$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft File: 3COmnqHvwaN5SSwT6awUfEn1rQQ.mft (raw, json) Hash identifier: efw9vPD/JMaKvUdbg7psyijktLGpP+XQ3vmkXrH8nGU= Subject key identifier: D0:3B:37:57:2B:8C:41:0B:45:7B:BE:1F:1E:CB:39:57:BE:BC:55:72 Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 Certificate issuer: /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Certificate serial: 01E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft Manifest number: 01B8 Signing time: Thu 03 Jul 2025 03:39:52 +0000 Manifest this update: Thu 03 Jul 2025 03:39:51 +0000 Manifest next update: Thu 10 Jul 2025 03:39:51 +0000 Files and hashes: 1: 3COmnqHvwaN5SSwT6awUfEn1rQQ.crl (hash: jymhtYNfN5xGjS2lNkrf9GELKWP7Hu2c6d0xQ3Ru9HY=) 2: CBF7E2CE2D3611EEA81A490BC4F9AE02.roa (hash: q2jyIpsgOSZMDylILKfsOrMIus5pnrAFZdrI/kJzgvw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 485 (0x1e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB4C2, serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Validity Not Before: Jul 3 03:39:51 2025 GMT Not After : Jul 10 03:39:51 2025 GMT Subject: CN=6865fb88-c61d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:f0:97:89:14:35:d7:27:0e:f1:20:4c:f5:97: 13:1c:03:74:6b:b3:2e:0f:49:d4:63:dc:9b:a8:6d: 35:19:36:a1:b8:81:4f:a2:b7:ce:a4:03:01:c1:81: fa:32:2f:75:ef:11:a9:50:23:cd:bb:4a:de:a6:cc: d7:96:34:da:30:0f:73:9c:8e:d5:04:35:7e:a0:37: 42:1e:43:6d:53:ac:6e:5c:f5:b5:51:8c:56:6c:d0: 25:4c:9b:b6:a6:d4:0a:aa:c9:14:43:9b:d2:d6:1a: fb:b2:13:ce:06:ec:5e:27:ac:8a:f0:7e:c7:21:8e: f1:08:d8:e4:dc:25:59:ec:5e:7b:27:b8:04:2d:f5: 5b:cf:75:3f:9a:83:8d:eb:a7:23:87:69:d0:c0:f9: a5:5b:3a:d4:28:f2:5c:3d:fb:62:62:17:10:2c:ab: b0:60:c3:36:24:86:69:c6:1f:23:ff:58:ad:be:9c: a1:9e:25:a6:7f:88:cd:3b:5b:a1:11:96:f9:ac:87: 8f:d3:4c:c2:81:c4:93:e2:14:1d:7d:9f:be:07:f9: a3:b4:17:b1:0c:4d:ea:75:90:a2:b9:1f:7a:43:5a: 17:40:a9:bb:0a:30:77:b1:cf:76:48:55:36:d9:13: 01:e6:b3:ff:6e:15:c6:66:45:33:b0:13:66:96:1a: 51:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:3B:37:57:2B:8C:41:0B:45:7B:BE:1F:1E:CB:39:57:BE:BC:55:72 X509v3 Authority Key Identifier: keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:1e:95:4e:dd:37:5a:06:ea:74:67:f7:d5:c8:e6:dc:c1:cd: b5:69:f1:6a:a4:69:fa:8a:3c:3d:9d:f8:07:7d:a4:82:83:64: d6:37:3b:17:5c:36:99:db:50:24:7d:50:f0:9a:57:ba:89:34: 04:ed:76:c4:09:84:d1:28:08:52:b6:72:11:cd:90:82:82:43: 21:69:f2:e4:be:3f:df:57:44:5f:22:11:c0:85:c6:1e:5d:c7: bf:ec:16:30:bf:26:c0:c6:97:b0:ba:2b:6b:d7:b5:6f:c7:e9: 88:68:65:03:b1:1d:3b:43:fe:84:97:12:9d:35:97:bf:81:97: 4d:52:4b:a5:fd:77:4d:2b:5c:90:a9:98:c7:7a:e7:42:9c:79: 5c:a8:58:85:38:cb:17:b0:0d:aa:f1:2c:5c:30:69:8b:8a:0b: 80:48:32:75:81:5f:6e:05:6b:15:07:e9:1b:15:89:0f:dc:31: cf:f7:11:06:c2:c3:83:ed:a0:56:c3:c7:f2:65:93:47:e5:19: fa:66:93:0d:e5:87:d9:75:df:9b:cb:81:52:bd:31:2f:f9:30: 10:99:e2:14:df:19:9b:d1:d3:08:b0:02:5e:e2:de:05:c5:61: c1:a3:df:80:b4:1b:3a:e0:88:b6:ac:4f:a9:62:f8:a3:b3:32: d5:8a:d0:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0QzIxMTAvBgNVBAUTKERDMjNBNjlFQTFFRkMxQTM3OTQ5MkMxM0U5QUMxNDdD NDlGNUFEMDQwHhcNMjUwNzAzMDMzOTUxWhcNMjUwNzEwMDMzOTUxWjAYMRYwFAYD VQQDEw02ODY1ZmI4OC1jNjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5fCXiRQ11ycO8SBM9ZcTHAN0a7MuD0nUY9ybqG01GTahuIFPorfOpAMBwYH6 Mi917xGpUCPNu0repszXljTaMA9znI7VBDV+oDdCHkNtU6xuXPW1UYxWbNAlTJu2 ptQKqskUQ5vS1hr7shPOBuxeJ6yK8H7HIY7xCNjk3CVZ7F57J7gELfVbz3U/moON 66cjh2nQwPmlWzrUKPJcPftiYhcQLKuwYMM2JIZpxh8j/1itvpyhniWmf4jNO1uh EZb5rIeP00zCgcST4hQdfZ++B/mjtBexDE3qdZCiuR96Q1oXQKm7CjB3sc92SFU2 2RMB5rP/bhXGZkUzsBNmlhpRwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNA7N1cr jEELRXu+Hx7LOVe+vFVyMB8GA1UdIwQYMBaAFNwjpp6h78GjeUksE+msFHxJ9a0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjRDMi9CMTdFOTVENjAz NzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndhTjVTU3dUNmF3VWZFbjFy UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndh TjVTU3dUNmF3VWZFbjFyUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpHpVO3TdaBup0Z/fVyObcwc21afFqpGn6ijw9nfgHfaSCg2TWNzsX XDaZ21AkfVDwmle6iTQE7XbECYTRKAhStnIRzZCCgkMhafLkvj/fV0RfIhHAhcYe Xce/7BYwvybAxpewuitr17Vvx+mIaGUDsR07Q/6ElxKdNZe/gZdNUkul/XdNK1yQ qZjHeudCnHlcqFiFOMsXsA2q8SxcMGmLiguASDJ1gV9uBWsVB+kbFYkP3DHP9xEG wsOD7aBWw8fyZZNH5Rn6ZpMN5YfZdd+by4FSvTEv+TAQmeIU3xmb0dMIsAJe4t4F xWHBo9+AtBs64Ii2rE+pYvijszLVitCN -----END CERTIFICATE-----Generated at Thu Jul 3 08:07:01 2025 by rpki-client