$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft File: 2en59z7k9bHN8XYsLfODKVCja30.mft (raw, json) Hash identifier: 6sR2M4zC77KEIB1ay1DY1wRwOnr9GtEERfMuLH6NOhc= Subject key identifier: 55:D0:7C:1A:C2:D6:8A:C1:3D:0D:5D:B9:9F:23:9B:83:2A:A2:C1:71 Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Certificate serial: 34A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft Manifest number: 349C Signing time: Wed 02 Jul 2025 15:01:12 +0000 Manifest this update: Wed 02 Jul 2025 15:01:12 +0000 Manifest next update: Wed 09 Jul 2025 15:01:12 +0000 Files and hashes: 1: 2en59z7k9bHN8XYsLfODKVCja30.crl (hash: MlYHajkMhFrpPjxKOfQypM7riGPiHUUlkGg6eyDY2HQ=) 2: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (hash: RzsyMG8grNRl/TU/HKZlXJ7ZiLnl0fu14E8Z0lJpa0Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13474 (0x34a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AACB2, serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Validity Not Before: Jul 2 15:01:12 2025 GMT Not After : Jul 9 15:01:12 2025 GMT Subject: CN=686549b8-c2fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:7b:58:7b:0b:ef:6c:4d:d5:25:5b:97:7e:67: bb:f6:a8:76:3c:ce:3a:e0:04:fe:de:60:0a:db:ea: 98:a3:d9:c0:0e:ab:36:ee:96:11:fe:0a:4e:93:4b: e3:ac:6a:32:b3:34:9b:ab:f2:1c:c7:a5:25:46:52: 59:11:48:10:33:f2:aa:2e:12:58:04:62:05:0e:19: 18:ac:0c:82:a2:f9:ee:76:55:43:73:f5:38:14:36: 86:7f:0e:81:90:9d:81:1f:0d:39:d4:c9:d2:f5:66: e8:16:3b:cc:bc:ec:d6:8f:98:0a:52:74:99:9a:10: 6a:0a:c6:6b:f9:f6:0a:fe:6b:90:b0:a9:a7:ab:91: e7:9c:62:e2:e4:37:ba:64:51:e5:08:a4:e2:19:d5: e9:46:27:67:d3:a4:f7:31:23:c1:a7:98:72:8d:22: 9c:6f:1e:18:1a:75:0d:b7:ed:80:f3:54:31:af:43: 8b:ad:af:7d:20:1e:8f:4b:46:33:0d:e5:15:30:bc: 2b:f7:e6:77:98:96:e9:be:b9:98:13:be:88:ba:3b: 7b:4e:1c:f6:2e:ae:79:af:44:5e:6c:ae:2c:cb:e2: 90:b1:be:29:f4:e1:14:b9:8d:38:82:b4:3a:03:92: db:09:9a:d9:17:88:46:84:ff:0b:9e:dd:d1:93:dc: 93:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:D0:7C:1A:C2:D6:8A:C1:3D:0D:5D:B9:9F:23:9B:83:2A:A2:C1:71 X509v3 Authority Key Identifier: keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:37:d4:d5:a8:b1:57:54:9e:70:fc:75:e4:d5:66:15:b0:aa: fe:58:c4:78:30:a9:9e:4c:e6:0c:76:a7:4b:49:b3:40:72:5c: ad:f4:33:69:e5:4c:ce:b8:82:ad:f3:b2:ab:b3:f5:93:a5:f5: 35:09:d0:05:7a:69:eb:1f:29:5c:8c:c2:f7:26:2a:56:ba:13: 5a:57:2b:c4:87:67:da:3e:b9:7b:8f:03:33:02:0d:4a:06:9b: e6:d2:0b:13:7e:07:62:2f:ff:5a:74:b7:57:4c:99:97:56:92: 1d:ef:ca:c3:27:fe:94:1c:b2:91:dc:3e:80:89:8e:b2:d0:78: d3:b9:5d:41:6f:e9:3a:ed:9f:5f:c7:d1:db:64:5a:d4:e1:8a: a5:99:fe:06:00:f0:cf:d8:a3:90:3a:a5:17:09:14:fd:b9:86: 4c:db:b5:56:f6:46:5b:a3:18:62:77:2a:48:26:94:4a:19:5c: 85:c5:5e:27:78:f9:e3:10:78:c7:e4:a1:da:34:c3:37:00:ec: f2:b5:b0:21:d9:fa:2c:e7:f6:4c:0e:6f:b0:8f:40:bc:af:29: f2:d3:13:0c:de:a0:bd:65:07:e1:b6:e4:60:d7:c4:42:52:08: 06:78:ff:9e:91:50:36:9c:a7:01:4a:9c:09:22:18:5e:b3:e4: 78:a3:21:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5 NTBBMzZCN0QwHhcNMjUwNzAyMTUwMTEyWhcNMjUwNzA5MTUwMTEyWjAYMRYwFAYD VQQDEw02ODY1NDliOC1jMmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyHtYewvvbE3VJVuXfme79qh2PM464AT+3mAK2+qYo9nADqs27pYR/gpOk0vj rGoyszSbq/Icx6UlRlJZEUgQM/KqLhJYBGIFDhkYrAyCovnudlVDc/U4FDaGfw6B kJ2BHw051MnS9WboFjvMvOzWj5gKUnSZmhBqCsZr+fYK/muQsKmnq5HnnGLi5De6 ZFHlCKTiGdXpRidn06T3MSPBp5hyjSKcbx4YGnUNt+2A81Qxr0OLra99IB6PS0Yz DeUVMLwr9+Z3mJbpvrmYE76Iujt7Thz2Lq55r0RebK4sy+KQsb4p9OEUuY04grQ6 A5LbCZrZF4hGhP8Lnt3Rk9yTlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFXQfBrC 1orBPQ1duZ8jm4MqosFxMB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUNCMi8zN0Q1QTNERTFEOUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azli SE44WFlzTGZPREtWQ2phMzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxN9TVqLFXVJ5w/HXk1WYVsKr+WMR4MKmeTOYMdqdLSbNAclyt9DNp 5UzOuIKt87Krs/WTpfU1CdAFemnrHylcjML3JipWuhNaVyvEh2faPrl7jwMzAg1K Bpvm0gsTfgdiL/9adLdXTJmXVpId78rDJ/6UHLKR3D6AiY6y0HjTuV1Bb+k67Z9f x9HbZFrU4Yqlmf4GAPDP2KOQOqUXCRT9uYZM27VW9kZboxhidypIJpRKGVyFxV4n ePnjEHjH5KHaNMM3AOzytbAh2fos5/ZMDm+wj0C8ryny0xMM3qC9ZQfhtuRg18RC UggGeP+ekVA2nKcBSpwJIhhes+R4oyGc -----END CERTIFICATE-----Generated at Fri Jul 4 00:39:21 2025 by rpki-client