next update: Sat 12 Jul 2025 02:22:48 +0000 Files and hashes: 1: 2QhMrcO-yMIAxalrcu2v1KAOrug.crl (hash: SkJ/Q5HN0SZRbnn1ucZVDAJq+xXeuF8bDQyCFI9eegs=) 2: 00724F9621F111ED93774B6EC4F9AE02.roa (hash: 1MS8BgQSeLxFZfjzI2XVs+BA1y3N2nYBN3Uvkoalvq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 607 (0x25f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91719F1, serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Validity Not Before: Jul 5 02:22:48 2025 GMT Not After : Jul 12 02:22:48 2025 GMT Subject: CN=68688c78-d92f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:66:b5:00:18:9f:2f:1d:01:69:f1:8c:46:76: f7:1f:68:dc:88:a4:e8:81:35:29:74:b3:da:11:83: 05:67:43:9a:d0:31:1f:ba:46:1d:29:af:63:96:bb: 07:3f:3a:dc:79:d8:31:93:8d:f5:2a:e7:5f:fc:61: e3:f0:9e:a5:a4:5f:3b:93:07:41:db:20:97:a2:7f: 94:f9:40:ec:5e:b8:a9:77:f0:e4:59:92:fc:fd:af: d6:e8:1f:01:82:ee:e9:ca:7f:b8:a7:59:74:7a:0c: c9:5e:0e:a0:71:96:b7:ea:d2:bb:0f:63:e3:bc:c8: ba:e6:c4:31:d6:6e:01:4f:80:cb:d0:9a:67:de:6b: 62:b7:f5:5f:7e:b3:26:27:e2:2b:72:09:4d:3e:79: 9e:10:69:3c:36:c9:40:eb:2b:85:41:02:93:0f:fc: 7a:6a:26:cc:b5:95:15:65:4d:67:3f:9c:7a:02:cb: 4a:ed:b3:0a:5d:b2:22:f2:cb:2f:19:2c:1c:ea:31: 23:68:83:ae:63:c6:20:b6:67:b0:a4:00:32:78:61: e8:0b:57:0e:38:4c:e2:05:19:d4:c4:88:25:49:ca: 78:76:3d:c0:08:c0:d6:4b:07:66:a8:7b:3e:2b:e2: 2d:13:ae:22:5f:03:12:2b:f8:24:53:d4:11:a3:09: 3b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:4E:CB:F0:D5:70:4A:23:08:47:4A:79:FF:D4:27:54:F0:A1:E3:D5 X509v3 Authority Key Identifier: keyid:D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:80:43:0c:2d:0e:3a:d3:9b:ff:e4:09:8e:52:98:56:13:cb: 56:ac:af:c2:e1:64:18:69:71:28:7b:e1:f1:a8:82:5e:76:2c: fe:93:73:78:44:86:d2:49:54:68:53:5d:59:0f:ab:36:69:35: 8f:1c:2c:2a:eb:b3:6a:0b:ee:ca:41:ba:96:24:82:5a:76:e3: 4b:01:28:10:d7:df:95:eb:e3:b4:06:c4:b0:d0:0c:f7:05:2d: bd:72:d0:c5:b6:67:a4:96:dc:04:e6:c5:3c:8b:de:0d:e6:3b: 72:7f:7a:b1:b8:17:00:cf:95:37:4e:9d:c9:b1:22:02:af:35: 73:23:fa:da:4b:66:76:64:79:5c:8d:42:10:02:fb:23:36:14: 37:2b:cf:60:81:f8:c6:2c:55:82:78:fe:18:a9:b4:46:c7:44: ae:f9:13:49:29:1d:35:c2:e0:b1:c3:ef:f1:37:e3:4f:9b:ff: ff:93:53:40:51:f4:92:97:29:51:ee:6f:6f:d4:b2:b7:b2:f9: 0e:bd:d3:0b:30:cb:4b:09:05:70:ff:14:f4:33:dc:28:f3:4a: 41:f0:11:f3:3c:4a:59:dc:70:a4:f3:15:b7:30:05:54:35:42: 78:d5:5f:4a:ed:ff:59:db:23:82:ef:1c:e3:21:a2:41:cc:d3: 78:01:f6:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE5RjExMTAvBgNVBAUTKEQ5MDg0Q0FEQzNCRUM4QzIwMEM1QTk2QjcyRURBRkQ0 QTAwRUFFRTgwHhcNMjUwNzA1MDIyMjQ4WhcNMjUwNzEyMDIyMjQ4WjAYMRYwFAYD VQQDEw02ODY4OGM3OC1kOTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzma1ABifLx0BafGMRnb3H2jciKTogTUpdLPaEYMFZ0Oa0DEfukYdKa9jlrsH Pzrcedgxk431Kudf/GHj8J6lpF87kwdB2yCXon+U+UDsXripd/DkWZL8/a/W6B8B gu7pyn+4p1l0egzJXg6gcZa36tK7D2PjvMi65sQx1m4BT4DL0Jpn3mtit/VffrMm J+IrcglNPnmeEGk8NslA6yuFQQKTD/x6aibMtZUVZU1nP5x6AstK7bMKXbIi8ssv GSwc6jEjaIOuY8YgtmewpAAyeGHoC1cOOEziBRnUxIglScp4dj3ACMDWSwdmqHs+ K+ItE64iXwMSK/gkU9QRowk7aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDFOy/DV cEojCEdKef/UJ1TwoePVMB8GA1UdIwQYMBaAFNkITK3DvsjCAMWpa3Ltr9SgDq7o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTlGMS82OTVGOTNGRTIx RUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlNSUF4YWxyY3UydjFLQU9y dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaE1yY08teU1JQXhhbHJjdTJ2MUtBT3J1Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTlGMS82OTVGOTNGRTIxRUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlN SUF4YWxyY3UydjFLQU9ydWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHgEMMLQ4605v/5AmOUphWE8tWrK/C4WQYaXEoe+HxqIJediz+k3N4 RIbSSVRoU11ZD6s2aTWPHCwq67NqC+7KQbqWJIJaduNLASgQ19+V6+O0BsSw0Az3 BS29ctDFtmekltwE5sU8i94N5jtyf3qxuBcAz5U3Tp3JsSICrzVzI/raS2Z2ZHlc jUIQAvsjNhQ3K89ggfjGLFWCeP4YqbRGx0Su+RNJKR01wuCxw+/xN+NPm///k1NA UfSSlylR7m9v1LK3svkOvdMLMMtLCQVw/xT0M9wo80pB8BHzPEpZ3HCk8xW3MAVU NUJ41V9K7f9Z2yOC7xzjIaJBzNN4Afbh -----END CERTIFICATE-----Generated at Sat Jul 5 08:15:07 2025 by rpki-client