$ rpki-client -vvf rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft File: bycituUTNGUloqmUZBtOJ_BNU1Y.mft (raw, json) Hash identifier: 6DTuA5udvUHeD+T9nbVY98XVH2WddzU9O68Dk3hqRCM= Subject key identifier: 46:A2:21:DF:EC:57:E8:2D:C4:50:5F:F5:7C:44:D3:FF:67:A5:94:BE Authority key identifier: 6F:27:22:B6:E5:13:34:65:25:A2:A9:94:64:1B:4E:27:F0:4D:53:56 Certificate issuer: /CN=A91870B9/serialNumber=6F2722B6E513346525A2A994641B4E27F04D5356 Certificate serial: 029A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft Manifest number: 0297 Signing time: Thu 03 Jul 2025 01:57:03 +0000 Manifest this update: Thu 03 Jul 2025 01:57:02 +0000 Manifest next update: Thu 10 Jul 2025 01:57:02 +0000 Files and hashes: 1: bycituUTNGUloqmUZBtOJ_BNU1Y.crl (hash: PeCFCqUadtMFZkGz9Tf3BJ+6hixw64p7WT144rTmiB0=) 2: A48AD700072111ED91EABE39C4F9AE02.roa (hash: LYlnmY38WC+/5pBo6/8yuliMtbU1c9X35OeWacBJJcc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.crl rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:57:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 666 (0x29a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91870B9, serialNumber=6F2722B6E513346525A2A994641B4E27F04D5356 Validity Not Before: Jul 3 01:57:02 2025 GMT Not After : Jul 10 01:57:02 2025 GMT Subject: CN=6865e36e-29c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:9a:df:c9:9d:44:69:f7:cb:99:b0:78:13:dc: 81:ec:11:ce:e1:83:e0:ac:4f:4b:d7:4d:86:13:4c: 78:b4:64:56:81:20:4b:85:ad:7c:1a:10:2e:17:96: c4:aa:ec:0f:7c:d0:27:fe:37:3a:ee:2c:f5:5d:2e: 2e:4c:dd:a3:e3:3d:4c:96:1d:cb:0d:fe:5b:56:fc: 1e:f4:c4:c9:41:c4:db:ad:dd:3c:2d:b6:1b:3f:88: 6a:1a:80:28:92:4c:7e:ba:b0:ca:fd:8c:7c:16:a0: b8:85:79:39:d3:cd:f2:6a:31:4e:a8:7a:ef:05:e0: db:f6:40:d5:e1:3b:4f:97:5b:83:cf:d2:2f:06:cb: b4:ac:b3:1b:02:fe:76:25:35:eb:94:f1:78:6c:06: 04:17:10:6d:23:dc:15:64:23:73:d3:b8:95:1f:9e: ec:d9:ba:a5:99:a9:18:a0:5a:c4:b9:53:7e:42:3a: b5:63:53:9f:94:ba:1d:ca:09:aa:1d:f0:2f:b9:bf: 8b:26:91:ce:61:3e:21:26:bf:b5:57:6d:5c:5f:c8: 4a:4a:8d:99:ae:e4:b2:0a:9b:c8:1d:5d:f7:34:aa: 5f:10:5f:10:1e:22:ec:98:e6:06:9b:f5:ca:3e:5c: 7a:85:39:2f:bc:88:37:84:d5:a9:48:17:be:32:4f: 60:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:A2:21:DF:EC:57:E8:2D:C4:50:5F:F5:7C:44:D3:FF:67:A5:94:BE X509v3 Authority Key Identifier: keyid:6F:27:22:B6:E5:13:34:65:25:A2:A9:94:64:1B:4E:27:F0:4D:53:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bycituUTNGUloqmUZBtOJ_BNU1Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91870B9/7C8C890E071E11EDA2E3F132C4F9AE02/bycituUTNGUloqmUZBtOJ_BNU1Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:b2:4c:40:a1:09:1f:07:9d:df:4e:a2:fc:e4:ed:30:67:3a: df:31:4c:c1:6c:cd:74:96:72:ba:78:5b:59:b2:50:04:9b:d6: be:cc:bf:53:b2:6f:06:ef:c4:f8:d9:56:80:20:e1:1c:f8:fa: 50:51:c0:c9:35:1c:24:b6:9e:46:50:0b:b3:d9:eb:96:d9:bd: a2:99:ef:5b:84:90:d1:c6:fe:9e:d5:3f:43:f0:47:41:79:54: 78:3f:84:2f:10:a4:b8:0b:df:0e:b8:75:b7:e8:d0:c0:f8:07: 4a:af:21:31:a4:2b:1f:38:71:cf:05:08:05:65:c9:3e:63:84: a4:98:31:19:7e:5f:af:7f:af:31:cc:99:7d:dd:0a:b9:53:9b: 6e:f2:e8:fb:34:c7:66:f7:ad:13:06:92:7a:c1:0a:9e:d0:ec: 0d:f1:30:01:bd:e2:cb:d2:36:2b:e8:71:a1:87:61:a1:fb:18: 4b:03:6d:67:e7:c5:39:b5:12:a7:d6:b7:0a:8c:df:a2:64:04: 8a:5b:f4:28:27:e7:80:f6:85:59:f8:26:9f:60:1d:5d:12:ef: 8a:04:9e:35:de:19:2c:da:62:ba:b6:3d:14:d7:09:f9:6a:2c: e9:48:4c:c7:43:d6:47:13:c7:07:d7:07:e5:20:0c:cf:c4:1e: 52:80:8d:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODcwQjkxMTAvBgNVBAUTKDZGMjcyMkI2RTUxMzM0NjUyNUEyQTk5NDY0MUI0RTI3 RjA0RDUzNTYwHhcNMjUwNzAzMDE1NzAyWhcNMjUwNzEwMDE1NzAyWjAYMRYwFAYD VQQDEw02ODY1ZTM2ZS0yOWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4ZrfyZ1EaffLmbB4E9yB7BHO4YPgrE9L102GE0x4tGRWgSBLha18GhAuF5bE quwPfNAn/jc67iz1XS4uTN2j4z1Mlh3LDf5bVvwe9MTJQcTbrd08LbYbP4hqGoAo kkx+urDK/Yx8FqC4hXk5083yajFOqHrvBeDb9kDV4TtPl1uDz9IvBsu0rLMbAv52 JTXrlPF4bAYEFxBtI9wVZCNz07iVH57s2bqlmakYoFrEuVN+Qjq1Y1OflLodygmq HfAvub+LJpHOYT4hJr+1V21cX8hKSo2ZruSyCpvIHV33NKpfEF8QHiLsmOYGm/XK Plx6hTkvvIg3hNWpSBe+Mk9gEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEaiId/s V+gtxFBf9XxE0/9npZS+MB8GA1UdIwQYMBaAFG8nIrblEzRlJaKplGQbTifwTVNW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzBCOS83QzhDODkwRTA3 MUUxMUVEQTJFM0YxMzJDNEY5QUUwMi9ieWNpdHVVVE5HVWxvcW1VWkJ0T0pfQk5V MVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2J5Y2l0dVVUTkdVbG9xbVVaQnRPSl9CTlUxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NzBCOS83QzhDODkwRTA3MUUxMUVEQTJFM0YxMzJDNEY5QUUwMi9ieWNpdHVVVE5H VWxvcW1VWkJ0T0pfQk5VMVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSskxAoQkfB53fTqL85O0wZzrfMUzBbM10lnK6eFtZslAEm9a+zL9T sm8G78T42VaAIOEc+PpQUcDJNRwktp5GUAuz2euW2b2ime9bhJDRxv6e1T9D8EdB eVR4P4QvEKS4C98OuHW36NDA+AdKryExpCsfOHHPBQgFZck+Y4SkmDEZfl+vf68x zJl93Qq5U5tu8uj7NMdm960TBpJ6wQqe0OwN8TABveLL0jYr6HGhh2Gh+xhLA21n 58U5tRKn1rcKjN+iZASKW/QoJ+eA9oVZ+CafYB1dEu+KBJ413hks2mK6tj0U1wn5 aizpSEzHQ9ZHE8cH1wflIAzPxB5SgI2M -----END CERTIFICATE-----Generated at Thu Jul 3 21:07:34 2025 by rpki-client