$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft File: 1icW92HxiNVvoRf53JS-QUEEpoE.mft (raw, json) Hash identifier: IFzfJ8oQIzLHVjQEtnZe8y5SnT/RtHZpWBnAFBurL9g= Subject key identifier: 22:62:97:F9:0A:4A:94:36:83:08:70:B2:01:7E:97:51:CA:30:46:AB Authority key identifier: D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 Certificate issuer: /CN=A91C5D53/serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Certificate serial: 75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft Manifest number: 73 Signing time: Thu 03 Jul 2025 07:11:46 +0000 Manifest this update: Thu 03 Jul 2025 07:11:46 +0000 Manifest next update: Thu 10 Jul 2025 07:11:46 +0000 Files and hashes: 1: 1icW92HxiNVvoRf53JS-QUEEpoE.crl (hash: qGqfLKOM9WkI02coOL/iGDa927lUs59vtIlzb6xIoEA=) 2: BB5954CE241111F094390A32C4F9AE02.roa (hash: 6qd8Idl86oSAnUE2UErM8ktGLeOpsspXAgidR5hkRlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 117 (0x75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5D53, serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Validity Not Before: Jul 3 07:11:46 2025 GMT Not After : Jul 10 07:11:46 2025 GMT Subject: CN=68662d32-2bf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:7b:e0:3b:92:df:93:6d:a3:39:1b:62:a2:f2: 63:14:47:42:5b:6c:1f:8a:b6:a6:f8:dd:ee:f5:ca: a7:be:7d:92:72:40:64:3f:7e:3e:0d:a1:a9:7d:1c: d4:4d:25:cd:9f:ca:4b:39:47:3e:0b:d8:20:5d:2c: ec:d2:57:c2:28:c0:5d:31:b5:bf:a7:42:53:50:2b: b4:d8:bb:21:85:a0:9c:44:fe:a3:59:f6:3c:d4:36: 71:84:ee:a7:0d:9b:b6:f1:ac:1a:36:7c:ad:12:97: ac:57:ce:0c:96:81:3e:8c:d4:01:cc:81:6d:01:2c: 55:c6:e5:bf:50:dc:c1:51:c3:8f:14:90:43:31:10: ec:9f:f8:13:72:40:7e:30:42:32:c1:ef:87:1e:5f: f2:c0:e6:90:40:87:81:e6:e7:7a:9c:0e:55:8a:e8: 9a:25:5a:23:38:75:bd:5e:ee:3e:a5:9e:4f:99:15: 84:b2:e3:51:8b:15:dd:87:ca:79:de:b7:ff:62:b3: b6:82:ba:06:7a:ea:e5:9d:9e:31:d3:5a:f7:f3:f3: 0e:cc:e8:f3:f3:e3:bc:56:4f:42:6e:bd:5d:30:90: 1d:a8:2c:3a:46:81:46:da:9e:13:3e:74:a9:6a:28: 74:a4:52:4a:23:1b:66:b4:9c:58:14:f0:f4:ce:7a: cb:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:62:97:F9:0A:4A:94:36:83:08:70:B2:01:7E:97:51:CA:30:46:AB X509v3 Authority Key Identifier: keyid:D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:00:d5:b1:4d:15:80:ed:97:ea:8a:1f:87:90:b8:cb:ab:da: f5:4e:75:c0:f6:6a:bf:bb:29:8e:c3:75:c9:3e:96:72:c2:96: c2:66:e3:4e:41:a7:80:7b:3e:49:6b:f1:24:b2:63:28:99:61: b8:1f:10:07:fa:ab:26:72:a8:4a:ab:77:e4:b1:9d:55:61:28: a3:c5:a7:65:e4:95:de:49:92:58:a0:e4:94:3e:7b:52:8f:18: c4:1e:75:44:42:32:ae:7f:4e:a7:3f:93:4b:82:b4:26:2a:37: 26:87:82:05:d1:73:d5:9f:07:6f:c1:4a:b8:70:c0:7c:f4:02: 12:15:7a:1c:8a:c0:78:f8:c3:83:f0:19:0d:b1:f8:46:a5:8a: c0:ba:08:b1:6e:80:83:47:68:3c:6e:75:37:d9:8c:46:4d:7d: 9a:46:19:7c:e2:8f:9f:17:f9:c5:ed:63:a9:86:08:12:88:06: 16:65:57:08:6a:55:d5:c3:88:60:08:03:aa:85:f8:f7:7e:87: 7f:97:4a:61:44:da:b2:4c:39:5a:a3:2c:7a:25:e3:09:c9:ca: 7f:96:45:3c:a4:2e:e3:f8:5b:61:45:38:66:8b:b0:89:cc:21: da:92:5f:94:6d:dc:42:e9:3d:b9:b7:99:d5:ca:ce:3e:a4:30: d2:74:b6:0a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NUQ1MzExMC8GA1UEBRMoRDYyNzE2Rjc2MUYxODhENTZGQTExN0Y5REM5NEJFNDE0 MTA0QTY4MTAeFw0yNTA3MDMwNzExNDZaFw0yNTA3MTAwNzExNDZaMBgxFjAUBgNV BAMTDTY4NjYyZDMyLTJiZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAe+A7kt+TbaM5G2Ki8mMUR0JbbB+Ktqb43e71yqe+fZJyQGQ/fj4Noal9HNRN Jc2fyks5Rz4L2CBdLOzSV8IowF0xtb+nQlNQK7TYuyGFoJxE/qNZ9jzUNnGE7qcN m7bxrBo2fK0Sl6xXzgyWgT6M1AHMgW0BLFXG5b9Q3MFRw48UkEMxEOyf+BNyQH4w QjLB74ceX/LA5pBAh4Hm53qcDlWK6JolWiM4db1e7j6lnk+ZFYSy41GLFd2Hynne t/9is7aCugZ66uWdnjHTWvfz8w7M6PPz47xWT0JuvV0wkB2oLDpGgUbanhM+dKlq KHSkUkojG2a0nFgU8PTOesstAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUImKX+QpK lDaDCHCyAX6XUcowRqswHwYDVR0jBBgwFoAU1icW92HxiNVvoRf53JS+QUEEpoEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1RDUzLzA1RkZDMDBFQUM4 NDExRUY4MjE0OTcyQkM0RjlBRTAyLzFpY1c5Mkh4aU5Wdm9SZjUzSlMtUVVFRXBv RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMWljVzkySHhpTlZ2b1JmNTNKUy1RVUVFcG9FLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1 RDUzLzA1RkZDMDBFQUM4NDExRUY4MjE0OTcyQkM0RjlBRTAyLzFpY1c5Mkh4aU5W dm9SZjUzSlMtUVVFRXBvRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEAA1bFNFYDtl+qKH4eQuMur2vVOdcD2ar+7KY7Ddck+lnLClsJm405B p4B7Pklr8SSyYyiZYbgfEAf6qyZyqEqrd+SxnVVhKKPFp2Xkld5Jklig5JQ+e1KP GMQedURCMq5/Tqc/k0uCtCYqNyaHggXRc9WfB2/BSrhwwHz0AhIVehyKwHj4w4Pw GQ2x+EalisC6CLFugINHaDxudTfZjEZNfZpGGXzij58X+cXtY6mGCBKIBhZlVwhq VdXDiGAIA6qF+Pd+h3+XSmFE2rJMOVqjLHol4wnJyn+WRTykLuP4W2FFOGaLsInM IdqSX5Rt3ELpPbm3mdXKzj6kMNJ0tgo= -----END CERTIFICATE-----Generated at Fri Jul 4 22:04:54 2025 by rpki-client