$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft File: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft (raw, json) Hash identifier: rB3nv1smf6OFeoUp4QQvF2fclWl5EtBp1pUvyqBtzqM= Subject key identifier: 9E:5A:02:28:7F:CD:D0:95:89:F5:85:3B:B8:EC:B3:F6:A0:41:5C:14 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 3571 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft Manifest number: 34F5 Signing time: Mon 30 Jun 2025 14:28:06 +0000 Manifest this update: Mon 30 Jun 2025 14:28:06 +0000 Manifest next update: Mon 07 Jul 2025 14:28:06 +0000 Files and hashes: 1: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl (hash: 9Uh/t9PzraaZ8eWXYxjL1CaZjw2V0wYUCAX6E5PXUhk=) 2: DF8602D05E5B11ED994E491CC4F9AE02.roa (hash: KKCg2NooRoQGuF3KYpzz51c9C/45UUPObnLo2e5njhU=) 3: D0886954188811EC8E86754FC4F9AE02.roa (hash: yPv2xJqSMbxdqO3CUxzFvtSmE89AHilhOo/061TH8FU=) 4: AB9889725E5E11EDB5361D3BC4F9AE02.roa (hash: nfNjfg1IXDDhMM0k16fT6xDTUZvLHRQ/C+xvVXQFUFE=) 5: 99CF729E221011ED980A6F47C4F9AE02.roa (hash: iSQxLeiRN1fYoIns2yWqQhKW9w0d7Bh4Hi7g+FcoiAo=) 6: 491E49AECDCA11ED8F57D386C4F9AE02.roa (hash: GOobL3IcAmOzxEXI8Av9eECmrglVLT+e8Yk36aU9ns8=) 7: 9F3A919468D811EFB2FE405FC4F9AE02.roa (hash: ZaxlSh3XWBv2fOJrVopMAyhJjHEvnP8TGG96c6iuXcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:28:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13681 (0x3571) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Jun 30 14:28:06 2025 GMT Not After : Jul 7 14:28:06 2025 GMT Subject: CN=68629ef6-bd15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fa:6c:de:00:41:1c:a7:a6:58:d6:2d:47:4b: 0a:2e:df:3c:e0:7b:b9:c2:99:55:f9:23:62:44:61: e8:0f:9d:fe:b5:9f:d4:f6:d1:89:95:16:d0:8b:a3: 8b:98:71:ec:3c:2d:a8:db:95:36:19:b7:e6:8e:53: a2:2c:c1:87:d9:e9:52:fb:8c:e3:cb:15:d7:c8:d4: 34:a9:8f:0c:a5:63:80:81:c5:3c:25:00:8a:4a:7e: ab:f2:0c:e5:f3:97:9d:c3:e6:3f:1d:4f:03:10:f3: f4:66:45:95:3b:08:05:fd:69:de:87:98:12:7c:10: d5:6c:7b:ea:00:df:0a:af:42:22:64:c8:7f:22:d3: 3e:1f:66:73:2c:ba:68:a4:3c:47:34:fa:cf:06:35: 62:1d:cd:20:6c:d8:70:25:f6:a9:28:3a:7f:8b:aa: d3:a2:fe:f3:4d:ff:c5:ac:a3:c6:3e:ba:2a:0d:b2: 70:98:46:04:7e:64:31:0a:3c:6f:32:45:23:2b:05: 42:09:23:a8:8c:bd:73:36:80:43:93:54:00:8f:bc: f8:d1:b4:ac:8b:56:d7:da:ef:8c:65:c6:29:43:2e: 5a:af:16:ac:fa:b9:00:34:29:00:9e:a1:f3:ef:69: 09:6d:be:c6:21:0f:40:4d:fc:f1:90:93:c5:2e:09: 2b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:5A:02:28:7F:CD:D0:95:89:F5:85:3B:B8:EC:B3:F6:A0:41:5C:14 X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:df:af:fd:38:61:97:84:78:38:a3:2b:62:24:77:f5:06:6a: c1:10:46:35:07:99:4e:94:de:38:16:5f:21:84:d7:91:73:93: dd:8b:25:69:08:06:40:83:56:e4:36:7e:03:d4:b3:a2:43:e5: 94:a7:c9:6d:c4:90:75:8c:b1:13:77:19:49:b6:03:1c:dd:76: e2:ff:3c:10:49:ce:0c:de:c8:66:b9:7e:9d:ee:a6:57:46:f1: 25:67:fd:18:7b:38:eb:49:4a:37:37:13:12:50:f8:60:19:a5: 2a:18:18:f7:75:9b:1f:1c:99:5b:06:42:b9:d3:94:81:1a:30: 9c:f4:97:ac:d5:d0:61:19:77:af:71:47:db:ef:17:70:36:62: 56:69:d9:40:5a:fb:b5:0b:03:4b:d4:6a:28:73:08:e4:c7:69: 44:dd:8c:f7:3e:1a:fb:44:c8:f8:54:6a:ca:38:6b:60:45:28: 12:b8:70:c0:55:48:10:1d:e2:3a:a0:63:25:e9:26:d3:46:9a: 01:0d:15:1c:6c:bd:3d:03:2f:73:19:e4:ab:c9:33:ed:a0:3d: 03:fb:8d:43:16:39:ee:4c:18:3c:55:64:f8:2b:15:bc:62:ba: 6d:8c:7d:52:60:05:69:90:02:19:9d:59:1d:a3:51:0c:3e:62: 46:b0:82:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjUwNjMwMTQyODA2WhcNMjUwNzA3MTQyODA2WjAYMRYwFAYD VQQDEw02ODYyOWVmNi1iZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwfps3gBBHKemWNYtR0sKLt884Hu5wplV+SNiRGHoD53+tZ/U9tGJlRbQi6OL mHHsPC2o25U2GbfmjlOiLMGH2elS+4zjyxXXyNQ0qY8MpWOAgcU8JQCKSn6r8gzl 85edw+Y/HU8DEPP0ZkWVOwgF/Wneh5gSfBDVbHvqAN8Kr0IiZMh/ItM+H2ZzLLpo pDxHNPrPBjViHc0gbNhwJfapKDp/i6rTov7zTf/FrKPGProqDbJwmEYEfmQxCjxv MkUjKwVCCSOojL1zNoBDk1QAj7z40bSsi1bX2u+MZcYpQy5arxas+rkANCkAnqHz 72kJbb7GIQ9ATfzxkJPFLgkrnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ5aAih/ zdCVifWFO7jss/agQVwUMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkY0Ny9CNEE4NkMzODFEODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQ cmlsd3lWUS1oSnFRX25OMUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA736/9OGGXhHg4oytiJHf1BmrBEEY1B5lOlN44Fl8hhNeRc5PdiyVp CAZAg1bkNn4D1LOiQ+WUp8ltxJB1jLETdxlJtgMc3Xbi/zwQSc4M3shmuX6d7qZX RvElZ/0YezjrSUo3NxMSUPhgGaUqGBj3dZsfHJlbBkK505SBGjCc9Jes1dBhGXev cUfb7xdwNmJWadlAWvu1CwNL1Goocwjkx2lE3Yz3Phr7RMj4VGrKOGtgRSgSuHDA VUgQHeI6oGMl6SbTRpoBDRUcbL09Ay9zGeSryTPtoD0D+41DFjnuTBg8VWT4KxW8 YrptjH1SYAVpkAIZnVkdo1EMPmJGsIJ7 -----END CERTIFICATE-----Generated at Wed Jul 2 11:39:53 2025 by rpki-client