$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft File: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft (raw, json) Hash identifier: d38LRrRnQ2mH2TtGSQECrUtEHYy+OMDWhjJ0t4pyRAk= Subject key identifier: DE:47:CB:F8:D7:08:51:D9:09:5F:76:10:9C:60:76:43:44:E0:40:05 Authority key identifier: 66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A Certificate issuer: /CN=A91C146D/serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Certificate serial: 45 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft Manifest number: 3F Signing time: Thu 03 Jul 2025 07:48:25 +0000 Manifest this update: Thu 03 Jul 2025 07:48:25 +0000 Manifest next update: Thu 10 Jul 2025 07:48:25 +0000 Files and hashes: 1: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl (hash: 43a10R+yRcA51bt/88ysVJT9rr1n6U2PUtBF2wAuRZs=) 2: 992A7358004211F0AC90656CC4F9AE02.roa (hash: 6uK19EDHQqPyaVVXXtHQJXfGGnOJLngyIEFvwQHYfKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Validity Not Before: Jul 3 07:48:25 2025 GMT Not After : Jul 10 07:48:25 2025 GMT Subject: CN=686635c9-e2e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:be:f5:f5:57:90:6a:42:28:36:1f:74:10:cf: 76:f4:11:a5:21:9a:50:d2:8c:b4:9b:f6:0a:45:76: 69:27:50:7e:2e:77:7b:a4:d9:e0:ab:6f:5e:99:94: 1e:a8:37:58:25:38:86:73:dd:74:ff:dd:e9:44:e6: 99:23:e4:aa:af:ae:e0:bd:9c:23:c3:50:7c:86:ee: 28:c3:41:6d:95:54:80:f6:5e:c8:c3:58:3c:e7:79: 88:f2:bd:c9:05:df:72:49:9d:95:2e:12:47:56:bb: 72:ee:6d:13:32:b7:e1:d1:06:40:bd:92:d4:23:ba: df:10:ab:03:b4:16:5a:51:9d:19:48:a8:12:0c:06: ea:74:c3:09:48:ca:c3:f3:71:fe:07:e1:41:7b:f1: 0c:d1:c8:bb:75:95:31:78:c2:ce:e2:4a:10:08:5b: 85:0f:3d:b8:5b:f2:d3:0d:5c:23:68:e1:96:9b:62: 4f:54:5c:7c:c9:1f:7e:96:b5:d7:33:0e:9d:b6:af: 0a:90:b7:6c:e7:2f:a2:9c:94:7c:aa:44:d5:c8:75: 72:3e:0c:28:7d:7e:47:86:b5:bb:84:ca:ab:c3:c4: 68:8c:41:82:d0:47:33:e6:79:c2:e2:09:b5:78:52: e6:81:8e:7e:4e:55:e7:41:f2:e4:aa:11:9f:32:16: dc:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:47:CB:F8:D7:08:51:D9:09:5F:76:10:9C:60:76:43:44:E0:40:05 X509v3 Authority Key Identifier: keyid:66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:d6:86:5d:61:2a:9f:b9:24:dc:b9:61:df:09:b0:bb:73:51: 0a:20:df:7b:a9:f2:c4:c3:43:14:78:b6:a4:4b:83:2b:47:8a: a7:b0:39:3b:54:41:fc:fc:fb:f5:3b:d0:ad:df:dd:43:2c:77: dc:a7:eb:dc:ec:c1:11:af:b0:e0:3f:ec:52:74:b1:10:0e:d0: d5:96:92:33:89:c5:bf:1b:6a:a9:75:d5:d8:df:4c:ed:e7:4e: c2:20:67:f4:1b:56:36:41:3f:ae:08:e4:b2:86:11:eb:66:d5: 4a:26:75:56:d8:7a:6f:b3:6a:d6:73:29:80:4a:1c:e5:4a:35: 0c:3a:5b:9b:67:f8:5c:a5:cd:c8:54:c2:b9:67:ca:3f:a6:c1: 17:a0:c8:0c:1f:a1:d7:ef:be:ac:6b:29:bd:84:17:a1:08:6c: 97:da:f9:33:f6:1d:aa:79:17:38:09:02:9c:7e:f9:93:e8:66: eb:27:dc:79:0a:98:6a:d4:f9:8d:3a:97:f2:af:6c:de:5c:f2: e6:80:4b:e8:5d:35:2a:e5:c5:fb:42:35:ab:d9:d6:9f:e7:66: 23:b1:47:d4:01:e4:74:8e:5e:f7:eb:87:ce:34:66:ca:ed:d3: fb:d8:bb:27:ac:9c:b1:c4:d0:af:48:f0:3f:20:bc:b7:76:48: 43:1f:15:94 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoNjY0RTU5QTAwMEI5MUU3MkY4MDNFNkQ4Njg0MTE1NEM4 MDU2Qjg4QTAeFw0yNTA3MDMwNzQ4MjVaFw0yNTA3MTAwNzQ4MjVaMBgxFjAUBgNV BAMTDTY4NjYzNWM5LWUyZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMvvX1V5BqQig2H3QQz3b0EaUhmlDSjLSb9gpFdmknUH4ud3uk2eCrb16ZlB6o N1glOIZz3XT/3elE5pkj5KqvruC9nCPDUHyG7ijDQW2VVID2XsjDWDzneYjyvckF 33JJnZUuEkdWu3LubRMyt+HRBkC9ktQjut8QqwO0FlpRnRlIqBIMBup0wwlIysPz cf4H4UF78QzRyLt1lTF4ws7iShAIW4UPPbhb8tMNXCNo4ZabYk9UXHzJH36Wtdcz Dp22rwqQt2znL6KclHyqRNXIdXI+DCh9fkeGtbuEyqvDxGiMQYLQRzPmecLiCbV4 UuaBjn5OVedB8uSqEZ8yFtxfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3kfL+NcI UdkJX3YQnGB2Q0TgQAUwHwYDVR0jBBgwFoAUZk5ZoAC5HnL4A+bYaEEVTIBWuIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0VDQjAwQjQyMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5MNEEtYllhRUVWVElCV3VJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWms1Wm9BQzVIbkw0QS1iWWFFRVZUSUJXdUlvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0VDQjAwQjQyMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5M NEEtYllhRUVWVElCV3VJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACPWhl1hKp+5JNy5Yd8JsLtzUQog33up8sTDQxR4tqRLgytHiqewOTtU Qfz8+/U70K3f3UMsd9yn69zswRGvsOA/7FJ0sRAO0NWWkjOJxb8baql11djfTO3n TsIgZ/QbVjZBP64I5LKGEetm1UomdVbYem+zatZzKYBKHOVKNQw6W5tn+FylzchU wrlnyj+mwRegyAwfodfvvqxrKb2EF6EIbJfa+TP2Hap5FzgJApx++ZPoZusn3HkK mGrU+Y06l/KvbN5c8uaAS+hdNSrlxftCNavZ1p/nZiOxR9QB5HSOXvfrh840Zsrt 0/vYuyesnLHE0K9I8D8gvLd2SEMfFZQ= -----END CERTIFICATE-----Generated at Thu Jul 3 23:10:44 2025 by rpki-client