$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft File: 5CK_AmFA0gPv1r_eruJoqosEZtU.mft (raw, json) Hash identifier: sP4/FrwBLPL9ULYPXN/it746yCU7v459QQ3UPVPR5oY= Subject key identifier: 15:67:A7:62:C9:C6:E7:02:E4:D6:22:F1:65:72:83:4A:AF:18:E7:EA Authority key identifier: E4:22:BF:02:61:40:D2:03:EF:D6:BF:DE:AE:E2:68:AA:8B:04:66:D5 Certificate issuer: /CN=A91C3174/serialNumber=E422BF026140D203EFD6BFDEAEE268AA8B0466D5 Certificate serial: 02DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft Manifest number: 02D7 Signing time: Tue 01 Jul 2025 02:00:25 +0000 Manifest this update: Tue 01 Jul 2025 02:00:24 +0000 Manifest next update: Tue 08 Jul 2025 02:00:24 +0000 Files and hashes: 1: 5CK_AmFA0gPv1r_eruJoqosEZtU.crl (hash: JCzXv5UrwEwVRBy2jqV9KC0AXhZMz4SdBktGL5YVO+0=) 2: 9A4B6146EED111EC9BDD4C49C4F9AE02.roa (hash: 5l/0i4Mj7CkFahUXGxLru5zWwX7qpr1hA77tgI5t7fk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.crl rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 731 (0x2db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3174, serialNumber=E422BF026140D203EFD6BFDEAEE268AA8B0466D5 Validity Not Before: Jul 1 02:00:24 2025 GMT Not After : Jul 8 02:00:24 2025 GMT Subject: CN=68634138-047e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:08:0c:0a:31:8f:cd:c7:18:53:d9:a5:4a:8b: cc:20:b1:5e:cd:15:1c:fa:7d:6e:8b:8d:8f:ff:18: 4a:4e:87:af:fa:25:66:6d:95:50:c6:3c:41:6c:a2: bc:e5:f7:f9:3b:2a:82:33:96:73:d9:ae:8a:cb:8e: ed:ec:90:8c:30:de:c6:25:a6:7e:37:78:62:71:d5: 85:8a:d8:20:2b:37:e1:17:72:fd:23:e2:aa:c7:05: f1:a1:14:b1:60:33:87:68:11:df:ba:a8:39:5b:af: d8:23:97:b8:6b:d8:b3:54:0c:2c:21:aa:fc:07:e5: 37:ff:4b:f2:24:33:6e:c8:c0:d8:a2:78:37:ce:87: c9:78:5c:a5:0a:2f:28:92:83:36:48:d1:b5:7e:23: e2:dc:82:3a:ae:09:28:0e:60:2e:d9:ab:d8:84:1c: d5:a2:5e:dc:e5:07:66:b4:65:66:32:c8:ae:a4:5a: e3:bf:d0:00:c9:28:ef:d8:4d:ae:0a:16:1b:7d:38: b2:2b:2c:f0:58:16:46:59:3b:54:57:b1:d0:36:a1: 96:d5:f9:0c:8b:d2:1f:19:88:60:ff:41:f8:6a:f1: 59:83:90:4a:6c:56:5a:ed:09:ce:55:bc:9a:f5:da: 40:db:21:83:20:73:cd:8e:d6:39:80:e6:e4:26:91: c2:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:67:A7:62:C9:C6:E7:02:E4:D6:22:F1:65:72:83:4A:AF:18:E7:EA X509v3 Authority Key Identifier: keyid:E4:22:BF:02:61:40:D2:03:EF:D6:BF:DE:AE:E2:68:AA:8B:04:66:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:4e:c2:a3:5c:38:60:a3:a8:af:dc:02:f8:29:44:73:be:14: a0:d2:47:9d:b5:0f:cc:46:e7:a6:29:08:a7:ce:bc:10:e2:cb: 9c:a6:86:0a:08:05:d7:d6:69:9f:e7:e9:0a:4f:d0:5c:59:a1: 88:37:0b:6c:25:bd:22:9e:98:29:cf:cb:35:d1:b3:2e:e3:e1: 3d:69:4f:0f:04:ff:37:a5:73:18:76:a0:05:d1:7f:48:a4:4c: ec:f2:88:8e:01:5c:d8:85:ae:6e:50:c2:97:9b:ce:52:84:c1: e4:73:06:e5:ef:49:55:a6:ac:a9:29:68:0f:95:1a:f5:1b:b8: 22:3d:62:45:fb:6d:a0:32:67:17:99:20:2f:3b:c2:c7:24:94: 22:76:b0:cd:d0:a0:88:bb:0b:e0:aa:db:82:7c:0c:28:f6:51: e4:16:b9:53:04:4b:98:b7:dd:e2:f1:d8:83:49:51:2a:81:f6: 5a:8e:7b:5b:bf:12:2c:ba:ae:30:55:dc:d2:49:d2:ab:4b:ad: 9b:6e:2f:f1:70:9f:cc:0a:35:77:1f:59:b4:49:8a:07:14:ac: d4:8b:72:21:86:b0:44:b4:e6:7a:2f:5c:b8:ad:4a:4c:26:97: c8:aa:d4:b1:6d:ef:64:d9:3d:ab:fa:09:0c:a9:16:c9:55:59: 4d:70:57:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzMxNzQxMTAvBgNVBAUTKEU0MjJCRjAyNjE0MEQyMDNFRkQ2QkZERUFFRTI2OEFB OEIwNDY2RDUwHhcNMjUwNzAxMDIwMDI0WhcNMjUwNzA4MDIwMDI0WjAYMRYwFAYD VQQDEw02ODYzNDEzOC0wNDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmggMCjGPzccYU9mlSovMILFezRUc+n1ui42P/xhKToev+iVmbZVQxjxBbKK8 5ff5OyqCM5Zz2a6Ky47t7JCMMN7GJaZ+N3hicdWFitggKzfhF3L9I+KqxwXxoRSx YDOHaBHfuqg5W6/YI5e4a9izVAwsIar8B+U3/0vyJDNuyMDYong3zofJeFylCi8o koM2SNG1fiPi3II6rgkoDmAu2avYhBzVol7c5QdmtGVmMsiupFrjv9AAySjv2E2u ChYbfTiyKyzwWBZGWTtUV7HQNqGW1fkMi9IfGYhg/0H4avFZg5BKbFZa7QnOVbya 9dpA2yGDIHPNjtY5gObkJpHCeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBVnp2LJ xucC5NYi8WVyg0qvGOfqMB8GA1UdIwQYMBaAFOQivwJhQNID79a/3q7iaKqLBGbV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzE3NC9CMTMxRjg5Q0VF Q0QxMUVDOENGNDQ3MUVDNEY5QUUwMi81Q0tfQW1GQTBnUHYxcl9lcnVKb3Fvc0Va dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVDS19BbUZBMGdQdjFyX2VydUpvcW9zRVp0VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MzE3NC9CMTMxRjg5Q0VFQ0QxMUVDOENGNDQ3MUVDNEY5QUUwMi81Q0tfQW1GQTBn UHYxcl9lcnVKb3Fvc0VadFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiTsKjXDhgo6iv3AL4KURzvhSg0kedtQ/MRuemKQinzrwQ4sucpoYK CAXX1mmf5+kKT9BcWaGINwtsJb0inpgpz8s10bMu4+E9aU8PBP83pXMYdqAF0X9I pEzs8oiOAVzYha5uUMKXm85ShMHkcwbl70lVpqypKWgPlRr1G7giPWJF+22gMmcX mSAvO8LHJJQidrDN0KCIuwvgqtuCfAwo9lHkFrlTBEuYt93i8diDSVEqgfZajntb vxIsuq4wVdzSSdKrS62bbi/xcJ/MCjV3H1m0SYoHFKzUi3IhhrBEtOZ6L1y4rUpM JpfIqtSxbe9k2T2r+gkMqRbJVVlNcFcz -----END CERTIFICATE-----Generated at Wed Jul 2 05:00:31 2025 by rpki-client