$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft File: 2gE-F4NYyzWot2XJvAkK6c8cT74.mft (raw, json) Hash identifier: nJqBQfX07vcV4OVyCgmeiJgcJCZO9+Twqfwvt0mLYGo= Subject key identifier: E9:30:C4:7C:D9:F6:E3:0A:5A:4E:53:00:0D:0E:98:0D:6D:D9:63:AA Authority key identifier: DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE Certificate issuer: /CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Certificate serial: 064B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft Manifest number: 0643 Signing time: Wed 02 Jul 2025 22:58:20 +0000 Manifest this update: Wed 02 Jul 2025 22:58:20 +0000 Manifest next update: Wed 09 Jul 2025 22:58:20 +0000 Files and hashes: 1: 2gE-F4NYyzWot2XJvAkK6c8cT74.crl (hash: 1MTmTfR+nMrZNaKl+PHYafYE+zAnR3vJMOawmEXnrkc=) 2: 3C5E55F041A411ECA73C8C0EC4F9AE02.roa (hash: KMuh5ult9LiAce0tih+7IUcHZQamzlPDZPCJthZ1JAs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 22:58:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1611 (0x64b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2C88, serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Validity Not Before: Jul 2 22:58:20 2025 GMT Not After : Jul 9 22:58:20 2025 GMT Subject: CN=6865b98c-4f2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:af:5f:cf:97:2a:27:68:55:8c:92:86:03:c7: cd:93:f2:0c:14:87:80:37:d0:03:e7:3b:15:71:5b: 92:7d:8a:e7:d6:c1:b7:28:9c:56:d1:11:06:09:3e: 87:5a:de:1c:56:92:15:60:5d:30:52:52:b3:ac:a2: 5d:a4:ea:e8:3d:bb:6a:fa:94:1c:f5:e2:a3:55:0b: 1e:e7:89:31:35:53:c4:0d:bb:8a:d8:93:0d:b5:6e: 1d:67:e4:01:a9:ff:be:68:88:20:17:5d:7b:bc:5a: 73:83:3a:e7:e7:19:91:9a:99:8c:43:a1:a1:4c:97: 30:1c:c5:3b:6c:fd:68:64:47:a0:8f:05:52:a9:9a: 85:fc:86:ef:9f:e1:99:15:c5:9d:ce:b9:0b:2a:86: a3:87:ed:ea:25:4a:d9:12:45:7c:4e:1f:cd:9a:c6: ba:8f:bc:ba:f3:43:de:46:b7:40:56:b3:c9:2e:6e: b7:cd:aa:88:c7:a2:af:4a:4e:aa:a1:99:3d:e8:20: ee:e2:68:a3:30:14:47:53:e7:25:cd:e1:51:30:67: 6f:58:25:9b:d2:01:13:9e:26:92:da:fd:81:56:79: e5:57:69:28:ea:4f:0b:98:3c:a6:96:ae:e8:87:02: c0:58:4f:58:a9:d5:a6:f0:d7:47:50:3a:ee:ab:8e: 27:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:30:C4:7C:D9:F6:E3:0A:5A:4E:53:00:0D:0E:98:0D:6D:D9:63:AA X509v3 Authority Key Identifier: keyid:DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:c7:54:dd:ff:ff:e0:28:3c:b0:e5:61:fd:d3:3a:54:d5:e5: 2c:10:8a:58:7b:76:2a:6b:74:05:4f:89:ea:7b:46:bc:3e:a5: 79:54:23:02:07:fb:d2:9a:d1:f6:8d:ac:4c:b7:a5:8e:d6:c1: 8d:51:99:fa:70:89:52:7f:a7:53:3e:9b:cf:df:b6:74:9b:b7: 3a:27:3b:6b:78:2a:39:89:67:b4:9d:29:56:94:bb:8f:1c:0e: 61:22:5c:ab:32:7b:ed:a1:3b:d0:16:37:b2:ac:05:c0:92:f8: db:f0:34:73:f2:dc:07:f1:7c:03:29:06:a7:96:47:fa:c5:6a: b2:df:d6:82:8a:5d:19:46:ec:87:e4:1d:f2:f9:39:c6:62:de: df:5f:81:c9:0d:92:42:f8:41:46:66:8b:90:9f:20:1b:fd:59: 2e:95:a0:e6:c5:09:58:6a:95:71:5f:f0:a2:89:f7:92:7e:fa: 78:98:47:ff:14:b5:b4:be:5b:d6:6a:f8:ec:a6:62:1d:af:b6: 81:96:84:0a:d3:12:36:22:55:3c:5a:41:5d:e8:ec:83:a6:75: 5e:c9:93:b0:00:52:59:23:0a:07:a9:07:6a:81:ab:f3:9c:6c: a3:ec:0a:0e:f7:31:dd:ec:6f:07:c4:5f:53:4c:25:17:ff:a6: a8:b6:c1:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDODgxMTAvBgNVBAUTKERBMDEzRTE3ODM1OENCMzVBOEI3NjVDOUJDMDkwQUU5 Q0YxQzRGQkUwHhcNMjUwNzAyMjI1ODIwWhcNMjUwNzA5MjI1ODIwWjAYMRYwFAYD VQQDEw02ODY1Yjk4Yy00ZjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw69fz5cqJ2hVjJKGA8fNk/IMFIeAN9AD5zsVcVuSfYrn1sG3KJxW0REGCT6H Wt4cVpIVYF0wUlKzrKJdpOroPbtq+pQc9eKjVQse54kxNVPEDbuK2JMNtW4dZ+QB qf++aIggF117vFpzgzrn5xmRmpmMQ6GhTJcwHMU7bP1oZEegjwVSqZqF/Ibvn+GZ FcWdzrkLKoajh+3qJUrZEkV8Th/Nmsa6j7y680PeRrdAVrPJLm63zaqIx6KvSk6q oZk96CDu4mijMBRHU+clzeFRMGdvWCWb0gETniaS2v2BVnnlV2ko6k8LmDymlq7o hwLAWE9YqdWm8NdHUDruq44nRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkwxHzZ 9uMKWk5TAA0OmA1t2WOqMB8GA1UdIwQYMBaAFNoBPheDWMs1qLdlybwJCunPHE++ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM4OC8yNDI5OURDQTk3 OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjROWXl6V290MlhKdkFrSzZjOGNU NzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJnRS1GNE5ZeXpXb3QyWEp2QWtLNmM4Y1Q3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkM4OC8yNDI5OURDQTk3OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjROWXl6 V290MlhKdkFrSzZjOGNUNzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKx1Td///gKDyw5WH90zpU1eUsEIpYe3Yqa3QFT4nqe0a8PqV5VCMC B/vSmtH2jaxMt6WO1sGNUZn6cIlSf6dTPpvP37Z0m7c6JztreCo5iWe0nSlWlLuP HA5hIlyrMnvtoTvQFjeyrAXAkvjb8DRz8twH8XwDKQanlkf6xWqy39aCil0ZRuyH 5B3y+TnGYt7fX4HJDZJC+EFGZouQnyAb/VkulaDmxQlYapVxX/CiifeSfvp4mEf/ FLW0vlvWavjspmIdr7aBloQK0xI2IlU8WkFd6OyDpnVeyZOwAFJZIwoHqQdqgavz nGyj7AoO9zHd7G8HxF9TTCUX/6aotsGU -----END CERTIFICATE-----Generated at Thu Jul 3 11:26:33 2025 by rpki-client