$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft File: D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft (raw, json) Hash identifier: qRMnBvhYXXCDm0ffeIvZp1A/nHN2x8mO5NuBgGUnU0s= Subject key identifier: CD:8F:4D:DB:7A:A6:35:22:CB:A8:47:6E:81:C7:1E:0C:71:53:0D:13 Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 Certificate issuer: /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Certificate serial: 01E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft Manifest number: 01D8 Signing time: Thu 03 Jul 2025 02:59:37 +0000 Manifest this update: Thu 03 Jul 2025 02:59:36 +0000 Manifest next update: Thu 10 Jul 2025 02:59:36 +0000 Files and hashes: 1: D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl (hash: ikA6RVoliSjHUIb6EHpXRubhsp4EG0/jUm3hq5WiKB0=) 2: BC72661A972911ED8CBCA476C4F9AE02.roa (hash: 50hi2vNUebBRUz8ceA03XMTbcW3zeli1X+BmJSriA30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:59:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 485 (0x1e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7C68, serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Validity Not Before: Jul 3 02:59:36 2025 GMT Not After : Jul 10 02:59:36 2025 GMT Subject: CN=6865f218-721c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:89:88:3e:49:a6:6c:9a:5d:1f:fc:fc:ba:e9: 57:92:94:45:c5:0e:3b:c8:43:66:91:f0:0b:48:56: bb:76:40:23:84:ee:35:cf:98:be:2a:94:c9:23:25: d4:83:51:23:44:63:95:60:3f:03:13:b4:79:fb:25: 20:c1:6e:ba:1f:f0:f8:4a:10:bd:21:97:23:5a:79: f7:82:85:b1:5c:c0:24:7b:c5:cb:83:6c:58:f1:c3: 95:1c:a5:01:14:4c:c5:b7:6f:97:f0:da:ab:cf:30: 2c:a8:4b:0e:56:d1:7e:f1:10:46:ec:aa:84:b3:11: c0:31:2c:2f:8c:73:c2:c1:55:11:1c:f1:a1:b3:23: 0e:ae:32:0d:b2:39:ed:33:28:27:4d:0d:e5:ef:09: c1:c6:c9:f2:90:be:b2:44:b7:d0:93:0d:2e:ec:3b: 72:71:c1:b5:b6:b7:56:56:47:f7:43:c6:1e:88:c1: b5:97:c5:da:80:d3:10:7d:44:06:de:dc:92:c8:45: 4b:d1:3b:16:1b:e6:02:c8:85:eb:70:24:26:b9:c9: a0:9a:a2:57:98:77:a4:1b:46:c7:a4:10:f0:71:d5: 32:09:6b:02:94:91:bf:37:b4:d4:0e:f1:81:a3:97: 76:25:d6:68:71:d4:68:eb:b0:46:79:76:26:84:9a: 64:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:8F:4D:DB:7A:A6:35:22:CB:A8:47:6E:81:C7:1E:0C:71:53:0D:13 X509v3 Authority Key Identifier: keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:14:25:d9:18:25:06:5a:84:ca:36:76:98:ff:c0:93:e8:ee: 4a:8d:bf:22:47:e1:f6:05:be:d2:9b:22:e7:a2:08:eb:88:21: 10:03:ab:f2:f6:e0:4c:f3:a3:a2:eb:33:9e:89:20:f7:64:87: 83:38:ff:77:1f:f0:69:07:31:a6:11:27:fa:0a:78:86:0e:a6: 7b:ce:d0:f1:19:be:a4:e8:0f:8e:db:51:55:b9:c1:41:f0:5a: d1:1d:fe:8e:62:cd:55:c5:02:fa:1d:8f:e3:7a:bf:b7:66:ec: ed:12:2f:31:7f:f5:18:a4:04:c5:e0:81:45:c1:53:44:88:5b: 77:8d:74:de:15:92:04:cc:18:13:4d:44:19:1b:c1:9a:b5:97: 0b:c8:da:ff:6e:c2:64:22:84:9f:4f:2f:f6:3b:c5:da:8f:37: 86:76:85:9e:60:2e:b3:41:fb:63:52:c0:3e:f1:c6:c7:61:e9: 9f:02:2c:1a:79:90:9d:79:a2:d8:98:da:98:37:d8:2b:d4:a7: f0:23:43:dc:16:33:0a:6c:1f:1a:18:5d:71:09:5f:7e:ca:af: b9:bf:4f:06:0c:19:a8:f2:9b:e9:ea:43:2e:1d:a6:18:42:94: 4b:42:a9:10:44:ab:a2:57:4a:78:23:c9:41:67:b3:4e:d7:ff: 7f:8d:e8:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdDNjgxMTAvBgNVBAUTKDBGNjI2QTMyNjRENkZFQ0NDQkZFQjJEOTlCMURCRjhB RkZFQzNCMzQwHhcNMjUwNzAzMDI1OTM2WhcNMjUwNzEwMDI1OTM2WjAYMRYwFAYD VQQDEw02ODY1ZjIxOC03MjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwYmIPkmmbJpdH/z8uulXkpRFxQ47yENmkfALSFa7dkAjhO41z5i+KpTJIyXU g1EjRGOVYD8DE7R5+yUgwW66H/D4ShC9IZcjWnn3goWxXMAke8XLg2xY8cOVHKUB FEzFt2+X8NqrzzAsqEsOVtF+8RBG7KqEsxHAMSwvjHPCwVURHPGhsyMOrjINsjnt MygnTQ3l7wnBxsnykL6yRLfQkw0u7DtyccG1trdWVkf3Q8YeiMG1l8XagNMQfUQG 3tySyEVL0TsWG+YCyIXrcCQmucmgmqJXmHekG0bHpBDwcdUyCWsClJG/N7TUDvGB o5d2JdZocdRo67BGeXYmhJpk7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM2PTdt6 pjUiy6hHboHHHgxxUw0TMB8GA1UdIwQYMBaAFA9iajJk1v7My/6y2Zsdv4r/7Ds0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0M2OC80MjM5ODZGNjk3 MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19zekxfckxabXgyX2l2X3NP elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19z ekxfckxabXgyX2l2X3NPelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACFCXZGCUGWoTKNnaY/8CT6O5Kjb8iR+H2Bb7SmyLnogjriCEQA6vy 9uBM86Oi6zOeiSD3ZIeDOP93H/BpBzGmESf6CniGDqZ7ztDxGb6k6A+O21FVucFB 8FrRHf6OYs1VxQL6HY/jer+3ZuztEi8xf/UYpATF4IFFwVNEiFt3jXTeFZIEzBgT TUQZG8GatZcLyNr/bsJkIoSfTy/2O8XajzeGdoWeYC6zQftjUsA+8cbHYemfAiwa eZCdeaLYmNqYN9gr1KfwI0PcFjMKbB8aGF1xCV9+yq+5v08GDBmo8pvp6kMuHaYY QpRLQqkQRKuiV0p4I8lBZ7NO1/9/jeis -----END CERTIFICATE-----Generated at Fri Jul 4 14:28:07 2025 by rpki-client