$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: TJZ19FXLd7f4CBU4LCWL62ML5j3PbiziHbVjfozgfPY= Subject key identifier: 3F:7F:3F:50:3B:B2:A0:74:18:6E:DD:AB:3A:20:5A:B8:4B:2B:F5:F4 Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: E0 Signing time: Thu 03 Jul 2025 05:39:00 +0000 Manifest this update: Thu 03 Jul 2025 05:38:59 +0000 Manifest next update: Thu 10 Jul 2025 05:38:59 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: uQhnCYRsMIjsBnmezbAYkewFLXQemeieHbw4nfP3L5E=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: M9Q8RXEiuL/wyMNZhN9zbPG+N0QQluDkDpfmSIoYCRg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: Jul 3 05:38:59 2025 GMT Not After : Jul 10 05:38:59 2025 GMT Subject: CN=68661773-f9e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0a:c6:68:8d:83:c9:ce:4f:54:2f:fc:1d:53: 5b:b1:be:a3:ef:27:c4:91:33:2f:51:0d:1e:21:ad: 38:38:fa:a1:b4:63:0e:4a:cb:70:8c:be:b2:b8:db: 0e:9c:d1:bf:e4:2c:a9:e1:2b:51:bf:c3:c8:25:4d: 35:e5:88:3b:78:70:eb:5d:5b:98:4b:e4:75:a0:af: 4e:83:8c:84:4f:7c:25:c2:2e:d4:63:17:c0:81:86: fa:ff:85:c0:f6:77:b1:68:5b:1a:a4:4e:af:d4:88: 47:40:65:e5:94:e5:95:22:22:2a:97:73:dc:96:14: 97:89:6d:12:c0:ca:23:97:f7:bf:b4:4d:c9:5d:31: 42:c3:83:16:21:45:2e:6a:90:ec:ac:a1:e1:bf:27: a1:ca:ff:0a:4a:7b:0f:94:6f:e1:b8:30:38:71:37: ba:7b:fc:b9:5a:93:c0:2b:d5:9f:c6:8d:68:f6:5b: db:39:c8:36:eb:bb:58:84:e3:be:c8:37:01:1a:ac: 9a:54:44:35:bd:d6:5b:29:2a:1a:0d:86:42:cc:1d: fe:79:26:9e:88:30:f1:d8:3e:92:d2:67:01:16:cf: f5:76:2c:11:5c:26:01:b5:89:3f:71:3c:53:d4:de: f0:70:ee:fc:c6:8c:f9:dc:dd:e7:c6:06:8c:5b:78: cf:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:7F:3F:50:3B:B2:A0:74:18:6E:DD:AB:3A:20:5A:B8:4B:2B:F5:F4 X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:4c:a6:0a:49:a0:30:7d:df:f7:d5:91:43:1e:fd:f4:55:d0: 72:b6:88:8c:5c:ad:99:72:bb:56:72:6f:28:95:13:5b:23:a6: 37:83:14:84:23:07:55:2a:6e:d0:ae:64:9d:d1:c5:6c:b9:80: 10:a3:20:3f:bf:48:c4:c1:a1:f1:79:78:e8:41:e6:6c:e0:12: b0:b7:83:13:68:9b:92:53:52:2f:cd:fc:0f:a2:bd:06:6a:67: ae:ac:90:d3:d3:1a:74:ae:f9:88:0a:59:e2:f5:7f:bd:44:15: d8:b9:4d:66:70:3c:fc:1c:99:ef:17:e2:44:d3:5c:65:a1:aa: b1:d6:0d:b5:00:17:8b:66:b5:48:e8:56:c3:89:fc:1c:0b:aa: cc:98:5b:21:0f:43:a8:b6:8f:24:fb:c1:28:45:09:24:1a:92: 47:b6:f1:18:31:b8:ca:03:15:91:cb:49:3e:8d:63:c1:32:76: ba:49:3b:6d:dd:ad:0a:d9:b4:93:59:1a:a4:c1:e3:d8:d1:e4: a4:03:56:d4:76:6d:97:1b:b2:3f:18:9b:27:1f:3b:52:c4:dc: 77:c8:1a:cb:c9:42:70:ae:b7:70:b9:42:3a:e2:ef:3c:83:f1: 27:75:d1:f3:28:6e:cd:9c:c5:e1:a8:e5:ee:e8:47:8e:d9:27: f8:19:ad:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUwNzAzMDUzODU5WhcNMjUwNzEwMDUzODU5WjAYMRYwFAYD VQQDEw02ODY2MTc3My1mOWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAywrGaI2Dyc5PVC/8HVNbsb6j7yfEkTMvUQ0eIa04OPqhtGMOSstwjL6yuNsO nNG/5Cyp4StRv8PIJU015Yg7eHDrXVuYS+R1oK9Og4yET3wlwi7UYxfAgYb6/4XA 9nexaFsapE6v1IhHQGXllOWVIiIql3PclhSXiW0SwMojl/e/tE3JXTFCw4MWIUUu apDsrKHhvyehyv8KSnsPlG/huDA4cTe6e/y5WpPAK9Wfxo1o9lvbOcg267tYhOO+ yDcBGqyaVEQ1vdZbKSoaDYZCzB3+eSaeiDDx2D6S0mcBFs/1diwRXCYBtYk/cTxT 1N7wcO78xoz53N3nxgaMW3jPiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD9/P1A7 sqB0GG7dqzogWrhLK/X0MB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1TKYKSaAwfd/31ZFDHv30VdBytoiMXK2ZcrtWcm8olRNbI6Y3gxSE IwdVKm7QrmSd0cVsuYAQoyA/v0jEwaHxeXjoQeZs4BKwt4MTaJuSU1IvzfwPor0G ameurJDT0xp0rvmIClni9X+9RBXYuU1mcDz8HJnvF+JE01xloaqx1g21ABeLZrVI 6FbDifwcC6rMmFshD0Ooto8k+8EoRQkkGpJHtvEYMbjKAxWRy0k+jWPBMna6STtt 3a0K2bSTWRqkwePY0eSkA1bUdm2XG7I/GJsnHztSxNx3yBrLyUJwrrdwuUI64u88 g/EnddHzKG7NnMXhqOXu6EeO2Sf4Ga1I -----END CERTIFICATE-----Generated at Fri Jul 4 15:07:39 2025 by rpki-client