$ rpki-client -vvf rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.mft File: PzH7XY70fa043ZLqGonoiHFAOjE.mft (raw, json) Hash identifier: PIWEeN5nV+7u9K0+TfQSstgt3p0qLSu4C5fx6hZY4wk= Subject key identifier: ED:D3:A9:80:C0:B3:E9:D4:2A:26:52:CD:E6:2F:0B:90:DC:74:61:81 Authority key identifier: 3F:31:FB:5D:8E:F4:7D:AD:38:DD:92:EA:1A:89:E8:88:71:40:3A:31 Certificate issuer: /CN=A91C66B2/serialNumber=3F31FB5D8EF47DAD38DD92EA1A89E88871403A31 Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PzH7XY70fa043ZLqGonoiHFAOjE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.mft Manifest number: 22 Signing time: Sun 29 Jun 2025 06:50:59 +0000 Manifest this update: Sun 29 Jun 2025 06:50:58 +0000 Manifest next update: Sun 06 Jul 2025 06:50:58 +0000 Files and hashes: 1: PzH7XY70fa043ZLqGonoiHFAOjE.crl (hash: 5+XGbswV1IAAeadJQa4/jWuzhjVB+kqUISSq7r3O8v4=) 2: F8C50B08201711F0A5D51F16C4F9AE02.roa (hash: YsXcAlte05qmGIgWu2vJoEwWF+8nksJR/jWNa1FgQP4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.crl rsync://rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PzH7XY70fa043ZLqGonoiHFAOjE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 06:50:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C66B2, serialNumber=3F31FB5D8EF47DAD38DD92EA1A89E88871403A31 Validity Not Before: Jun 29 06:50:58 2025 GMT Not After : Jul 6 06:50:58 2025 GMT Subject: CN=6860e253-b35c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f3:2d:a3:75:15:13:5a:91:c7:1a:79:0b:19: 75:94:4e:4e:d2:d0:df:1f:98:03:13:cc:7e:db:ea: 91:b3:8b:41:f2:42:b6:c8:f7:a8:f3:8f:3e:28:09: 40:5f:d0:fb:da:03:b6:ce:1a:ab:33:c2:c3:33:c5: 60:41:8c:55:ea:55:9b:37:90:c4:40:b2:b4:1c:76: 64:fa:1a:a3:4e:da:f0:a3:5a:d4:5f:fc:64:68:8f: cd:04:24:53:7d:76:2c:b3:36:14:b8:5b:80:21:67: 4f:2f:bd:72:75:24:db:6f:e5:d2:30:16:a9:58:3a: af:e3:fa:8b:61:0b:04:64:c4:de:c2:94:7b:f0:02: 6b:f7:4a:52:77:8e:c5:a4:bc:12:db:65:7a:a5:5f: e1:d6:2d:5c:6a:2f:14:16:29:fb:4e:29:90:1c:55: 38:29:f2:e1:c1:7d:4f:ed:8a:d2:8c:5c:6d:15:ac: 44:ad:b0:2e:e8:54:ed:89:0e:5a:32:1d:78:fc:2b: 9b:7e:23:19:44:87:30:62:fd:c7:75:a9:4c:8d:d6: c6:1d:02:f2:7c:47:70:7b:75:58:ab:d6:2b:22:9e: bf:45:6e:fe:4e:14:db:4d:a4:20:cd:77:79:23:31: f9:9e:c8:7c:47:3f:75:4b:4b:c7:ed:f0:13:5f:87: 05:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:D3:A9:80:C0:B3:E9:D4:2A:26:52:CD:E6:2F:0B:90:DC:74:61:81 X509v3 Authority Key Identifier: keyid:3F:31:FB:5D:8E:F4:7D:AD:38:DD:92:EA:1A:89:E8:88:71:40:3A:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PzH7XY70fa043ZLqGonoiHFAOjE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C66B2/C4F15472201611F0A8D74314C4F9AE02/PzH7XY70fa043ZLqGonoiHFAOjE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:12:8f:be:ac:ed:10:01:a4:27:99:4d:fe:00:c4:6b:0b:ba: 9d:df:e3:8f:ca:1e:74:77:d4:b8:37:8f:c9:b0:56:55:61:e6: e0:43:80:63:a2:4f:3d:94:29:42:70:b8:2b:fd:27:cd:53:1b: 1f:ad:fa:56:74:75:7f:1a:fa:87:f0:1d:3d:89:1a:7b:e3:ec: 0f:e2:d4:c8:3d:0f:02:6d:3f:84:94:b2:88:96:85:05:2b:47: 30:30:48:cb:fa:66:2b:6a:4a:30:47:b7:8c:38:cd:3b:38:72: 5d:35:76:0e:9d:6f:2f:ba:c1:28:28:32:c4:e7:ae:45:74:51: b8:87:a6:27:4a:6f:00:f8:0d:b9:c4:9b:79:6d:33:be:fd:0d: 95:7d:ad:c0:14:ec:8f:28:eb:b4:e9:19:1d:d8:76:76:ab:bb: b1:57:ba:59:6a:45:17:76:f1:6a:e0:3f:f9:aa:a3:4c:8b:10: 3b:eb:fa:90:4e:f5:82:08:62:2a:53:b0:04:bc:86:db:60:5f: 8a:b3:a9:69:0a:5c:2a:a1:b2:89:a0:9a:58:17:4e:b2:5f:85: 49:d4:e3:30:90:9f:69:7c:a3:2d:71:ec:4e:c7:a4:d6:3b:e8: 7a:16:f4:30:72:69:2e:47:ea:db:10:ce:15:82:a6:b2:06:74: 58:3c:a3:d1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NjZCMjExMC8GA1UEBRMoM0YzMUZCNUQ4RUY0N0RBRDM4REQ5MkVBMUE4OUU4ODg3 MTQwM0EzMTAeFw0yNTA2MjkwNjUwNThaFw0yNTA3MDYwNjUwNThaMBgxFjAUBgNV BAMTDTY4NjBlMjUzLWIzNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDE8y2jdRUTWpHHGnkLGXWUTk7S0N8fmAMTzH7b6pGzi0HyQrbI96jzjz4oCUBf 0PvaA7bOGqszwsMzxWBBjFXqVZs3kMRAsrQcdmT6GqNO2vCjWtRf/GRoj80EJFN9 diyzNhS4W4AhZ08vvXJ1JNtv5dIwFqlYOq/j+othCwRkxN7ClHvwAmv3SlJ3jsWk vBLbZXqlX+HWLVxqLxQWKftOKZAcVTgp8uHBfU/titKMXG0VrEStsC7oVO2JDloy HXj8K5t+IxlEhzBi/cd1qUyN1sYdAvJ8R3B7dVir1isinr9Fbv5OFNtNpCDNd3kj MfmeyHxHP3VLS8ft8BNfhwVdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7dOpgMCz 6dQqJlLN5i8LkNx0YYEwHwYDVR0jBBgwFoAUPzH7XY70fa043ZLqGonoiHFAOjEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NkIyL0M0RjE1NDcyMjAx NjExRjBBOEQ3NDMxNEM0RjlBRTAyL1B6SDdYWTcwZmEwNDNaTHFHb25vaUhGQU9q RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHpIN1hZNzBmYTA0M1pMcUdvbm9pSEZBT2pFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2 NkIyL0M0RjE1NDcyMjAxNjExRjBBOEQ3NDMxNEM0RjlBRTAyL1B6SDdYWTcwZmEw NDNaTHFHb25vaUhGQU9qRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHoSj76s7RABpCeZTf4AxGsLup3f44/KHnR31Lg3j8mwVlVh5uBDgGOi Tz2UKUJwuCv9J81TGx+t+lZ0dX8a+ofwHT2JGnvj7A/i1Mg9DwJtP4SUsoiWhQUr RzAwSMv6ZitqSjBHt4w4zTs4cl01dg6dby+6wSgoMsTnrkV0UbiHpidKbwD4DbnE m3ltM779DZV9rcAU7I8o67TpGR3Ydnaru7FXullqRRd28WrgP/mqo0yLEDvr+pBO 9YIIYipTsAS8httgX4qzqWkKXCqhsomgmlgXTrJfhUnU4zCQn2l8oy1x7E7HpNY7 6HoW9DByaS5H6tsQzhWCprIGdFg8o9E= -----END CERTIFICATE-----Generated at Mon Jun 30 18:54:14 2025 by rpki-client