$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft File: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft (raw, json) Hash identifier: vfDb1J+bMGTwVcQn7pI84BVR6o/7G2pKJE+TDRxdoHM= Subject key identifier: 98:B0:94:70:22:91:52:E2:29:CC:48:9C:F7:4F:4E:AC:4D:98:15:94 Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Certificate serial: 41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft Manifest number: 38 Signing time: Tue 01 Jul 2025 08:31:44 +0000 Manifest this update: Tue 01 Jul 2025 08:31:44 +0000 Manifest next update: Tue 08 Jul 2025 08:31:44 +0000 Files and hashes: 1: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl (hash: B0qqZZRIBkmQlM2aHHe/SYmkWFP6WPfsFq05u5+aAhs=) 2: 0AC13D943C5711F0BFBB572EC4F9AE02.roa (hash: o0ChCLIPHM8nd8JoYhOYYDjMTFndJtBeuXYBvBkCdkM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:31:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65 (0x41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Validity Not Before: Jul 1 08:31:44 2025 GMT Not After : Jul 8 08:31:44 2025 GMT Subject: CN=68639cf0-519a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f3:80:1b:47:48:69:27:1c:6a:17:89:9f:a0: f0:42:6a:2b:17:a5:a6:ee:8d:41:25:be:d5:1b:e4: 1f:23:4a:7e:40:65:f7:7e:02:58:c6:8a:c5:14:03: a3:5c:bd:06:80:66:82:54:7d:f9:19:ab:fd:f4:d2: cf:4e:cf:42:c3:a3:9c:0c:6b:b2:3b:74:eb:5a:f9: c1:6d:87:ef:14:60:d0:ee:87:66:f8:49:18:e2:6f: e1:89:b5:21:70:18:98:08:5f:32:14:3d:5c:56:01: 2f:8a:9a:85:b4:8e:23:b6:a0:04:91:90:36:4b:db: fd:be:c1:83:3f:b5:3a:6c:70:af:95:1a:83:22:c2: cc:bf:f4:3f:90:88:da:76:d7:fc:38:a4:2b:40:45: e4:f8:3d:0a:37:43:d2:41:81:69:50:7b:ff:c0:38: db:32:03:8a:0c:4b:7c:dc:c3:40:1f:92:30:fd:3e: 16:bd:d6:1c:f6:47:3d:2b:65:9b:1a:4d:4c:b4:e9: 78:64:ea:d2:e8:15:82:b1:15:a1:94:9c:40:88:88: 53:9d:a3:83:08:6e:05:f6:be:4c:9d:a6:73:fe:38: 08:c2:ac:dc:bd:65:88:65:8a:9f:fd:37:b9:de:a3: 66:86:77:2c:26:f4:e9:7e:ff:74:6c:3f:7a:57:2c: d3:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:B0:94:70:22:91:52:E2:29:CC:48:9C:F7:4F:4E:AC:4D:98:15:94 X509v3 Authority Key Identifier: keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:20:60:57:f2:e5:6a:1d:dd:fe:d1:b7:c1:25:34:9e:cd:aa: b6:7b:2f:01:d8:61:9f:11:cc:a4:1e:3a:58:3b:b1:eb:e2:4d: c3:83:54:af:9b:31:8b:ec:42:40:f5:3b:4c:a9:7b:af:28:d9: 2a:71:32:fd:b7:91:9f:f6:1f:53:8c:0b:c3:f2:ea:74:42:1a: e3:2b:95:07:b6:b5:0c:ba:15:ed:5d:09:3a:82:cb:21:e2:a7: ea:b8:5e:a0:cc:86:6e:72:56:7b:39:10:f6:6d:e1:63:45:6c: 2f:71:09:be:7c:f8:e3:fe:51:e7:fd:68:35:0e:7d:12:5b:61: 70:a5:b9:eb:0e:0e:3e:e4:24:4e:a9:18:46:11:64:21:07:e1: 8b:d0:b2:3a:2d:24:01:a6:01:d5:f2:09:ce:65:ee:db:9c:e5: 7d:f8:e7:23:3e:7a:d5:c0:e1:0d:71:7f:f7:43:b8:69:f2:cc: 3b:b4:3c:de:18:a7:e6:ea:b5:d5:dc:1b:1b:05:98:2b:2a:c4: ce:94:b6:f9:ce:de:0c:84:6b:2f:53:00:18:79:f9:35:1a:e4: 33:2e:a5:76:4b:5c:d6:81:c8:5c:52:30:83:9c:02:1f:c7:af: e0:14:44:4b:e0:b5:ee:e5:23:93:cf:35:dd:14:73:8f:57:b9: 67:a7:2e:ef -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4 OEE4MzkxQTAeFw0yNTA3MDEwODMxNDRaFw0yNTA3MDgwODMxNDRaMBgxFjAUBgNV BAMTDTY4NjM5Y2YwLTUxOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC684AbR0hpJxxqF4mfoPBCaisXpabujUElvtUb5B8jSn5AZfd+AljGisUUA6Nc vQaAZoJUffkZq/300s9Oz0LDo5wMa7I7dOta+cFth+8UYNDuh2b4SRjib+GJtSFw GJgIXzIUPVxWAS+KmoW0jiO2oASRkDZL2/2+wYM/tTpscK+VGoMiwsy/9D+QiNp2 1/w4pCtAReT4PQo3Q9JBgWlQe//AONsyA4oMS3zcw0AfkjD9Pha91hz2Rz0rZZsa TUy06Xhk6tLoFYKxFaGUnECIiFOdo4MIbgX2vkydpnP+OAjCrNy9ZYhlip/9N7ne o2aGdywm9Ol+/3RsP3pXLNObAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmLCUcCKR UuIpzEic909OrE2YFZQwHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 QUE1L0JBRkIzNTc0MTVCQjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndR OUtQdC1jd1gweElpb09Sby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEcgYFfy5Wod3f7Rt8ElNJ7NqrZ7LwHYYZ8RzKQeOlg7seviTcODVK+b MYvsQkD1O0ype68o2SpxMv23kZ/2H1OMC8Py6nRCGuMrlQe2tQy6Fe1dCTqCyyHi p+q4XqDMhm5yVns5EPZt4WNFbC9xCb58+OP+Uef9aDUOfRJbYXCluesODj7kJE6p GEYRZCEH4YvQsjotJAGmAdXyCc5l7tuc5X345yM+etXA4Q1xf/dDuGnyzDu0PN4Y p+bqtdXcGxsFmCsqxM6UtvnO3gyEay9TABh5+TUa5DMupXZLXNaByFxSMIOcAh/H r+AUREvgte7lI5PPNd0Uc49XuWenLu8= -----END CERTIFICATE-----Generated at Tue Jul 1 16:52:11 2025 by rpki-client