$ rpki-client -vvf rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft File: 0NDWzWh3DDh4O764QbES0FYBdKI.mft (raw, json) Hash identifier: QY+bb6bk7OIjjH5Db3pUSk6qMNjA8fCJl8YK8URvB9w= Subject key identifier: 98:16:03:29:0B:F1:3C:F1:36:BE:38:2A:E2:DB:A7:9B:D8:00:2E:0D Authority key identifier: D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2 Certificate issuer: /CN=A91998BE/serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2 Certificate serial: 089A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft Manifest number: 0868 Signing time: Wed 02 Jul 2025 21:00:22 +0000 Manifest this update: Wed 02 Jul 2025 21:00:22 +0000 Manifest next update: Wed 09 Jul 2025 21:00:22 +0000 Files and hashes: 1: 0NDWzWh3DDh4O764QbES0FYBdKI.crl (hash: Xf7ZlGVdzm54EFdOb5Tw9HryhZKiYiu7lmW9stY/xUc=) 2: 577FD5BE067C11ED882FC127C4F9AE02.roa (hash: FZgwTWzQksQtmk/Nfe/JqxwRHSDF1+BlazvC8MqkPtA=) 3: 4EF79184489411ED86987260C4F9AE02.roa (hash: a8Efs0GAW5Tg39h9an5o87GfSDA70jqZExOy2QFYQOc=) 4: 12FD08CAC88411ECAAB5BD09C4F9AE02.roa (hash: Rk9fezvR7MLf0U22xpSZ4jUyV+Jwv2bIeNDcvnRfGXA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:35:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2202 (0x89a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91998BE, serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2 Validity Not Before: Jul 2 21:00:22 2025 GMT Not After : Jul 9 21:00:22 2025 GMT Subject: CN=68659de6-0b50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:9e:a6:0e:90:19:cc:80:9d:2c:2f:cb:dd:20: 64:78:3d:49:9a:67:a3:95:85:09:6b:84:4e:6c:ca: 96:1d:fd:8b:c8:5f:52:c7:d7:71:a5:1d:ba:b5:4d: 0f:58:d7:6b:69:93:f4:f9:21:c0:fa:ee:fc:37:5a: ed:49:39:ae:f5:6b:fe:60:a3:8a:21:43:df:37:34: 38:ff:67:98:a5:e0:1c:b3:42:85:04:2b:06:c7:f4: 16:9d:0a:aa:e8:de:dc:56:2a:6b:e2:eb:2e:fc:65: fd:3e:c0:a8:c3:66:c5:f0:7e:a8:a5:77:09:ee:a0: 57:a4:21:4d:1a:98:af:d6:7d:c2:37:9a:40:0b:d9: 15:dc:e2:56:c9:0f:4d:59:bf:eb:46:89:b2:94:18: 69:55:d6:f7:4a:72:0d:cc:f7:90:c8:45:01:38:b6: 4e:6f:61:3e:d9:7c:bc:44:f0:a2:6d:82:b9:f7:f4: d1:98:1a:9f:7b:b6:6f:86:8c:6b:2a:01:76:f9:97: bc:24:d4:36:23:69:0e:54:3f:af:1e:4f:80:82:13: 98:64:e7:64:50:f1:9e:0d:82:51:25:fa:cb:3c:c8: 8e:cc:fc:b4:a3:7f:c3:7b:62:85:3e:55:fa:7c:d9: d1:e7:79:f3:b3:dd:b2:9a:c2:bd:51:eb:d0:cd:ad: a3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:16:03:29:0B:F1:3C:F1:36:BE:38:2A:E2:DB:A7:9B:D8:00:2E:0D X509v3 Authority Key Identifier: keyid:D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:e0:a3:64:71:04:3e:46:b8:96:5e:e1:c5:af:9c:c6:9e:4c: d0:d7:ee:83:e9:75:38:db:10:fe:e4:8e:c9:fe:0d:70:eb:70: 3c:b6:5b:f6:b8:81:84:46:88:cd:47:4a:96:c1:5c:b9:c8:17: e0:76:c6:c4:c9:ed:0f:1a:c5:79:72:8f:80:ca:9b:cc:77:08: 7c:24:a5:95:5b:ad:ab:fa:9a:74:66:42:fe:fb:cb:47:1c:25: 86:6e:ae:43:da:95:a1:e3:66:4c:ec:f3:c0:60:9c:b9:5b:53: 8b:ae:93:83:33:bb:0d:c8:cb:6c:c9:43:d9:8e:33:ad:04:87: 22:b7:a9:8d:6c:1f:e0:11:67:35:05:a2:8c:ec:ef:82:10:1f: 8d:b0:88:22:8f:d0:c9:1e:ea:9d:1d:3b:c1:c5:d4:b3:eb:9a: 09:eb:1c:8a:99:6d:d2:82:5e:e8:57:08:02:93:0a:ec:a3:d9: cd:d5:b0:c0:0d:09:d8:16:41:33:a9:e9:45:22:43:70:5e:6b: 55:b3:bc:4a:d5:34:c8:86:10:e7:c0:92:13:81:78:e9:af:34: 44:89:7b:6e:57:78:6f:a4:3a:81:9e:5b:8d:cd:14:45:12:29: 3e:88:a9:df:70:56:e7:78:b5:92:ba:f3:91:ec:83:be:a0:bc: a2:d5:d6:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk4QkUxMTAvBgNVBAUTKEQwRDBENkNENjg3NzBDMzg3ODNCQkVCODQxQjExMkQw NTYwMTc0QTIwHhcNMjUwNzAyMjEwMDIyWhcNMjUwNzA5MjEwMDIyWjAYMRYwFAYD VQQDEw02ODY1OWRlNi0wYjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8p6mDpAZzICdLC/L3SBkeD1JmmejlYUJa4RObMqWHf2LyF9Sx9dxpR26tU0P WNdraZP0+SHA+u78N1rtSTmu9Wv+YKOKIUPfNzQ4/2eYpeAcs0KFBCsGx/QWnQqq 6N7cVipr4usu/GX9PsCow2bF8H6opXcJ7qBXpCFNGpiv1n3CN5pAC9kV3OJWyQ9N Wb/rRomylBhpVdb3SnINzPeQyEUBOLZOb2E+2Xy8RPCibYK59/TRmBqfe7Zvhoxr KgF2+Ze8JNQ2I2kOVD+vHk+AghOYZOdkUPGeDYJRJfrLPMiOzPy0o3/De2KFPlX6 fNnR53nzs92ymsK9UevQza2jzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJgWAykL 8TzxNr44KuLbp5vYAC4NMB8GA1UdIwQYMBaAFNDQ1s1odww4eDu+uEGxEtBWAXSi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OThCRS8xNTBFNTdDNkNG NDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0REaDRPNzY0UWJFUzBGWUJk S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBORFd6V2gzRERoNE83NjRRYkVTMEZZQmRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OThCRS8xNTBFNTdDNkNGNDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0RE aDRPNzY0UWJFUzBGWUJkS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBs4KNkcQQ+RriWXuHFr5zGnkzQ1+6D6XU42xD+5I7J/g1w63A8tlv2 uIGERojNR0qWwVy5yBfgdsbEye0PGsV5co+AypvMdwh8JKWVW62r+pp0ZkL++8tH HCWGbq5D2pWh42ZM7PPAYJy5W1OLrpODM7sNyMtsyUPZjjOtBIcit6mNbB/gEWc1 BaKM7O+CEB+NsIgij9DJHuqdHTvBxdSz65oJ6xyKmW3Sgl7oVwgCkwrso9nN1bDA DQnYFkEzqelFIkNwXmtVs7xK1TTIhhDnwJITgXjprzREiXtuV3hvpDqBnluNzRRF Eik+iKnfcFbneLWSuvOR7IO+oLyi1daU -----END CERTIFICATE-----Generated at Wed Jul 2 23:23:39 2025 by rpki-client