$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft File: b8Lt8MURUqO-wRSaG9su2yk8nZU.mft (raw, json) Hash identifier: t5FNe7jee1GufSWiniRzNCFjPKPXY1WJnWc12Z25Bxc= Subject key identifier: 24:01:A6:B4:D6:CD:B2:3C:96:7E:07:5E:FA:42:D8:09:0A:9F:34:21 Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0D6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft Manifest number: 0D43 Signing time: Wed 02 Jul 2025 18:15:38 +0000 Manifest this update: Wed 02 Jul 2025 18:15:37 +0000 Manifest next update: Wed 09 Jul 2025 18:15:37 +0000 Files and hashes: 1: b8Lt8MURUqO-wRSaG9su2yk8nZU.crl (hash: A60pG6kvFwoQR2U/7AP/SUHDhMlEvUhin4Rl3ZAxEjE=) 2: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (hash: 8r7MWVk5x8o1qlWsJdhw0htq1GLcuT7GZDff98YKUWg=) 3: 11815E36135311EE94A8A114C4F9AE02.roa (hash: 4RiRLEUaqFnMyzAxg+jhTtVSLZnRrw+D1OLV5ZjDtiE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:15:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3438 (0xd6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Jul 2 18:15:37 2025 GMT Not After : Jul 9 18:15:37 2025 GMT Subject: CN=6865774a-ad84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e0:35:fc:29:b0:59:b1:62:aa:a2:23:9d:c1: 31:79:d0:3a:8b:fa:08:b6:e1:fc:95:2c:ea:49:7f: 22:81:26:50:2a:53:df:eb:25:ff:80:ab:b1:e5:cb: 65:a3:b4:96:21:0c:50:d5:eb:e4:b7:7d:1b:fa:d0: 9b:4c:43:32:7f:57:c2:50:b9:c3:ea:e3:60:00:4f: 7d:3d:e3:0d:16:ab:d6:2d:f8:c6:55:25:de:55:c2: 7c:2f:9a:39:05:9d:ea:56:92:35:5b:e2:cb:54:fd: 13:5a:12:69:05:9d:60:23:aa:4c:bb:60:a8:30:23: a0:ec:74:f2:63:b3:5f:5c:ce:97:71:3b:d1:2f:e5: c3:d3:19:24:52:66:15:23:a3:1e:ea:ed:5d:1d:c4: 73:c1:90:91:75:a3:94:9a:c4:a9:4d:c4:96:12:52: 65:e3:42:bd:a7:fa:04:c1:32:db:26:9b:f6:87:7a: 10:69:01:3f:d0:d0:b7:bf:06:66:c7:94:cf:c9:00: b5:74:72:9d:3f:2b:92:f5:c1:84:1e:78:e1:a2:9a: e8:00:84:7c:75:d1:5d:50:be:9f:5c:99:c0:33:a8: 09:0a:ac:b2:87:1c:c3:ff:e1:b3:0c:3c:70:99:e8: 8e:85:3c:35:85:ea:67:39:c0:81:60:20:c7:f8:31: 9e:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:01:A6:B4:D6:CD:B2:3C:96:7E:07:5E:FA:42:D8:09:0A:9F:34:21 X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:f5:5c:ff:4e:9b:5d:d1:78:09:a2:76:8b:3d:20:26:ca:1e: 21:cb:b4:26:77:8d:d0:19:6e:ec:b9:f5:40:e5:f0:8f:8c:34: de:94:72:dc:0d:6d:60:12:60:eb:68:c2:19:43:68:89:47:56: 5e:74:db:a9:56:f5:81:9a:c9:7d:37:0e:f3:cc:c7:bf:a4:c6: d7:32:cc:49:12:3b:fb:b8:6a:2d:34:44:8b:29:16:55:e6:ce: 3b:c2:16:58:43:b4:47:6f:fc:b1:d5:bd:38:6a:88:40:15:9e: cf:c5:4c:87:61:62:04:15:d9:44:33:25:a9:3c:8f:75:7e:49: 47:65:36:ef:e3:17:dc:1f:40:b3:38:34:5d:50:2d:16:c1:f1: 08:8d:f9:7f:80:e6:c5:e7:dc:1e:c3:8f:9d:db:18:a1:90:4d: 9c:70:73:96:3a:cc:95:45:5d:26:da:e2:00:cc:0e:97:a5:b1: 2b:1f:58:0b:1b:74:fc:df:80:08:80:93:aa:9f:bc:11:71:ef: f0:06:a5:b2:a4:2d:6a:d6:ff:5d:fb:47:84:8e:6b:b4:c0:44: cf:e7:6b:f3:63:32:59:22:b0:60:a5:39:d5:e7:f8:a1:6f:78: b0:4e:56:7d:7e:4d:c4:7a:7d:1d:19:63:d8:e4:1c:49:7d:6c: 55:2a:8e:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUwNzAyMTgxNTM3WhcNMjUwNzA5MTgxNTM3WjAYMRYwFAYD VQQDEw02ODY1Nzc0YS1hZDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+A1/CmwWbFiqqIjncExedA6i/oItuH8lSzqSX8igSZQKlPf6yX/gKux5ctl o7SWIQxQ1evkt30b+tCbTEMyf1fCULnD6uNgAE99PeMNFqvWLfjGVSXeVcJ8L5o5 BZ3qVpI1W+LLVP0TWhJpBZ1gI6pMu2CoMCOg7HTyY7NfXM6XcTvRL+XD0xkkUmYV I6Me6u1dHcRzwZCRdaOUmsSpTcSWElJl40K9p/oEwTLbJpv2h3oQaQE/0NC3vwZm x5TPyQC1dHKdPyuS9cGEHnjhoproAIR8ddFdUL6fXJnAM6gJCqyyhxzD/+GzDDxw meiOhTw1hepnOcCBYCDH+DGe6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCQBprTW zbI8ln4HXvpC2AkKnzQhMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTI4Qi8xRTAyNjRBQURCQzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVx Ty13UlNhRzlzdTJ5azhuWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBI9Vz/Tptd0XgJonaLPSAmyh4hy7Qmd43QGW7sufVA5fCPjDTelHLc DW1gEmDraMIZQ2iJR1ZedNupVvWBmsl9Nw7zzMe/pMbXMsxJEjv7uGotNESLKRZV 5s47whZYQ7RHb/yx1b04aohAFZ7PxUyHYWIEFdlEMyWpPI91fklHZTbv4xfcH0Cz ODRdUC0WwfEIjfl/gObF59wew4+d2xihkE2ccHOWOsyVRV0m2uIAzA6XpbErH1gL G3T834AIgJOqn7wRce/wBqWypC1q1v9d+0eEjmu0wETP52vzYzJZIrBgpTnV5/ih b3iwTlZ9fk3Een0dGWPY5BxJfWxVKo6p -----END CERTIFICATE-----Generated at Fri Jul 4 00:21:22 2025 by rpki-client