$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft File: I3Q0S3Gynw44NSDK_GyINQw1YWg.mft (raw, json) Hash identifier: YuIftaaJqZEblYW03XAUDy3wOyQHubscE7S9Tx2EVH4= Subject key identifier: B7:28:7D:1A:B9:23:22:F4:9B:58:9A:31:10:57:64:42:0B:A2:7C:24 Authority key identifier: 23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 Certificate issuer: /CN=A91A58AA/serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft Manifest number: 21 Signing time: Tue 01 Jul 2025 08:38:21 +0000 Manifest this update: Tue 01 Jul 2025 08:38:20 +0000 Manifest next update: Tue 08 Jul 2025 08:38:20 +0000 Files and hashes: 1: I3Q0S3Gynw44NSDK_GyINQw1YWg.crl (hash: c5rJHH88CtqX2bPrPXo3RyA00si2+npTAFa8MSUEU2g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:38:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Validity Not Before: Jul 1 08:38:20 2025 GMT Not After : Jul 8 08:38:20 2025 GMT Subject: CN=68639e7c-d5bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:dd:17:71:bc:5e:f5:79:28:00:71:b7:3d:34: 1e:d4:ed:ea:25:b4:02:8b:df:98:d6:1e:67:46:e6: df:b2:e4:d1:3e:44:87:ae:bc:88:5d:2a:49:be:24: e8:be:43:e4:9b:88:8e:8b:ae:f7:49:7e:cf:ed:d2: b3:3e:44:8a:a4:0d:86:82:45:9c:35:b0:3b:5b:5f: 56:57:02:64:e6:a3:d3:b1:5f:17:b4:1d:7e:a8:e0: b8:bf:ac:c2:ae:d8:da:bf:fe:3f:9e:42:78:8e:c4: c1:e5:90:76:fe:ba:f0:31:d9:5c:42:6c:a3:2c:e7: 4e:d6:3a:46:36:f3:ab:10:7c:c8:f0:e2:a5:92:ad: 2b:24:40:c9:8b:b2:64:7d:3d:d3:9c:59:7c:11:70: da:b0:b1:a8:3a:b8:ea:8c:03:7e:6f:54:a2:45:a2: d9:f7:7c:f0:ea:ab:8d:e1:67:d4:3a:e1:73:fc:c2: 37:24:70:d1:9a:e3:87:79:35:c3:d4:6f:23:e1:c5: ba:8d:c3:75:fe:74:00:72:04:55:7b:4e:c9:a9:6d: 19:7c:06:1f:76:f5:00:c7:17:b5:24:ec:d5:78:b9: 3f:0c:f6:1c:d9:19:d1:90:61:21:93:74:d4:5a:ea: 8c:c2:a9:16:4d:d1:eb:3b:e5:02:8c:1d:89:09:6a: d5:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:28:7D:1A:B9:23:22:F4:9B:58:9A:31:10:57:64:42:0B:A2:7C:24 X509v3 Authority Key Identifier: keyid:23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:af:4b:24:14:61:b0:0c:c9:87:9d:ce:ed:d7:9e:12:a9:e4: 0d:68:93:0e:db:8d:51:5e:32:39:ea:df:ef:d0:d2:1d:38:2f: 46:7b:0a:d2:1c:18:d5:aa:5f:d2:79:dd:7d:91:3c:34:f2:54: a5:98:10:bd:96:6a:e8:92:b8:b5:55:d3:d3:d4:0a:d0:3f:08: 48:9f:b0:40:15:a5:33:27:6d:35:fe:cc:d2:a3:41:04:46:41: b8:6e:e0:0a:b9:5a:2e:dc:27:4c:60:0a:2b:c1:00:81:8a:b7: 87:f6:b5:c8:e2:0d:7e:f8:56:c8:94:4b:63:fb:34:f5:78:4b: 77:75:32:d7:59:41:9d:c8:eb:d8:32:c9:14:31:8a:10:67:e5: 66:53:77:c4:c4:9f:19:17:eb:7d:93:65:33:66:a8:39:ec:17: 29:f9:c2:10:3d:cf:94:23:cd:2c:e3:d7:94:7c:e2:8f:6f:a0: 28:1b:a1:cd:50:04:74:5a:b4:1c:60:3a:db:50:a8:bc:bd:ad: 86:06:60:e2:7c:9f:35:74:e6:3e:fd:b0:93:5d:fe:52:58:6c: 8c:36:3a:23:f1:8a:1a:16:9a:0d:cd:3e:ac:d0:8b:f6:44:49: ae:e1:58:34:fc:6f:e0:95:94:8e:3e:d5:ef:e0:e5:13:69:eb: 2f:fe:82:c4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoMjM3NDM0NEI3MUIyOUYwRTM4MzUyMENBRkM2Qzg4MzUw QzM1NjE2ODAeFw0yNTA3MDEwODM4MjBaFw0yNTA3MDgwODM4MjBaMBgxFjAUBgNV BAMTDTY4NjM5ZTdjLWQ1YmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDp3RdxvF71eSgAcbc9NB7U7eoltAKL35jWHmdG5t+y5NE+RIeuvIhdKkm+JOi+ Q+SbiI6LrvdJfs/t0rM+RIqkDYaCRZw1sDtbX1ZXAmTmo9OxXxe0HX6o4Li/rMKu 2Nq//j+eQniOxMHlkHb+uvAx2VxCbKMs507WOkY286sQfMjw4qWSrSskQMmLsmR9 PdOcWXwRcNqwsag6uOqMA35vVKJFotn3fPDqq43hZ9Q64XP8wjckcNGa44d5NcPU byPhxbqNw3X+dAByBFV7TsmpbRl8Bh929QDHF7Uk7NV4uT8M9hzZGdGQYSGTdNRa 6ozCqRZN0es75QKMHYkJatWxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtyh9Grkj IvSbWJoxEFdkQguifCQwHwYDVR0jBBgwFoAUI3Q0S3Gynw44NSDK/GyINQw1YWgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0NBNTBDOTI2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0NE5TREtfR3lJTlF3MVlX Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSTNRMFMzR3ludzQ0TlNES19HeUlOUXcxWVdnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0NBNTBDOTI2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0 NE5TREtfR3lJTlF3MVlXZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHevSyQUYbAMyYedzu3XnhKp5A1okw7bjVFeMjnq3+/Q0h04L0Z7CtIc GNWqX9J53X2RPDTyVKWYEL2WauiSuLVV09PUCtA/CEifsEAVpTMnbTX+zNKjQQRG Qbhu4Aq5Wi7cJ0xgCivBAIGKt4f2tcjiDX74VsiUS2P7NPV4S3d1MtdZQZ3I69gy yRQxihBn5WZTd8TEnxkX632TZTNmqDnsFyn5whA9z5QjzSzj15R84o9voCgboc1Q BHRatBxgOttQqLy9rYYGYOJ8nzV05j79sJNd/lJYbIw2OiPxihoWmg3NPqzQi/ZE Sa7hWDT8b+CVlI4+1e/g5RNp6y/+gsQ= -----END CERTIFICATE-----Generated at Tue Jul 1 21:12:22 2025 by rpki-client