$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: /kgOYz9RBQ+u0oV17hNGXn6pjlgqBkSUo3NqPqAGG2w= Subject key identifier: B9:3B:94:4D:B4:AA:8D:6F:E7:7D:71:D6:09:A8:C4:0A:25:A4:75:B8 Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 34AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 349F Signing time: Wed 02 Jul 2025 15:12:21 +0000 Manifest this update: Wed 02 Jul 2025 15:12:20 +0000 Manifest next update: Wed 09 Jul 2025 15:12:20 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: /IbzhzCcwk2RZOSdWUDHMerGC4hUtHPCYHidspN/LjY=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:12:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13482 (0x34aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Jul 2 15:12:20 2025 GMT Not After : Jul 9 15:12:20 2025 GMT Subject: CN=68654c54-a77c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a5:93:76:47:a0:4e:e0:9b:ec:2d:45:3f:be: 68:c0:e2:2e:27:1a:98:f6:03:69:b2:c0:7c:d6:e6: 7f:1b:8e:00:47:94:39:a5:c1:9c:71:48:57:2c:88: c2:87:e9:8f:d3:ca:1d:04:70:2c:86:9e:90:4b:e4: 60:54:16:5c:5b:e4:de:90:a9:44:ff:b3:a5:a4:2e: 75:6e:ca:ed:1d:63:9c:8c:e9:18:e9:cf:a3:f3:a0: 53:9b:08:75:72:51:d8:5a:74:19:1a:7a:59:46:6d: d2:98:d0:94:5a:6b:fc:9a:4c:77:e6:6a:b0:58:6e: c4:b0:b4:28:c2:6b:cb:79:4d:48:f1:f6:8a:8a:ac: 12:c6:15:ae:f0:89:11:cd:00:86:52:25:2c:f0:38: 38:c1:91:c7:93:66:c0:72:68:33:9a:47:ea:9a:42: 33:7d:34:e2:74:8b:49:73:8e:1d:8d:90:f1:bf:ac: 8b:43:78:a2:a7:25:51:57:69:4e:b9:a9:f2:7e:a3: 94:b8:ae:0c:2d:46:b8:0f:5e:7f:07:65:15:93:c6: 59:a0:b1:7b:d1:6f:5d:49:82:45:3b:0c:8c:d3:32: 5c:4b:da:16:12:f9:46:6c:6f:cb:ad:2d:57:12:5f: c4:26:31:83:bc:ea:07:f1:36:ac:52:88:ac:25:b1: f2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:3B:94:4D:B4:AA:8D:6F:E7:7D:71:D6:09:A8:C4:0A:25:A4:75:B8 X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:77:33:94:22:0d:b7:c0:63:e1:c6:83:57:91:5e:7e:04:bb: d0:fb:95:04:2a:1e:c8:2c:8c:f1:18:f5:ce:75:26:7b:36:69: c8:d6:0f:57:0d:0b:d8:b0:65:cb:5f:3a:c1:60:f5:dd:9f:f7: 27:d2:30:71:b8:69:93:a8:b5:ff:b8:97:1c:af:38:18:46:63: 49:02:df:2a:4a:f2:22:3a:6c:b2:75:f1:32:21:2e:a1:e1:7a: 8b:0c:20:4d:de:3f:41:ef:d8:dd:a7:bb:a1:40:f7:cc:d4:60: 9d:69:7b:87:3f:0c:9b:ba:32:c3:c2:01:83:1d:70:1e:a4:b6: b9:95:5c:5c:1b:af:47:04:2a:78:5c:ec:80:f9:6b:4f:6f:5e: 74:34:39:b5:06:de:9e:05:25:f2:72:f3:b2:54:72:b1:e9:93: 4d:5c:24:8c:32:53:1b:42:28:cb:9f:61:e2:bb:fb:76:1e:f1: 2a:ae:3b:ce:00:b6:a1:99:16:f5:f2:ea:c9:04:48:b6:fa:7f: 30:bb:9f:49:0c:f6:15:02:d6:31:c3:b5:a4:ec:63:c1:4f:5e: f2:02:55:5e:d0:81:76:aa:a4:ff:d6:4c:89:e9:1e:ce:b1:be: e0:c4:ae:e5:a2:81:50:b5:9c:44:9f:5f:a9:95:11:88:a6:a2: c2:98:a3:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwNzAyMTUxMjIwWhcNMjUwNzA5MTUxMjIwWjAYMRYwFAYD VQQDEw02ODY1NGM1NC1hNzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr6WTdkegTuCb7C1FP75owOIuJxqY9gNpssB81uZ/G44AR5Q5pcGccUhXLIjC h+mP08odBHAshp6QS+RgVBZcW+TekKlE/7OlpC51bsrtHWOcjOkY6c+j86BTmwh1 clHYWnQZGnpZRm3SmNCUWmv8mkx35mqwWG7EsLQowmvLeU1I8faKiqwSxhWu8IkR zQCGUiUs8Dg4wZHHk2bAcmgzmkfqmkIzfTTidItJc44djZDxv6yLQ3iipyVRV2lO uanyfqOUuK4MLUa4D15/B2UVk8ZZoLF70W9dSYJFOwyM0zJcS9oWEvlGbG/LrS1X El/EJjGDvOoH8TasUoisJbHyLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLk7lE20 qo1v531x1gmoxAolpHW4MB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAadzOUIg23wGPhxoNXkV5+BLvQ+5UEKh7ILIzxGPXOdSZ7NmnI1g9X DQvYsGXLXzrBYPXdn/cn0jBxuGmTqLX/uJccrzgYRmNJAt8qSvIiOmyydfEyIS6h 4XqLDCBN3j9B79jdp7uhQPfM1GCdaXuHPwybujLDwgGDHXAepLa5lVxcG69HBCp4 XOyA+WtPb150NDm1Bt6eBSXycvOyVHKx6ZNNXCSMMlMbQijLn2Hiu/t2HvEqrjvO ALahmRb18urJBEi2+n8wu59JDPYVAtYxw7Wk7GPBT17yAlVe0IF2qqT/1kyJ6R7O sb7gxK7looFQtZxEn1+plRGIpqLCmKOl -----END CERTIFICATE-----Generated at Thu Jul 3 06:59:54 2025 by rpki-client