$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.mft File: zuNPo5_yhfcuIp2ihivBDkiPukE.mft (raw, json) Hash identifier: T4L06LjY1Cov4bred6VgIV1TUYiIrlX+fTY0DoyK82c= Subject key identifier: 82:69:7C:A7:A4:B5:63:86:4E:DF:2D:D8:58:B2:89:FD:2A:A2:44:03 Authority key identifier: CE:E3:4F:A3:9F:F2:85:F7:2E:22:9D:A2:86:2B:C1:0E:48:8F:BA:41 Certificate issuer: /CN=A91A9B3E/serialNumber=CEE34FA39FF285F72E229DA2862BC10E488FBA41 Certificate serial: 01D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuNPo5_yhfcuIp2ihivBDkiPukE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.mft Manifest number: 01D3 Signing time: Thu 03 Jul 2025 02:55:07 +0000 Manifest this update: Thu 03 Jul 2025 02:55:07 +0000 Manifest next update: Thu 10 Jul 2025 02:55:07 +0000 Files and hashes: 1: zuNPo5_yhfcuIp2ihivBDkiPukE.crl (hash: cl0Y5R76/ZNjJc857om8G1S7VxSB0O6RoeotspMo4ZY=) 2: 819F7A60CF8B11EDAE77B351C4F9AE02.roa (hash: 4hy1f5KhPhwHVnBrwdKHHsp/qGx5VbOvDT16foHwuRM=) 3: 1AB255C68CFF11EDB7BDD865C4F9AE02.roa (hash: l3pw7Z4d1Nkw0APH0xp6K2791IsFOtCcx1C4farScNI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.crl rsync://rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuNPo5_yhfcuIp2ihivBDkiPukE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:55:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 473 (0x1d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9B3E, serialNumber=CEE34FA39FF285F72E229DA2862BC10E488FBA41 Validity Not Before: Jul 3 02:55:07 2025 GMT Not After : Jul 10 02:55:07 2025 GMT Subject: CN=6865f10b-d9e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:65:5e:7f:62:3d:54:82:8c:b3:df:4b:5f:ec: 89:9b:55:e1:a1:d6:73:0e:c9:91:26:e8:5e:3d:80: 92:ae:8d:8c:e1:5f:34:62:13:49:f0:50:98:7c:e5: 7d:07:1f:6a:8d:ed:f5:98:8c:e2:ac:93:6e:a7:fe: 14:38:b2:52:6f:7b:bc:b9:e8:1c:8d:d9:7d:bb:27: 6d:24:28:cb:63:ea:ed:37:1e:74:20:e5:3f:ab:6d: f2:75:7e:c1:e6:bb:c0:b8:e0:1e:ee:bc:bf:52:45: 53:ca:2f:90:02:c4:5c:e5:dc:38:8f:a6:bd:1e:06: d2:4d:fd:5f:ef:fc:d4:65:36:36:22:ce:b5:34:9d: 4c:0b:de:ac:36:72:08:aa:94:3c:ed:15:04:7d:5d: ee:80:38:89:5c:97:d2:33:65:70:24:9e:b1:d8:d7: 5d:03:19:06:40:41:36:53:d4:f2:52:cf:7e:fe:07: 1a:04:6a:14:93:9d:73:39:43:af:8f:79:b6:75:b0: b2:d4:01:b6:3e:31:46:98:67:68:c0:21:77:91:db: b9:b5:a0:3b:f2:3f:f0:2a:50:9f:a8:af:cf:4b:6d: 62:fa:4e:55:91:79:26:56:1f:5f:b0:6e:fe:1f:90: 90:88:41:92:82:ae:e6:7d:90:d7:b7:2c:5b:53:a4: 20:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:69:7C:A7:A4:B5:63:86:4E:DF:2D:D8:58:B2:89:FD:2A:A2:44:03 X509v3 Authority Key Identifier: keyid:CE:E3:4F:A3:9F:F2:85:F7:2E:22:9D:A2:86:2B:C1:0E:48:8F:BA:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuNPo5_yhfcuIp2ihivBDkiPukE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9B3E/DAB1C3A68CFB11ED92E25B61C4F9AE02/zuNPo5_yhfcuIp2ihivBDkiPukE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:c5:e6:30:3b:0b:1f:66:f6:2e:e7:db:ba:88:1d:ed:5f:c2: 1b:63:fe:16:d2:0f:40:89:dd:c7:18:53:79:9f:01:60:65:24: 37:db:bb:1b:c3:83:85:bf:1b:6b:f6:ed:36:fe:34:f3:62:80: 54:e2:0e:29:8f:9d:6e:39:4c:d7:40:66:de:f3:5d:08:99:25: a8:d6:cb:57:8f:c3:a7:c5:ab:f5:db:c4:05:c4:64:19:80:b5: 9b:c6:8b:a1:8c:96:f6:9b:ca:df:81:53:00:67:ee:f8:da:57: ac:83:6f:1d:2d:ed:a1:e1:ea:ad:55:21:9a:06:13:f6:52:7b: cc:77:09:51:b8:7d:c1:7a:1c:12:14:11:f6:0a:85:e7:5a:81: a9:67:47:29:d5:3a:1b:90:bb:83:e5:d3:39:ab:ad:66:b2:67: d1:c2:2a:e5:58:f9:23:3a:43:b2:35:fc:f7:8b:d7:4b:50:eb: b3:0f:b4:15:a3:aa:ad:bc:94:60:83:29:59:71:df:ae:38:de: 61:d6:1a:05:38:8f:6a:b4:20:82:63:c0:f9:79:06:a5:ab:80: a0:5f:e0:14:2b:4c:81:02:94:e2:b4:f7:b2:4e:da:98:39:0f: 0e:bb:6d:7f:15:83:27:c6:0e:2c:40:9e:7d:35:b9:64:15:9d: 17:b3:c4:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlCM0UxMTAvBgNVBAUTKENFRTM0RkEzOUZGMjg1RjcyRTIyOURBMjg2MkJDMTBF NDg4RkJBNDEwHhcNMjUwNzAzMDI1NTA3WhcNMjUwNzEwMDI1NTA3WjAYMRYwFAYD VQQDEw02ODY1ZjEwYi1kOWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsmVef2I9VIKMs99LX+yJm1XhodZzDsmRJuhePYCSro2M4V80YhNJ8FCYfOV9 Bx9qje31mIzirJNup/4UOLJSb3u8uegcjdl9uydtJCjLY+rtNx50IOU/q23ydX7B 5rvAuOAe7ry/UkVTyi+QAsRc5dw4j6a9HgbSTf1f7/zUZTY2Is61NJ1MC96sNnII qpQ87RUEfV3ugDiJXJfSM2VwJJ6x2NddAxkGQEE2U9TyUs9+/gcaBGoUk51zOUOv j3m2dbCy1AG2PjFGmGdowCF3kdu5taA78j/wKlCfqK/PS21i+k5VkXkmVh9fsG7+ H5CQiEGSgq7mfZDXtyxbU6QghwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIJpfKek tWOGTt8t2Fiyif0qokQDMB8GA1UdIwQYMBaAFM7jT6Of8oX3LiKdooYrwQ5Ij7pB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUIzRS9EQUIxQzNBNjhD RkIxMUVEOTJFMjVCNjFDNEY5QUUwMi96dU5QbzVfeWhmY3VJcDJpaGl2QkRraVB1 a0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3p1TlBvNV95aGZjdUlwMmloaXZCRGtpUHVrRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUIzRS9EQUIxQzNBNjhDRkIxMUVEOTJFMjVCNjFDNEY5QUUwMi96dU5QbzVfeWhm Y3VJcDJpaGl2QkRraVB1a0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOxeYwOwsfZvYu59u6iB3tX8IbY/4W0g9Aid3HGFN5nwFgZSQ327sb w4OFvxtr9u02/jTzYoBU4g4pj51uOUzXQGbe810ImSWo1stXj8Onxav128QFxGQZ gLWbxouhjJb2m8rfgVMAZ+742lesg28dLe2h4eqtVSGaBhP2UnvMdwlRuH3BehwS FBH2CoXnWoGpZ0cp1TobkLuD5dM5q61msmfRwirlWPkjOkOyNfz3i9dLUOuzD7QV o6qtvJRggylZcd+uON5h1hoFOI9qtCCCY8D5eQalq4CgX+AUK0yBApTitPeyTtqY OQ8Ou21/FYMnxg4sQJ59NblkFZ0Xs8QZ -----END CERTIFICATE-----Generated at Fri Jul 4 01:28:07 2025 by rpki-client