$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft File: 2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft (raw, json) Hash identifier: z5ows9lF+INMbVQyWiBlFbbB7m5S7L34A9WpcGeYUcI= Subject key identifier: 37:F0:98:6F:17:A5:62:2C:03:2F:43:93:EC:DF:B3:45:8B:2C:EE:74 Authority key identifier: D9:D6:5F:7F:36:09:0C:40:1B:CF:20:D4:BC:80:C4:3F:0D:C5:93:3D Certificate issuer: /CN=A91C2B93/serialNumber=D9D65F7F36090C401BCF20D4BC80C43F0DC5933D Certificate serial: E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dZffzYJDEAbzyDUvIDEPw3Fkz0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft Manifest number: DF Signing time: Sun 29 Jun 2025 04:33:46 +0000 Manifest this update: Sun 29 Jun 2025 04:33:46 +0000 Manifest next update: Sun 06 Jul 2025 04:33:46 +0000 Files and hashes: 1: 2dZffzYJDEAbzyDUvIDEPw3Fkz0.crl (hash: ZBqZxHj1HG3Ejq4Wm8wRtGqiIEHqOVmOToOL6cuhwDY=) 2: B00A68E6014A11EFA8F03B5BC4F9AE02.roa (hash: F6IB2oLxhpfXXQwj/Kl3IJNncyOBKEOTP7G3C5XwQrk=) 3: E2037F8C019911EFAFFEEC5DC4F9AE02.roa (hash: yyKQJp3Cor943Y25Ya+6ME8Xl4xDZuaYL1jQZ9UiIZI=) 4: B0BE3042014A11EFA8F03B5BC4F9AE02.roa (hash: kGlkPBXGhK2HbK8wICTx12rG9bb9NpN/Iy7FI3DGEGY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.crl rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dZffzYJDEAbzyDUvIDEPw3Fkz0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 04:33:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 229 (0xe5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2B93, serialNumber=D9D65F7F36090C401BCF20D4BC80C43F0DC5933D Validity Not Before: Jun 29 04:33:46 2025 GMT Not After : Jul 6 04:33:46 2025 GMT Subject: CN=6860c22a-b5e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:6b:ec:a2:1b:83:d0:a2:57:00:35:31:29:00: 0e:ec:03:07:3c:09:fe:74:17:33:db:5a:19:21:47: 1a:08:c9:2b:28:58:76:fd:e8:58:13:9e:11:9c:db: a0:bf:9c:9c:17:cb:cc:d4:4c:6e:cc:92:8c:11:2f: 7f:45:1f:5f:ef:50:18:7f:82:fc:09:9d:74:1a:bc: 5b:3d:84:2b:fa:51:ba:75:e6:0a:7a:40:d3:d2:be: 56:10:5c:43:5b:68:cf:96:d5:88:0c:a1:92:29:5b: 88:ec:df:75:d0:83:75:77:dc:96:a0:d0:bc:86:17: 30:2d:72:76:f8:5d:fb:bd:b6:fc:d0:cf:92:ac:5a: db:87:1e:91:cf:2d:bc:b0:8b:59:42:e9:ce:0f:49: d2:b8:7c:ed:6a:00:65:06:29:09:f7:f5:6d:aa:31: 55:93:fc:99:50:81:d1:7a:ae:b0:e2:fd:90:9f:86: f6:ea:1a:40:3a:76:1b:fa:79:5d:a8:14:4d:9f:16: a7:7f:c0:ec:59:03:4a:b4:aa:62:0d:4a:f4:f6:2e: ed:76:c6:b1:c7:80:61:b4:f3:88:ec:96:ea:92:0d: fc:2a:41:10:6f:1b:10:f0:f8:09:91:ab:b2:cf:e3: ef:23:77:97:14:15:0f:19:8f:d2:cf:14:e4:e6:4b: 54:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F0:98:6F:17:A5:62:2C:03:2F:43:93:EC:DF:B3:45:8B:2C:EE:74 X509v3 Authority Key Identifier: keyid:D9:D6:5F:7F:36:09:0C:40:1B:CF:20:D4:BC:80:C4:3F:0D:C5:93:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dZffzYJDEAbzyDUvIDEPw3Fkz0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2B93/3AC874EE014311EF825A6465C4F9AE02/2dZffzYJDEAbzyDUvIDEPw3Fkz0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:50:7e:15:2f:5d:52:bc:a6:2b:20:69:49:aa:e8:d2:cf:40: 41:cc:a5:4b:60:65:1d:02:15:cd:0c:9d:36:18:58:fa:b8:d7: 4f:0f:33:c3:87:e1:8e:a5:10:8a:17:1c:b9:3e:0a:17:58:a4: f6:09:c5:69:30:9a:7c:e0:8f:c4:f5:9b:cc:59:a5:33:c6:64: 5c:2c:04:cc:b4:62:a8:e1:9c:29:f3:91:dd:a7:00:54:17:2c: ec:af:31:6f:28:0c:fa:1e:10:92:f8:55:0c:dc:e9:4b:1c:7c: 19:74:8a:61:7a:ae:37:95:1c:80:f2:91:dc:2f:c0:6a:85:09: 3b:5c:4d:dc:f1:72:82:54:8c:1e:a0:b5:f4:c9:7b:41:9a:10: 8d:15:f7:cb:5c:09:c5:4c:d3:88:b5:0a:58:b9:d0:ff:b5:1b: b4:3a:ee:42:0c:27:65:84:eb:06:71:8e:59:85:44:75:7e:b4: 16:cc:92:a1:1d:51:0d:cd:2f:b8:78:87:a0:5a:c3:9f:c7:7e: a6:ff:dc:c1:a7:c2:28:40:49:d5:c9:16:8c:9a:40:ac:59:a3: 81:cc:ac:de:ab:27:89:05:c0:e3:9d:59:56:29:08:30:66:73: 2f:60:18:0a:da:86:dc:53:1a:cc:9e:d3:26:28:2f:39:60:fb: 1c:9a:ba:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJCOTMxMTAvBgNVBAUTKEQ5RDY1RjdGMzYwOTBDNDAxQkNGMjBENEJDODBDNDNG MERDNTkzM0QwHhcNMjUwNjI5MDQzMzQ2WhcNMjUwNzA2MDQzMzQ2WjAYMRYwFAYD VQQDEw02ODYwYzIyYS1iNWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzWvsohuD0KJXADUxKQAO7AMHPAn+dBcz21oZIUcaCMkrKFh2/ehYE54RnNug v5ycF8vM1ExuzJKMES9/RR9f71AYf4L8CZ10GrxbPYQr+lG6deYKekDT0r5WEFxD W2jPltWIDKGSKVuI7N910IN1d9yWoNC8hhcwLXJ2+F37vbb80M+SrFrbhx6Rzy28 sItZQunOD0nSuHztagBlBikJ9/VtqjFVk/yZUIHReq6w4v2Qn4b26hpAOnYb+nld qBRNnxanf8DsWQNKtKpiDUr09i7tdsaxx4BhtPOI7Jbqkg38KkEQbxsQ8PgJkauy z+PvI3eXFBUPGY/SzxTk5ktUjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDfwmG8X pWIsAy9Dk+zfs0WLLO50MB8GA1UdIwQYMBaAFNnWX382CQxAG88g1LyAxD8NxZM9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkI5My8zQUM4NzRFRTAx NDMxMUVGODI1QTY0NjVDNEY5QUUwMi8yZFpmZnpZSkRFQWJ6eURVdklERVB3M0Zr ejAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJkWmZmellKREVBYnp5RFV2SURFUHczRmt6MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MkI5My8zQUM4NzRFRTAxNDMxMUVGODI1QTY0NjVDNEY5QUUwMi8yZFpmZnpZSkRF QWJ6eURVdklERVB3M0ZrejAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqUH4VL11SvKYrIGlJqujSz0BBzKVLYGUdAhXNDJ02GFj6uNdPDzPD h+GOpRCKFxy5PgoXWKT2CcVpMJp84I/E9ZvMWaUzxmRcLATMtGKo4Zwp85HdpwBU FyzsrzFvKAz6HhCS+FUM3OlLHHwZdIpheq43lRyA8pHcL8BqhQk7XE3c8XKCVIwe oLX0yXtBmhCNFffLXAnFTNOItQpYudD/tRu0Ou5CDCdlhOsGcY5ZhUR1frQWzJKh HVENzS+4eIegWsOfx36m/9zBp8IoQEnVyRaMmkCsWaOBzKzeqyeJBcDjnVlWKQgw ZnMvYBgK2obcUxrMntMmKC85YPscmrpX -----END CERTIFICATE-----Generated at Sun Jun 29 16:11:45 2025 by rpki-client