$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: ih1TKRonZWisRnzVUZJEo8Fe4oEHtIvur7D6+GNbbCc= Subject key identifier: 91:AE:DD:77:FD:D2:4F:8A:6A:CA:3F:C9:14:D8:2D:70:F8:13:C2:34 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 013A Signing time: Thu 03 Jul 2025 04:32:21 +0000 Manifest this update: Thu 03 Jul 2025 04:32:21 +0000 Manifest next update: Thu 10 Jul 2025 04:32:21 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: L/5xNlqc41yWE9huN5lRcBdTyHdP1ifSLegRzsxEeEI=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Jul 3 04:32:21 2025 GMT Not After : Jul 10 04:32:21 2025 GMT Subject: CN=686607d5-922c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f5:f8:95:c4:19:f0:bb:71:fd:2e:98:7b:42: 6b:46:f9:05:43:0c:b9:b4:44:59:c6:cd:af:c5:25: 5a:27:71:32:63:09:59:94:ba:50:58:cf:1c:f8:35: ef:25:fb:2d:1a:5b:3d:80:84:5f:4e:85:03:93:61: 5c:2c:83:a0:12:5c:ec:c5:de:43:9c:0c:f0:4d:ad: ad:bb:52:93:be:34:27:93:46:93:47:5e:58:60:24: 1d:d8:a6:3d:5a:a1:3e:49:77:25:e2:ba:84:23:1a: a5:aa:93:cd:dc:54:cb:16:8f:4e:06:8b:ad:24:63: a6:e5:af:e3:3d:5a:47:ac:fa:d6:06:d5:e1:8a:bd: 38:36:77:00:bb:78:e8:a5:b7:b5:43:10:da:5d:e2: 6d:a0:c2:62:18:ce:69:69:e3:43:95:a4:c3:a2:f0: 10:8f:df:b4:38:d4:55:22:3a:31:15:6b:ce:e0:b2: d4:47:84:17:02:8b:7b:17:ba:95:c5:8e:ad:02:e4: f6:a0:31:fe:01:fc:e9:a3:79:b1:57:f2:49:4c:e0: d6:fc:6c:68:d2:e5:9e:3d:49:fd:9d:88:8d:ab:4a: ab:bc:0f:fb:97:ca:60:a7:2f:42:31:87:a3:14:63: 30:f7:74:19:46:67:de:8c:9a:55:db:88:4e:74:11: 68:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:AE:DD:77:FD:D2:4F:8A:6A:CA:3F:C9:14:D8:2D:70:F8:13:C2:34 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:06:a1:29:d9:06:4b:b4:60:11:c5:02:76:a9:99:d8:c6:c8: 06:e3:47:07:79:5d:49:a6:06:dd:6e:d2:e7:8f:0f:fe:05:f9: 47:be:77:86:98:7f:3f:4a:a4:11:31:6f:03:50:48:5e:2b:68: 23:a2:eb:20:ca:bf:9e:4d:20:55:63:01:06:bc:b3:4c:f7:14: af:0d:11:dc:7a:a5:be:67:5c:be:05:8c:1d:f3:6c:c4:1b:57: 0b:be:d4:fa:3c:cc:6c:a3:85:1a:6b:af:a2:27:78:93:7f:21: c2:f2:9b:d9:f5:2b:52:1a:53:7e:55:ec:b1:cf:85:ef:37:9c: 83:6f:6f:da:6b:ce:4e:4e:8e:a7:d9:e9:92:53:b6:bb:03:05: 16:33:59:c2:30:f9:a2:c1:d2:a8:b0:29:be:6e:c1:c1:38:c7: 45:73:87:97:84:ef:ce:58:57:68:66:85:37:d7:a0:2b:8d:09: b3:d1:32:c2:00:70:d0:0a:b9:ec:b3:e0:b6:0c:9d:69:8b:92: 91:98:26:96:6d:1a:83:5a:d9:ed:ba:fa:15:30:0b:d1:10:4a: 47:be:35:52:f4:90:37:4d:a2:2d:c3:e9:32:76:1c:5c:0e:20: 0b:da:4a:81:94:19:89:9e:3a:a7:37:bb:eb:1e:6a:3a:fe:19: 23:0b:f3:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwNzAzMDQzMjIxWhcNMjUwNzEwMDQzMjIxWjAYMRYwFAYD VQQDEw02ODY2MDdkNS05MjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/X4lcQZ8Ltx/S6Ye0JrRvkFQwy5tERZxs2vxSVaJ3EyYwlZlLpQWM8c+DXv JfstGls9gIRfToUDk2FcLIOgElzsxd5DnAzwTa2tu1KTvjQnk0aTR15YYCQd2KY9 WqE+SXcl4rqEIxqlqpPN3FTLFo9OBoutJGOm5a/jPVpHrPrWBtXhir04NncAu3jo pbe1QxDaXeJtoMJiGM5paeNDlaTDovAQj9+0ONRVIjoxFWvO4LLUR4QXAot7F7qV xY6tAuT2oDH+Afzpo3mxV/JJTODW/Gxo0uWePUn9nYiNq0qrvA/7l8pgpy9CMYej FGMw93QZRmfejJpV24hOdBFonQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGu3Xf9 0k+Kaso/yRTYLXD4E8I0MB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUBqEp2QZLtGARxQJ2qZnYxsgG40cHeV1JpgbdbtLnjw/+BflHvneG mH8/SqQRMW8DUEheK2gjousgyr+eTSBVYwEGvLNM9xSvDRHceqW+Z1y+BYwd82zE G1cLvtT6PMxso4Uaa6+iJ3iTfyHC8pvZ9StSGlN+Veyxz4XvN5yDb2/aa85OTo6n 2emSU7a7AwUWM1nCMPmiwdKosCm+bsHBOMdFc4eXhO/OWFdoZoU316ArjQmz0TLC AHDQCrnss+C2DJ1pi5KRmCaWbRqDWtntuvoVMAvREEpHvjVS9JA3TaItw+kydhxc DiAL2kqBlBmJnjqnN7vrHmo6/hkjC/OC -----END CERTIFICATE-----Generated at Thu Jul 3 10:08:51 2025 by rpki-client