$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft File: U4XhOhtYRftEzutr7Y3rTomvOCk.mft (raw, json) Hash identifier: UwpvWZVn0tBm4S2L7XZFKqvgVnnowa2p4ahf4fzXwlM= Subject key identifier: 22:68:9E:66:A1:FD:E3:39:15:73:FB:11:60:C7:13:68:4A:0E:7B:7D Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 098D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft Manifest number: 097D Signing time: Wed 02 Jul 2025 20:22:48 +0000 Manifest this update: Wed 02 Jul 2025 20:22:47 +0000 Manifest next update: Wed 09 Jul 2025 20:22:47 +0000 Files and hashes: 1: U4XhOhtYRftEzutr7Y3rTomvOCk.crl (hash: pgkfWwj71KKjODld3qRdzgPmGP9dsGgSN77N8UkYhec=) 2: 3636BCD2937011EA8A795583C4F9AE02.roa (hash: Xd/9pByFb2cbZ9xoUnmDVjNmjmus87X0lFOERhfsZNI=) 3: 35831FCE937011EA8A795583C4F9AE02.roa (hash: N79J5/addSjvuTRJUjHpGEDoonJ5OZtfdl2v8Aonsr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2445 (0x98d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Validity Not Before: Jul 2 20:22:47 2025 GMT Not After : Jul 9 20:22:47 2025 GMT Subject: CN=68659518-b1c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e0:cc:47:64:b9:64:5f:08:8c:1b:0e:86:84: 7c:bc:b1:cd:d3:29:a1:6f:6f:cf:64:53:f1:48:f3: 49:80:c4:ff:ef:f3:ed:f6:f1:32:f2:bb:70:33:fc: b5:3f:08:93:4b:2b:53:eb:a8:cf:37:04:f5:35:a2: a0:38:b3:6b:d0:66:86:ed:21:05:35:56:66:ab:72: 3f:69:56:ef:58:a5:06:12:73:d5:e4:1b:e6:30:22: df:8a:dc:2a:3f:f9:d0:b9:18:85:17:50:fc:78:c9: 12:82:09:da:fb:98:a9:25:09:80:52:2a:2e:a7:12: 17:00:61:11:d8:c1:ab:1f:d1:9a:25:99:65:64:74: d7:8d:2c:ce:45:cf:1d:ea:2b:7e:8e:50:0c:a1:5f: d9:44:9d:26:7e:e4:0d:39:36:35:19:e6:75:c5:74: 84:fd:00:b8:88:07:aa:ff:58:19:d1:ed:23:59:83: 4e:10:86:35:93:6f:90:bb:65:e6:fe:f9:12:7b:cf: 37:26:5b:bc:a9:e3:19:e6:2b:47:d9:0f:22:11:72: 86:a9:06:17:bd:98:ba:27:7a:a2:19:8b:cf:8a:61: e0:c0:2a:b9:d6:1a:da:57:d5:41:d2:ee:15:d4:e0: e3:78:ec:a9:45:61:84:bb:68:23:16:92:7d:8f:b2: 8c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:68:9E:66:A1:FD:E3:39:15:73:FB:11:60:C7:13:68:4A:0E:7B:7D X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:b8:5c:e7:df:63:fa:19:67:39:fc:2e:ae:e0:ca:8d:35:2a: c0:b7:ba:5e:2b:b8:f7:23:28:a2:39:78:69:61:95:5a:65:87: 53:b1:e2:25:52:e3:9c:09:1e:36:3d:90:f0:64:cf:af:30:71: 98:c4:4f:51:46:c6:75:fc:5b:6c:2f:fc:7d:82:84:bc:c0:ae: 3d:19:55:55:53:45:ce:90:70:81:55:36:70:dd:80:5b:16:c6: 4f:94:a4:02:cd:f4:5d:73:cf:f4:66:b6:95:7b:9b:cd:7d:fc: f4:b5:f0:2f:af:3d:7b:f4:1d:0a:33:a1:82:14:40:57:40:2c: 4b:d8:92:d6:d8:55:c8:81:e8:26:61:d0:2e:37:39:a6:40:ca: 73:46:94:cd:20:3d:23:18:52:73:1e:cb:c3:7e:1f:89:86:5c: a7:0f:88:dd:61:23:48:a5:44:27:36:d1:51:49:ab:14:8e:78: e1:67:8f:a4:47:2e:22:cc:b0:74:4c:70:7a:4c:c2:19:32:70: 44:4c:9e:a6:71:4b:ee:e0:b2:ea:5a:ab:bc:3c:f3:29:a4:89: 8c:3f:c3:5d:77:26:8a:32:b7:f7:2d:c1:f6:89:90:5a:e6:84: 9c:f0:b4:a2:2b:7d:f6:98:75:ea:f0:2c:ca:fe:f4:88:09:1e: 5e:f1:39:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjUwNzAyMjAyMjQ3WhcNMjUwNzA5MjAyMjQ3WjAYMRYwFAYD VQQDEw02ODY1OTUxOC1iMWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzuDMR2S5ZF8IjBsOhoR8vLHN0ymhb2/PZFPxSPNJgMT/7/Pt9vEy8rtwM/y1 PwiTSytT66jPNwT1NaKgOLNr0GaG7SEFNVZmq3I/aVbvWKUGEnPV5BvmMCLfitwq P/nQuRiFF1D8eMkSggna+5ipJQmAUioupxIXAGER2MGrH9GaJZllZHTXjSzORc8d 6it+jlAMoV/ZRJ0mfuQNOTY1GeZ1xXSE/QC4iAeq/1gZ0e0jWYNOEIY1k2+Qu2Xm /vkSe883Jlu8qeMZ5itH2Q8iEXKGqQYXvZi6J3qiGYvPimHgwCq51hraV9VB0u4V 1ODjeOypRWGEu2gjFpJ9j7KMwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCJonmah /eM5FXP7EWDHE2hKDnt9MB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0ZFQi9DQjJDMzNFNjkzNkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJm dEV6dXRyN1kzclRvbXZPQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVuFzn32P6GWc5/C6u4MqNNSrAt7peK7j3IyiiOXhpYZVaZYdTseIl UuOcCR42PZDwZM+vMHGYxE9RRsZ1/FtsL/x9goS8wK49GVVVU0XOkHCBVTZw3YBb FsZPlKQCzfRdc8/0ZraVe5vNffz0tfAvrz179B0KM6GCFEBXQCxL2JLW2FXIgegm YdAuNzmmQMpzRpTNID0jGFJzHsvDfh+JhlynD4jdYSNIpUQnNtFRSasUjnjhZ4+k Ry4izLB0THB6TMIZMnBETJ6mcUvu4LLqWqu8PPMppImMP8NddyaKMrf3LcH2iZBa 5oSc8LSiK332mHXq8CzK/vSICR5e8TmD -----END CERTIFICATE-----Generated at Thu Jul 3 13:35:54 2025 by rpki-client