$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft File: 4vB0KtgKnbsodRhO4N1elN11eEs.mft (raw, json) Hash identifier: 2qm2PVFys+VX7x2kCVU79kyggIn9qqP2qkIErW3AitE= Subject key identifier: BA:5B:4F:77:C7:5F:30:80:58:65:CF:97:2A:1E:E2:DB:DE:0D:A3:22 Authority key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B Certificate issuer: /CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Certificate serial: 1BF0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft Manifest number: 1BE6 Signing time: Fri 04 Jul 2025 16:28:44 +0000 Manifest this update: Fri 04 Jul 2025 16:28:43 +0000 Manifest next update: Fri 11 Jul 2025 16:28:43 +0000 Files and hashes: 1: 4vB0KtgKnbsodRhO4N1elN11eEs.crl (hash: 9wlJnUg0cEJnFmPZy/RYoVSL1inXD0wM6bA3fSTdeQE=) 2: A88F22ECCC7011ED931BD15FC4F9AE02.roa (hash: BCcYD/VfHPlrE1idB6qMcYHXBoKVsq99H3ysbvhT4uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7152 (0x1bf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23FE, serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Validity Not Before: Jul 4 16:28:43 2025 GMT Not After : Jul 11 16:28:43 2025 GMT Subject: CN=6868013c-7362 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:27:2f:02:91:7f:d6:e8:e4:0d:99:f6:89:ae: 87:23:b4:a7:f1:93:5d:e8:d9:44:8a:92:ac:6c:16: d3:45:8c:8c:2c:2c:bb:50:d0:f6:63:55:a7:9d:f8: ad:28:06:8f:d4:f6:5f:1d:9e:3f:00:7b:48:d5:ce: 59:04:2b:01:1e:0a:10:9f:29:2c:50:36:c5:9a:fd: d8:f5:55:45:2a:1b:5a:c9:f1:a6:ab:81:c4:71:e2: 9d:3b:c0:9a:2c:96:51:01:fa:11:c2:97:6b:0d:4c: 09:1b:40:1a:12:29:17:7d:b3:52:ad:65:0e:cc:39: 32:f6:c4:b1:2c:f5:41:e0:85:86:49:67:cc:c2:e9: f9:e7:7e:5f:8f:05:c6:43:a2:fd:b2:8d:1c:b6:4d: f9:a8:9a:44:dd:2d:80:63:53:b6:97:a5:62:03:e7: 8a:4c:f6:47:15:56:2b:bb:58:c0:65:29:82:e8:a1: f2:d1:df:ad:5e:3c:1f:a5:f0:77:f8:92:66:7c:97: e0:b3:59:45:35:63:78:f6:3d:36:51:7e:30:eb:ec: 81:9b:dc:95:f2:83:c2:cf:41:f4:17:f4:a1:f5:ff: 1d:fe:60:27:08:61:a4:18:13:ca:da:6a:b7:70:b5: b4:ff:8f:58:de:9e:af:26:96:27:8b:99:7f:ae:45: e8:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:5B:4F:77:C7:5F:30:80:58:65:CF:97:2A:1E:E2:DB:DE:0D:A3:22 X509v3 Authority Key Identifier: keyid:E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:b4:93:f5:c4:6f:84:8e:8a:d6:52:5d:2a:9f:c1:e5:61:a9: 62:61:71:c8:ac:f1:c2:d5:b8:b3:6a:84:06:66:da:17:ff:72: 2a:c2:10:9f:95:de:5b:e6:42:74:62:e5:a7:82:d4:65:b2:5c: 3e:fc:93:d3:9c:e8:99:8c:bb:ef:77:ad:25:0d:34:6e:44:dd: 91:7f:c6:38:88:f8:6d:c9:a5:b6:0c:41:55:68:7c:ff:e5:58: 6c:ed:aa:d9:31:2e:52:10:7b:84:bf:2c:07:ed:01:9c:dc:1f: b5:24:67:58:43:0a:45:66:b7:45:9a:66:c8:c4:3d:f3:d2:17: cf:09:dc:63:0b:dc:d9:b6:0e:83:b1:d2:f2:8d:53:0a:e9:70: 14:6b:be:33:ad:80:91:99:68:7f:7a:ea:49:5c:cc:03:1a:06: a5:42:82:35:8b:96:e9:1a:34:87:c7:5a:93:2f:20:b3:74:b2: 88:6b:b4:fe:e6:e2:b5:fa:fc:6d:40:42:88:94:5c:c0:a8:cd: 7b:ce:03:de:00:a2:9a:49:eb:15:ee:0f:a5:d2:5f:7d:a7:1f: 9d:a3:66:4f:7b:ea:33:08:2b:27:36:63:cb:28:36:e4:c3:a6: 75:2d:51:21:7d:de:9f:63:71:3f:53:9c:6a:b4:a4:ee:48:68: 58:9e:5f:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICG/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0RUUwREQ1RTk0 REQ3NTc4NEIwHhcNMjUwNzA0MTYyODQzWhcNMjUwNzExMTYyODQzWjAYMRYwFAYD VQQDEw02ODY4MDEzYy03MzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzicvApF/1ujkDZn2ia6HI7Sn8ZNd6NlEipKsbBbTRYyMLCy7UND2Y1Wnnfit KAaP1PZfHZ4/AHtI1c5ZBCsBHgoQnyksUDbFmv3Y9VVFKhtayfGmq4HEceKdO8Ca LJZRAfoRwpdrDUwJG0AaEikXfbNSrWUOzDky9sSxLPVB4IWGSWfMwun5535fjwXG Q6L9so0ctk35qJpE3S2AY1O2l6ViA+eKTPZHFVYru1jAZSmC6KHy0d+tXjwfpfB3 +JJmfJfgs1lFNWN49j02UX4w6+yBm9yV8oPCz0H0F/Sh9f8d/mAnCGGkGBPK2mq3 cLW0/49Y3p6vJpYni5l/rkXo1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLpbT3fH XzCAWGXPlyoe4tveDaMiMB8GA1UdIwQYMBaAFOLwdCrYCp27KHUYTuDdXpTddXhL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNGRS84MjVDRTlBQUY5 RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25ic29kUmhPNE4xZWxOMTFl RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2QjBLdGdLbmJzb2RSaE80TjFlbE4xMWVFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25i c29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxtJP1xG+EjorWUl0qn8HlYaliYXHIrPHC1bizaoQGZtoX/3IqwhCf ld5b5kJ0YuWngtRlslw+/JPTnOiZjLvvd60lDTRuRN2Rf8Y4iPhtyaW2DEFVaHz/ 5Vhs7arZMS5SEHuEvywH7QGc3B+1JGdYQwpFZrdFmmbIxD3z0hfPCdxjC9zZtg6D sdLyjVMK6XAUa74zrYCRmWh/eupJXMwDGgalQoI1i5bpGjSHx1qTLyCzdLKIa7T+ 5uK1+vxtQEKIlFzAqM17zgPeAKKaSesV7g+l0l99px+do2ZPe+ozCCsnNmPLKDbk w6Z1LVEhfd6fY3E/U5xqtKTuSGhYnl+T -----END CERTIFICATE-----Generated at Sun Jul 6 00:32:08 2025 by rpki-client