$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: SpX2ZQRm6cLzczSunN6XWqgyilPszTGhMb8X4+P7nxY= Subject key identifier: 38:E7:6A:91:4F:07:82:EC:59:FC:90:A9:6E:AD:5E:28:B6:6A:51:03 Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0E72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E59 Signing time: Wed 02 Jul 2025 17:58:39 +0000 Manifest this update: Wed 02 Jul 2025 17:58:39 +0000 Manifest next update: Wed 09 Jul 2025 17:58:39 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: bmD6GuINAJZpl0+xBWmcY7rXb3rTPyQy1P4sMDqljdM=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: xJh5HRbn741snUCbMX+RHgdNum29ocH1QT8bD3kB9Uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:58:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3698 (0xe72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: Jul 2 17:58:39 2025 GMT Not After : Jul 9 17:58:39 2025 GMT Subject: CN=6865734f-3326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:af:cc:e0:a1:3e:8c:1a:7c:17:a3:42:32:d6: f3:fa:92:93:a1:2b:dd:44:01:59:c2:dc:a0:57:c7: b5:e5:f0:96:9e:a0:46:20:7b:00:32:79:88:e5:8b: 92:75:35:29:83:49:f8:cf:f9:92:db:af:1f:c8:28: e4:cb:37:ad:b7:f3:89:da:b3:5c:91:1e:20:d9:69: aa:1f:48:1b:90:a7:f1:bd:60:71:8c:9f:44:cc:3b: cd:c9:ac:b9:a0:a4:4c:67:e0:79:52:a9:92:b5:51: 46:63:51:4c:e7:65:06:af:47:fd:82:bf:f2:1d:2f: 3d:99:25:85:a8:85:80:3a:0c:55:5e:33:0b:46:56: f8:a2:74:7d:b2:e8:36:cd:80:13:cf:8d:96:28:4c: e1:7e:3b:19:a1:21:74:35:2c:99:6a:b8:26:85:7a: 33:30:7f:69:a7:94:f8:8d:77:06:2a:3a:0d:37:24: bf:6d:9d:2f:78:5b:aa:0f:f3:9e:5d:06:c7:6e:23: ef:d6:b3:2c:b9:21:0c:3d:56:d5:a3:11:c2:20:c1: 23:f4:12:39:c3:81:69:05:96:c6:f9:ac:87:0c:4f: 28:8a:03:5d:d0:6b:df:49:f6:3c:81:f1:00:83:10: 4b:bb:5b:51:f2:a4:87:1f:c3:d3:84:f3:92:1d:44: 44:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E7:6A:91:4F:07:82:EC:59:FC:90:A9:6E:AD:5E:28:B6:6A:51:03 X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:a3:a7:6a:b3:b7:db:24:50:e8:4b:88:c4:38:a5:2c:92:4a: 67:1a:bd:e5:0b:d3:db:4e:82:5a:86:5a:23:96:66:8c:ec:46: c2:94:3c:d2:64:ba:07:24:e1:33:9e:f0:fb:ad:7e:3a:26:cf: 13:3a:21:ed:03:39:66:56:51:50:c6:a1:85:77:0a:f2:0a:c8: 95:f1:6e:67:6c:72:95:4d:e3:bd:6e:d7:6a:58:e3:1d:03:36: 33:65:cc:a2:59:d5:62:f5:a4:68:28:15:17:d8:5b:ff:6b:b5: 94:bf:62:f0:a0:b2:d7:bd:0c:c9:c2:72:1e:43:1b:30:c1:0c: 53:16:e4:bc:de:21:68:1c:d0:26:5a:d8:ef:9d:7b:08:c3:b1: 5b:13:07:5c:c1:66:b8:76:9e:c1:db:53:4c:fd:ce:8d:d8:9e: 55:57:4f:ed:f0:f6:c5:99:d2:dd:63:f3:ef:d6:a5:e3:ef:c4: cb:41:69:a4:29:82:64:ec:50:c5:cb:5c:7a:e4:6c:5e:d0:35: 46:cb:1c:99:e5:4c:53:13:e4:1c:86:ad:f4:c5:b7:f9:34:65: ff:9f:35:eb:2e:44:fe:bd:6c:19:f4:29:82:b6:70:8a:96:da: b7:9e:b5:38:a8:1b:40:bf:d1:51:8b:cf:22:76:62:3a:84:33: ea:4b:f0:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUwNzAyMTc1ODM5WhcNMjUwNzA5MTc1ODM5WjAYMRYwFAYD VQQDEw02ODY1NzM0Zi0zMzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzK/M4KE+jBp8F6NCMtbz+pKToSvdRAFZwtygV8e15fCWnqBGIHsAMnmI5YuS dTUpg0n4z/mS268fyCjkyzett/OJ2rNckR4g2WmqH0gbkKfxvWBxjJ9EzDvNyay5 oKRMZ+B5UqmStVFGY1FM52UGr0f9gr/yHS89mSWFqIWAOgxVXjMLRlb4onR9sug2 zYATz42WKEzhfjsZoSF0NSyZargmhXozMH9pp5T4jXcGKjoNNyS/bZ0veFuqD/Oe XQbHbiPv1rMsuSEMPVbVoxHCIMEj9BI5w4FpBZbG+ayHDE8oigNd0GvfSfY8gfEA gxBLu1tR8qSHH8PThPOSHUREVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDjnapFP B4LsWfyQqW6tXii2alEDMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAio6dqs7fbJFDoS4jEOKUskkpnGr3lC9PbToJahlojlmaM7EbClDzS ZLoHJOEznvD7rX46Js8TOiHtAzlmVlFQxqGFdwryCsiV8W5nbHKVTeO9btdqWOMd AzYzZcyiWdVi9aRoKBUX2Fv/a7WUv2LwoLLXvQzJwnIeQxswwQxTFuS83iFoHNAm WtjvnXsIw7FbEwdcwWa4dp7B21NM/c6N2J5VV0/t8PbFmdLdY/Pv1qXj78TLQWmk KYJk7FDFy1x65Gxe0DVGyxyZ5UxTE+Qchq30xbf5NGX/nzXrLkT+vWwZ9CmCtnCK ltq3nrU4qBtAv9FRi88idmI6hDPqS/C2 -----END CERTIFICATE-----Generated at Thu Jul 3 10:42:22 2025 by rpki-client