$ rpki-client -vvf rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.mft File: z8CATaxP_3oipAThDphkpxHeGck.mft (raw, json) Hash identifier: Rfxsqkt0eEHhzuPfS5IIPYznJLu8uy3Wo1kjS10knv4= Subject key identifier: A7:14:7D:9E:DD:A0:26:5C:08:BC:CB:DE:47:97:14:49:32:4E:01:0C Authority key identifier: CF:C0:80:4D:AC:4F:FF:7A:22:A4:04:E1:0E:98:64:A7:11:DE:19:C9 Certificate issuer: /CN=A91A12C4/serialNumber=CFC0804DAC4FFF7A22A404E10E9864A711DE19C9 Certificate serial: 9B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z8CATaxP_3oipAThDphkpxHeGck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.mft Manifest number: 9A Signing time: Thu 03 Jul 2025 06:31:27 +0000 Manifest this update: Thu 03 Jul 2025 06:31:27 +0000 Manifest next update: Thu 10 Jul 2025 06:31:27 +0000 Files and hashes: 1: z8CATaxP_3oipAThDphkpxHeGck.crl (hash: Zhot+24SlSa8khaQVVcDkQulLr4RtB5HRQ7+HHJiQXY=) 2: BCA395126C1811EFAFBE6B0FC4F9AE02.roa (hash: Mb/JnRkZoctaPV3WHu0XOAV8U5+c9ZbVehfTb/x4GMg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.crl rsync://rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z8CATaxP_3oipAThDphkpxHeGck.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A12C4, serialNumber=CFC0804DAC4FFF7A22A404E10E9864A711DE19C9 Validity Not Before: Jul 3 06:31:27 2025 GMT Not After : Jul 10 06:31:27 2025 GMT Subject: CN=686623bf-b2aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:24:d6:12:99:48:50:8a:b3:4f:7e:36:5b:d8: c3:18:86:69:d5:ff:ca:2d:be:31:fa:2f:b5:aa:53: e9:5a:28:54:82:a5:6d:37:ce:0a:7c:f4:75:86:b1: 85:d2:6e:04:c7:04:82:bf:35:26:13:6b:01:e2:28: a9:99:53:a3:d7:5a:ca:a8:40:d2:96:b5:bd:5c:ff: 57:b7:0b:14:f5:d3:1b:4e:96:51:28:bb:72:67:cd: 9b:e0:3b:fb:af:3e:f6:db:b1:6f:1c:b4:40:0a:3c: 62:cd:3b:a2:18:33:02:1f:a2:94:a9:73:a1:7d:3c: 58:77:0f:57:61:42:3e:cf:14:a1:bb:62:47:66:f6: 30:7a:d0:ac:a9:92:8f:2e:cd:6c:69:24:3a:98:5a: b8:19:88:c1:20:c5:dc:2d:d8:2f:0a:a7:36:f5:68: 3f:50:8c:69:ed:a9:87:4f:f1:00:8e:c8:ba:c2:5f: 4a:fc:3f:50:a5:b3:7d:94:5a:e4:d0:85:7d:ef:ab: 87:5e:e5:bd:8d:0f:70:cd:66:2c:8e:a4:c6:03:8a: 68:45:d3:3c:a4:84:4d:1d:28:17:64:8b:1a:2a:d9: 9f:c8:c3:5f:c1:bd:af:fe:d2:bc:c3:60:72:5f:46: 6b:af:b1:70:ac:33:1a:6c:bc:73:94:df:fc:0c:bc: 23:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:14:7D:9E:DD:A0:26:5C:08:BC:CB:DE:47:97:14:49:32:4E:01:0C X509v3 Authority Key Identifier: keyid:CF:C0:80:4D:AC:4F:FF:7A:22:A4:04:E1:0E:98:64:A7:11:DE:19:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z8CATaxP_3oipAThDphkpxHeGck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A12C4/F319EDC26C1711EFBDBFD50BC4F9AE02/z8CATaxP_3oipAThDphkpxHeGck.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:13:29:85:41:8f:11:5d:e3:0f:c8:43:b8:a8:7c:ee:da:a5: 00:a4:54:d4:f8:f0:5b:00:63:5e:7f:99:80:93:f5:74:ae:dd: 3f:3c:25:c7:8c:28:7d:36:e0:ed:88:a9:73:65:9b:e1:ec:50: aa:ef:a7:8c:a7:db:27:4f:f3:19:a1:2d:da:2a:f6:ea:fa:b3: 01:81:5f:74:d7:71:76:40:79:d2:42:8c:fb:ad:4b:e3:62:b2: ce:a5:6e:68:1d:8f:0d:ac:60:62:ad:f1:4a:57:b2:19:1f:26: eb:5a:1f:34:a2:04:fd:ba:40:f6:1b:f3:a5:77:36:e9:62:94: 18:de:52:f3:8e:fa:5a:2d:91:6c:2b:6f:63:fe:34:9f:82:71: a3:57:ad:64:bd:d3:96:c8:9f:01:a3:18:4a:d7:2a:85:9f:b3: 27:ad:75:82:c3:30:ca:11:aa:ae:9c:82:59:55:ba:0e:d3:b7: 1a:5f:1e:ac:86:af:63:99:ef:66:0f:a0:d5:b7:e8:e3:1f:51: c0:e7:ec:fa:09:09:3e:89:6a:df:66:54:f5:e9:84:58:22:52: ab:19:6c:f3:eb:5b:a3:27:4f:77:35:cb:f1:4f:07:6c:e1:d3: 66:a8:90:97:20:a4:a0:97:e5:36:fb:84:58:2f:f2:b1:d9:30: 20:bc:82:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTEyQzQxMTAvBgNVBAUTKENGQzA4MDREQUM0RkZGN0EyMkE0MDRFMTBFOTg2NEE3 MTFERTE5QzkwHhcNMjUwNzAzMDYzMTI3WhcNMjUwNzEwMDYzMTI3WjAYMRYwFAYD VQQDEw02ODY2MjNiZi1iMmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAziTWEplIUIqzT342W9jDGIZp1f/KLb4x+i+1qlPpWihUgqVtN84KfPR1hrGF 0m4ExwSCvzUmE2sB4iipmVOj11rKqEDSlrW9XP9XtwsU9dMbTpZRKLtyZ82b4Dv7 rz7227FvHLRACjxizTuiGDMCH6KUqXOhfTxYdw9XYUI+zxShu2JHZvYwetCsqZKP Ls1saSQ6mFq4GYjBIMXcLdgvCqc29Wg/UIxp7amHT/EAjsi6wl9K/D9QpbN9lFrk 0IV976uHXuW9jQ9wzWYsjqTGA4poRdM8pIRNHSgXZIsaKtmfyMNfwb2v/tK8w2By X0Zrr7FwrDMabLxzlN/8DLwjZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKcUfZ7d oCZcCLzL3keXFEkyTgEMMB8GA1UdIwQYMBaAFM/AgE2sT/96IqQE4Q6YZKcR3hnJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTJDNC9GMzE5RURDMjZD MTcxMUVGQkRCRkQ1MEJDNEY5QUUwMi96OENBVGF4UF8zb2lwQVRoRHBoa3B4SGVH Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3o4Q0FUYXhQXzNvaXBBVGhEcGhrcHhIZUdjay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MTJDNC9GMzE5RURDMjZDMTcxMUVGQkRCRkQ1MEJDNEY5QUUwMi96OENBVGF4UF8z b2lwQVRoRHBoa3B4SGVHY2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcEymFQY8RXeMPyEO4qHzu2qUApFTU+PBbAGNef5mAk/V0rt0/PCXH jCh9NuDtiKlzZZvh7FCq76eMp9snT/MZoS3aKvbq+rMBgV9013F2QHnSQoz7rUvj YrLOpW5oHY8NrGBirfFKV7IZHybrWh80ogT9ukD2G/OldzbpYpQY3lLzjvpaLZFs K29j/jSfgnGjV61kvdOWyJ8BoxhK1yqFn7MnrXWCwzDKEaqunIJZVboO07caXx6s hq9jme9mD6DVt+jjH1HA5+z6CQk+iWrfZlT16YRYIlKrGWzz61ujJ093NcvxTwds 4dNmqJCXIKSgl+U2+4RYL/Kx2TAgvIIU -----END CERTIFICATE-----Generated at Thu Jul 3 22:48:44 2025 by rpki-client