$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft File: 09eD7kxpu1Bj-1z1smKLx77DdIo.mft (raw, json) Hash identifier: I+D/t9GznIO3As5VKW6lGuOH6ednjKbh0YV3PfnGeJk= Subject key identifier: 6C:56:4E:1A:01:7C:95:79:26:D2:DC:6F:E2:A3:5A:FB:98:8B:2B:5C Authority key identifier: D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A Certificate issuer: /CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft Manifest number: 92 Signing time: Thu 03 Jul 2025 01:58:20 +0000 Manifest this update: Thu 03 Jul 2025 01:58:20 +0000 Manifest next update: Thu 10 Jul 2025 01:58:20 +0000 Files and hashes: 1: 09eD7kxpu1Bj-1z1smKLx77DdIo.crl (hash: 4cYXSl68AGYkyLVGfzzsBQCa9cdz+gIXKeCSQXK3jWs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:58:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Validity Not Before: Jul 3 01:58:20 2025 GMT Not After : Jul 10 01:58:20 2025 GMT Subject: CN=6865e3bc-a70a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e0:b9:c9:87:cc:6d:50:3c:d4:79:28:7c:cd: c8:2a:a0:0c:6f:2f:ab:8f:71:51:0e:eb:df:49:e1: 27:73:a2:10:59:31:8e:6b:33:87:a4:cf:53:a1:e1: ce:50:21:84:02:5a:df:45:d4:28:93:70:0e:b4:ee: a1:69:ee:79:90:ce:e0:2f:b8:ed:df:3c:30:86:cb: a9:12:03:90:d6:8b:27:87:3f:1b:7a:25:7b:6e:8b: f0:f7:a9:a3:0d:6e:3f:67:53:1b:3a:57:01:e2:a6: a9:01:c6:95:3d:57:b0:05:4e:13:72:49:34:5b:d3: 48:3f:6b:45:a3:09:bc:e7:02:78:b7:7c:2d:8b:42: a4:67:7b:6c:2f:87:72:ca:c0:e0:53:2c:5d:c3:08: dc:b1:43:1f:f7:2c:a4:7e:e1:16:65:21:4c:76:c3: f7:02:6d:09:89:30:2c:84:1c:0c:bd:05:00:59:ec: 9a:b2:f1:71:36:9f:11:ea:c1:cf:89:24:d7:6c:ed: f0:17:c5:e0:cf:38:b4:fc:0b:78:4d:c8:0c:5b:47: 98:c8:7d:c5:41:79:a7:13:c0:ae:c8:92:d3:4f:74: 00:df:b4:ae:67:42:91:60:90:a9:3c:3d:72:d8:0f: d4:a1:02:1e:8c:b2:bf:8f:e7:e7:70:ac:a5:ff:f9: ad:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:56:4E:1A:01:7C:95:79:26:D2:DC:6F:E2:A3:5A:FB:98:8B:2B:5C X509v3 Authority Key Identifier: keyid:D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:c6:c3:b2:d0:59:c7:5c:99:13:c1:c6:43:0f:a0:85:3c:4b: 1f:be:ac:9e:5d:22:7f:c2:a8:f7:e0:50:22:e7:a0:26:fe:4d: 3b:7e:8a:8a:5f:ca:e5:02:1e:76:54:04:8a:38:c7:58:bd:f0: 26:d4:6e:c8:d8:28:b6:91:05:46:f7:ce:30:be:40:b4:89:d1: bc:11:a4:29:8d:c4:54:56:b1:5b:22:88:3a:1c:83:49:cb:4b: 75:8d:76:e3:5d:8e:72:bf:40:f7:63:a8:70:b4:e7:46:74:e4: 12:bf:59:3d:df:68:e3:8b:54:ce:32:69:01:4f:40:0c:e5:2e: 01:f3:83:b5:49:0f:3c:3c:23:96:fa:4b:29:f1:3d:a1:e3:85: a0:d8:7b:de:b5:be:4a:15:6e:34:35:05:6e:78:f3:b1:f5:04: 79:9d:90:b6:80:0b:eb:d0:c3:69:9c:ad:43:a2:d7:26:0b:30: b2:ea:b9:4f:3d:8c:b5:44:86:e2:cf:58:87:c8:56:c8:fc:76: e1:53:47:95:41:a5:86:ad:51:92:b6:b7:4d:58:97:fb:5e:ca: fb:84:f0:b5:b5:c7:57:5f:4f:78:42:6f:05:19:4f:dd:52:e5: 41:15:74:ab:96:cf:be:1f:87:6a:dc:5c:ac:32:a2:ec:ed:e6: ba:a6:c3:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBNzcxMTAvBgNVBAUTKEQzRDc4M0VFNEM2OUJCNTA2M0ZCNUNGNUIyNjI4QkM3 QkVDMzc0OEEwHhcNMjUwNzAzMDE1ODIwWhcNMjUwNzEwMDE1ODIwWjAYMRYwFAYD VQQDEw02ODY1ZTNiYy1hNzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6OC5yYfMbVA81HkofM3IKqAMby+rj3FRDuvfSeEnc6IQWTGOazOHpM9ToeHO UCGEAlrfRdQok3AOtO6hae55kM7gL7jt3zwwhsupEgOQ1osnhz8beiV7bovw96mj DW4/Z1MbOlcB4qapAcaVPVewBU4Tckk0W9NIP2tFowm85wJ4t3wti0KkZ3tsL4dy ysDgUyxdwwjcsUMf9yykfuEWZSFMdsP3Am0JiTAshBwMvQUAWeyasvFxNp8R6sHP iSTXbO3wF8Xgzzi0/At4TcgMW0eYyH3FQXmnE8CuyJLTT3QA37SuZ0KRYJCpPD1y 2A/UoQIejLK/j+fncKyl//mtOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGxWThoB fJV5JtLcb+KjWvuYiytcMB8GA1UdIwQYMBaAFNPXg+5MabtQY/tc9bJii8e+w3SK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUE3Ny9BQjg1MzQ0MDdB M0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUxQmotMXoxc21LTHg3N0Rk SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzA5ZUQ3a3hwdTFCai0xejFzbUtMeDc3RGRJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUE3Ny9BQjg1MzQ0MDdBM0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUx QmotMXoxc21LTHg3N0RkSW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByxsOy0FnHXJkTwcZDD6CFPEsfvqyeXSJ/wqj34FAi56Am/k07foqK X8rlAh52VASKOMdYvfAm1G7I2Ci2kQVG984wvkC0idG8EaQpjcRUVrFbIog6HINJ y0t1jXbjXY5yv0D3Y6hwtOdGdOQSv1k932jji1TOMmkBT0AM5S4B84O1SQ88PCOW +ksp8T2h44Wg2Hvetb5KFW40NQVuePOx9QR5nZC2gAvr0MNpnK1DotcmCzCy6rlP PYy1RIbiz1iHyFbI/HbhU0eVQaWGrVGStrdNWJf7Xsr7hPC1tcdXX094Qm8FGU/d UuVBFXSrls++H4dq3FysMqLs7ea6psNC -----END CERTIFICATE-----Generated at Thu Jul 3 20:07:13 2025 by rpki-client