$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.mft File: iZOTjIV1ACgOj15T3As-kweu1Kc.mft (raw, json) Hash identifier: YsE2OGPtJlk4GLSnMwvbv4am07YHwKdBV6a/iHQr+XY= Subject key identifier: 66:CB:3A:72:25:15:BC:49:31:65:1E:38:CF:F7:19:08:CC:CD:77:AD Authority key identifier: 89:93:93:8C:85:75:00:28:0E:8F:5E:53:DC:0B:3E:93:07:AE:D4:A7 Certificate issuer: /CN=A91BD3E1/serialNumber=8993938C857500280E8F5E53DC0B3E9307AED4A7 Certificate serial: 63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iZOTjIV1ACgOj15T3As-kweu1Kc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.mft Manifest number: 61 Signing time: Sat 23 Aug 2025 07:19:47 +0000 Manifest this update: Sat 23 Aug 2025 07:19:47 +0000 Manifest next update: Sat 30 Aug 2025 07:19:47 +0000 Files and hashes: 1: iZOTjIV1ACgOj15T3As-kweu1Kc.crl (hash: 3SYeFklFbZuc7wipK9MfdibkFYLJzcDaWzNMufKLMoo=) 2: 459FAF10EF4811EF8F4B9284C4F9AE02.roa (hash: t4VsjBzDPnCNqQJ4/+l/e7o+o8AvICh72VVWJ8BMmY0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.crl rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iZOTjIV1ACgOj15T3As-kweu1Kc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:19:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD3E1, serialNumber=8993938C857500280E8F5E53DC0B3E9307AED4A7 Validity Not Before: Aug 23 07:19:47 2025 GMT Not After : Aug 30 07:19:47 2025 GMT Subject: CN=68a96b93-ecbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:9c:d9:80:d2:70:cf:e7:a9:2c:4f:51:9f:6d: cc:d7:88:5d:48:57:03:f0:6e:c5:d3:f1:c7:c4:f8: 72:0e:d3:c7:95:7b:8d:ec:17:58:1a:f0:59:5b:45: cc:2a:da:08:ff:58:10:6a:e1:0f:ca:bc:9d:23:84: a6:e2:4d:68:9f:fe:a2:2d:6d:b1:24:12:fd:1e:ed: 88:50:03:06:a6:28:2e:43:3d:b2:03:24:e4:d2:f0: 45:18:32:79:cc:ab:16:de:b4:06:e5:3d:a8:73:04: 49:8e:09:f0:53:34:18:8e:d8:97:84:34:0e:73:0e: 6f:ec:69:d6:cd:ab:44:35:1c:21:01:0a:81:c1:aa: c0:b4:3a:d4:ab:77:54:a3:9a:72:98:c8:b0:10:2d: ff:b4:3e:9f:1e:90:32:c2:ff:de:c9:1a:d9:2a:44: 31:0d:cb:c8:86:ce:10:22:54:0c:f4:f8:3f:73:fc: e3:24:ff:9f:6f:f0:9d:e9:99:a2:ca:94:a4:8a:78: ed:5f:43:1f:b2:67:3d:9d:ce:3f:71:3e:56:23:cf: 7d:4e:0d:3a:e4:cc:ce:f9:da:d7:73:39:a5:bb:ba: 04:1e:15:b6:1c:65:9b:11:77:21:79:a1:f2:27:6b: 2c:ea:cc:09:13:25:ed:10:0d:3f:74:9f:99:3f:e9: 6b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:CB:3A:72:25:15:BC:49:31:65:1E:38:CF:F7:19:08:CC:CD:77:AD X509v3 Authority Key Identifier: keyid:89:93:93:8C:85:75:00:28:0E:8F:5E:53:DC:0B:3E:93:07:AE:D4:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iZOTjIV1ACgOj15T3As-kweu1Kc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD3E1/7CF07BC6EF4711EFAF4C4968C4F9AE02/iZOTjIV1ACgOj15T3As-kweu1Kc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:3c:32:ab:9a:15:b6:22:db:4d:fd:c6:b2:d4:3d:93:8f:0a: 1d:17:63:fe:93:d2:7f:86:89:d9:d2:06:ec:c4:76:86:ad:60: 60:ed:47:9f:59:05:08:4e:9e:b4:3d:dc:35:09:ad:af:8d:90: d6:75:5e:5b:e4:20:56:91:c2:99:13:35:5c:32:a2:d0:6b:b1: 9a:f1:5f:01:da:7b:9b:93:01:04:e3:56:48:dc:66:38:a5:64: d8:82:a8:16:df:0f:b9:64:4b:a9:28:a5:76:bd:7e:c8:ee:b7: 74:24:b1:84:1f:a7:a0:0a:15:fa:12:6d:5a:7d:4e:ac:7e:56: 75:dd:3a:e0:94:30:c3:05:7a:0c:b7:44:26:3c:78:9f:18:77: 97:75:38:d0:0e:58:52:15:96:35:7d:ab:56:e4:d4:15:3e:e8: b5:37:b7:76:9d:73:05:1d:f1:ad:69:7f:20:6f:2e:cf:76:08: 5c:d4:30:af:56:09:e2:57:24:c4:5d:f6:05:ea:84:b5:8e:e2: fe:1c:98:96:d4:e3:9b:e4:c1:09:de:6e:7e:82:b5:b4:11:a2: 2f:e7:d6:21:f2:f5:39:7b:57:bf:a7:cf:ab:5b:4b:41:8d:83: df:62:14:53:82:ae:d9:bd:37:2c:60:33:67:76:a2:4d:35:87: ff:39:0c:03 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBYzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RDNFMTExMC8GA1UEBRMoODk5MzkzOEM4NTc1MDAyODBFOEY1RTUzREMwQjNFOTMw N0FFRDRBNzAeFw0yNTA4MjMwNzE5NDdaFw0yNTA4MzAwNzE5NDdaMBgxFjAUBgNV BAMTDTY4YTk2YjkzLWVjYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOnNmA0nDP56ksT1GfbczXiF1IVwPwbsXT8cfE+HIO08eVe43sF1ga8FlbRcwq 2gj/WBBq4Q/KvJ0jhKbiTWif/qItbbEkEv0e7YhQAwamKC5DPbIDJOTS8EUYMnnM qxbetAblPahzBEmOCfBTNBiO2JeENA5zDm/sadbNq0Q1HCEBCoHBqsC0OtSrd1Sj mnKYyLAQLf+0Pp8ekDLC/97JGtkqRDENy8iGzhAiVAz0+D9z/OMk/59v8J3pmaLK lKSKeO1fQx+yZz2dzj9xPlYjz31ODTrkzM752tdzOaW7ugQeFbYcZZsRdyF5ofIn ayzqzAkTJe0QDT90n5k/6WuPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZss6ciUV vEkxZR44z/cZCMzNd60wHwYDVR0jBBgwFoAUiZOTjIV1ACgOj15T3As+kweu1Kcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJEM0UxLzdDRjA3QkM2RUY0 NzExRUZBRjRDNDk2OEM0RjlBRTAyL2laT1RqSVYxQUNnT2oxNVQzQXMta3dldTFL Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaVpPVGpJVjFBQ2dPajE1VDNBcy1rd2V1MUtjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJE M0UxLzdDRjA3QkM2RUY0NzExRUZBRjRDNDk2OEM0RjlBRTAyL2laT1RqSVYxQUNn T2oxNVQzQXMta3dldTFLYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEM8MquaFbYi2039xrLUPZOPCh0XY/6T0n+GidnSBuzEdoatYGDtR59Z BQhOnrQ93DUJra+NkNZ1XlvkIFaRwpkTNVwyotBrsZrxXwHae5uTAQTjVkjcZjil ZNiCqBbfD7lkS6kopXa9fsjut3QksYQfp6AKFfoSbVp9Tqx+VnXdOuCUMMMFegy3 RCY8eJ8Yd5d1ONAOWFIVljV9q1bk1BU+6LU3t3adcwUd8a1pfyBvLs92CFzUMK9W CeJXJMRd9gXqhLWO4v4cmJbU45vkwQnebn6CtbQRoi/n1iHy9Tl7V7+nz6tbS0GN g99iFFOCrtm9NyxgM2d2ok01h/85DAM= -----END CERTIFICATE-----Generated at Sat Aug 23 19:35:35 2025 by rpki-client