$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft File: 2YRcGequkJIocqDK_QUfFmFPhK8.mft (raw, json) Hash identifier: pz7QS+m3QOygKekhhZYrMutBXfaBQu7fEU71kqs5o2A= Subject key identifier: 0C:93:C4:C3:86:45:DC:20:AF:5D:55:86:D0:3D:20:D1:A7:08:A4:FE Authority key identifier: D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF Certificate issuer: /CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF Certificate serial: 0E28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft Manifest number: 0FBC Signing time: Wed 02 Jul 2025 18:03:08 +0000 Manifest this update: Wed 02 Jul 2025 18:03:07 +0000 Manifest next update: Wed 09 Jul 2025 18:03:07 +0000 Files and hashes: 1: 2YRcGequkJIocqDK_QUfFmFPhK8.crl (hash: ghO5nAONtc8KLHMMvgigJiI9lPJE0J6sM662OW+RIFk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3624 (0xe28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6BF0, serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF Validity Not Before: Jul 2 18:03:07 2025 GMT Not After : Jul 9 18:03:07 2025 GMT Subject: CN=6865745c-6b1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d5:c8:2e:7c:88:50:5a:64:e7:c3:94:9f:a9: 20:16:b9:ec:ce:87:d3:6d:a1:c3:20:19:ee:32:24: 72:80:08:a7:5a:d2:eb:9a:0e:ab:9a:9a:a4:19:3e: e6:d3:3d:71:5c:8f:00:61:2c:18:ba:5e:d7:67:9b: 9f:39:f3:43:fd:6b:21:66:ce:14:5d:1d:60:64:ee: 28:98:2f:dc:7a:8a:9e:a2:d6:51:63:26:4c:05:76: 67:55:e9:aa:38:4a:aa:9b:19:0d:3f:a4:43:7d:1a: f4:8a:1e:0a:2a:a8:10:94:4b:24:62:17:06:9d:6a: b1:28:9f:e1:31:81:d2:1e:d0:49:da:5e:93:58:ee: 09:43:54:a5:94:d2:58:f2:31:c0:5f:64:f2:fc:8d: 66:7a:8b:96:a2:d5:e1:fc:23:a8:9c:2d:30:c7:da: 6b:d9:4b:94:70:53:e0:e9:b1:78:7a:5e:f0:ee:dc: 41:bf:4d:92:5b:33:cf:d9:22:c1:34:ee:fb:48:09: 00:eb:a4:8f:8f:bc:e2:43:fd:f1:cf:a9:4b:17:7b: 44:df:04:ad:ec:8a:5b:4a:6f:a7:51:4f:e5:91:93: 6b:58:01:b3:bd:4d:37:3e:81:ce:e9:e6:bb:51:ea: 2e:ed:33:1b:fe:85:96:b3:2e:03:78:ea:f5:50:62: a6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:93:C4:C3:86:45:DC:20:AF:5D:55:86:D0:3D:20:D1:A7:08:A4:FE X509v3 Authority Key Identifier: keyid:D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:95:7b:0d:cb:23:79:2e:d6:8a:00:a8:b7:a2:16:44:9e:96: 7f:35:ba:d0:77:52:ae:c4:b9:28:40:3d:ea:db:70:b7:05:d1: fb:73:eb:55:cd:f8:ac:8a:7b:43:e0:6d:d5:04:73:48:c8:b1: 86:a4:53:d6:de:d2:cd:15:88:01:89:7c:23:95:fb:4f:43:74: 4d:e6:38:3c:50:0d:dc:84:cb:0a:04:0b:b5:8e:a7:d9:34:22: 8c:76:2d:fb:33:e6:22:8e:03:a8:92:a9:0e:f4:b6:11:22:b9: 9b:a9:ab:63:e1:a7:3e:ad:2c:42:d4:3d:9e:18:e0:c0:f6:c4: 3d:63:58:02:35:15:98:55:31:ec:c4:8e:74:4f:5c:e4:63:2b: ad:a5:22:32:5c:5f:8d:f3:b5:68:95:d0:12:81:6e:68:5f:d8: c1:70:67:d6:1d:53:06:e1:a7:8c:0c:66:54:c9:56:de:12:d2: cf:6f:0e:07:5f:7b:da:36:1d:71:d7:17:7a:c4:7c:ce:35:97: c7:b3:c2:cd:e6:0f:45:4d:2f:42:02:a6:35:2c:f3:3d:d8:c1: 03:05:7b:4e:96:c7:a2:0a:8a:95:61:81:44:99:2a:23:df:49: 9c:84:d2:05:e9:bd:76:85:e3:02:6f:1e:77:ce:de:d6:9c:62: fd:68:75:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZCRjAxMTAvBgNVBAUTKEQ5ODQ1QzE5RUFBRTkwOTIyODcyQTBDQUZEMDUxRjE2 NjE0Rjg0QUYwHhcNMjUwNzAyMTgwMzA3WhcNMjUwNzA5MTgwMzA3WjAYMRYwFAYD VQQDEw02ODY1NzQ1Yy02YjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuNXILnyIUFpk58OUn6kgFrnszofTbaHDIBnuMiRygAinWtLrmg6rmpqkGT7m 0z1xXI8AYSwYul7XZ5ufOfND/WshZs4UXR1gZO4omC/ceoqeotZRYyZMBXZnVemq OEqqmxkNP6RDfRr0ih4KKqgQlEskYhcGnWqxKJ/hMYHSHtBJ2l6TWO4JQ1SllNJY 8jHAX2Ty/I1meouWotXh/COonC0wx9pr2UuUcFPg6bF4el7w7txBv02SWzPP2SLB NO77SAkA66SPj7ziQ/3xz6lLF3tE3wSt7IpbSm+nUU/lkZNrWAGzvU03PoHO6ea7 Ueou7TMb/oWWsy4DeOr1UGKmeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAyTxMOG Rdwgr11VhtA9INGnCKT+MB8GA1UdIwQYMBaAFNmEXBnqrpCSKHKgyv0FHxZhT4Sv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJGMC8xNDkxOTc0QUFF QkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtKSW9jcURLX1FVZkZtRlBo SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJZUmNHZXF1a0pJb2NxREtfUVVmRm1GUGhLOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NkJGMC8xNDkxOTc0QUFFQkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtK SW9jcURLX1FVZkZtRlBoSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2lXsNyyN5LtaKAKi3ohZEnpZ/NbrQd1KuxLkoQD3q23C3BdH7c+tV zfisintD4G3VBHNIyLGGpFPW3tLNFYgBiXwjlftPQ3RN5jg8UA3chMsKBAu1jqfZ NCKMdi37M+YijgOokqkO9LYRIrmbqatj4ac+rSxC1D2eGODA9sQ9Y1gCNRWYVTHs xI50T1zkYyutpSIyXF+N87VoldASgW5oX9jBcGfWHVMG4aeMDGZUyVbeEtLPbw4H X3vaNh1x1xd6xHzONZfHs8LN5g9FTS9CAqY1LPM92MEDBXtOlseiCoqVYYFEmSoj 30mchNIF6b12heMCbx53zt7WnGL9aHUx -----END CERTIFICATE-----Generated at Thu Jul 3 11:27:59 2025 by rpki-client