$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft File: q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft (raw, json) Hash identifier: meYzzhXL12X+ApXcLpX6BXu9WztjeD8K1Brbyn/Lm7U= Subject key identifier: 22:96:75:BF:27:EE:1A:00:F3:BB:C4:4F:D7:E1:F2:C5:7A:6B:6F:DD Authority key identifier: AB:53:D9:92:81:02:B9:19:DB:7C:54:65:C8:DD:5F:F2:66:74:43:B3 Certificate issuer: /CN=A91C7E5B/serialNumber=AB53D9928102B919DB7C5465C8DD5FF2667443B3 Certificate serial: 14 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft Manifest number: 13 Signing time: Tue 01 Jul 2025 08:50:31 +0000 Manifest this update: Tue 01 Jul 2025 08:50:30 +0000 Manifest next update: Tue 08 Jul 2025 08:50:30 +0000 Files and hashes: 1: q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl (hash: 1Nvb1cgTx1/zcPs1RZopyfRSL6RILD5olVCAkYFuEeU=) 2: 765A9AEC3C6F11F0A83E954EC4F9AE02.roa (hash: 1LK4ltfDfUObnmcEpgqLd5X9zDYVgPh3Q6BVcaMlN3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:50:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7E5B, serialNumber=AB53D9928102B919DB7C5465C8DD5FF2667443B3 Validity Not Before: Jul 1 08:50:30 2025 GMT Not After : Jul 8 08:50:30 2025 GMT Subject: CN=6863a157-fc91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b9:5b:bb:0c:0b:30:a8:49:51:5f:1f:09:97: ed:44:54:97:61:3d:94:e4:ba:34:96:83:b6:67:7f: b3:8a:de:50:21:7b:35:e4:1c:3c:66:f9:67:73:da: 16:b8:9a:80:2e:44:e5:d3:3f:06:85:b1:ce:9e:b4: 92:3f:1d:fb:72:35:46:19:60:cd:b0:9d:8e:ef:18: 8c:aa:4f:94:c9:8e:c0:84:3c:b3:de:fe:0e:fb:8e: 1e:77:f8:72:7f:79:40:0a:08:8d:97:9f:17:04:1e: 90:3d:8c:f3:29:26:a2:26:da:48:9b:1e:eb:9b:b5: d5:6f:31:d7:17:4a:cb:b2:17:55:7c:56:bb:54:43: 67:fe:ad:fd:6c:19:fd:8e:82:ab:c7:68:fd:66:51: bd:1d:1c:34:a9:f8:a4:49:cc:ba:81:dc:9f:39:05: ef:5f:ce:04:6c:5c:3c:28:90:d1:80:17:52:4e:2d: ee:a9:5d:0c:4a:1d:c8:c8:c2:5e:59:9f:64:79:b5: c9:cc:53:50:0f:07:ab:2f:fb:5c:36:f3:27:3a:ff: 03:ef:31:53:8e:2c:bc:11:88:09:9c:40:db:f2:12: 59:a1:90:81:74:cc:04:bc:17:51:14:7b:bb:1b:bf: 86:ea:04:da:dd:f6:38:6b:6f:aa:d3:14:b1:70:86: b3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:96:75:BF:27:EE:1A:00:F3:BB:C4:4F:D7:E1:F2:C5:7A:6B:6F:DD X509v3 Authority Key Identifier: keyid:AB:53:D9:92:81:02:B9:19:DB:7C:54:65:C8:DD:5F:F2:66:74:43:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:e8:f0:a9:b7:31:31:72:7c:22:1a:7c:f9:2f:ca:b4:3c:04: 16:93:a9:33:7a:1e:b6:2e:1a:43:00:98:7c:a7:b5:55:1e:fd: e6:5f:f5:14:9c:c4:76:b5:45:82:3c:a2:88:56:e6:39:7a:5b: 8b:17:6a:9a:80:a0:0e:be:e4:23:28:d9:79:af:d8:06:b6:7f: ab:76:01:2c:4a:b0:cd:aa:1a:36:f6:33:fe:6a:fb:43:17:d4: b4:78:2b:80:67:b4:e6:90:0c:bb:c6:e5:6f:57:5b:a2:0e:a1: 38:49:70:21:49:eb:cf:06:a3:b6:c0:ec:a7:98:98:ae:67:75: 75:93:6e:b1:44:ff:8c:2d:cd:b0:f9:f7:e1:8e:48:2f:54:dd: 09:54:53:9f:da:08:1d:56:6e:80:6e:39:31:ba:cc:9c:c5:39: 8c:ef:e0:b1:96:2a:39:7e:5e:ad:a8:62:06:a4:ea:d7:ea:92: c7:64:81:64:19:3d:7f:9b:21:6a:46:f4:32:c5:2f:eb:14:f5: 97:b5:d6:44:4b:e2:cc:64:07:22:35:88:d6:88:ff:a4:6e:9f: 0d:f5:b1:3f:1c:db:86:4d:cf:2d:b9:f9:20:a9:b5:2d:67:9b: 02:2a:44:f8:90:c1:c3:3c:a8:af:f9:43:a3:e0:50:b7:24:90: 21:a8:77:38 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0U1QjExMC8GA1UEBRMoQUI1M0Q5OTI4MTAyQjkxOURCN0M1NDY1QzhERDVGRjI2 Njc0NDNCMzAeFw0yNTA3MDEwODUwMzBaFw0yNTA3MDgwODUwMzBaMBgxFjAUBgNV BAMTDTY4NjNhMTU3LWZjOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCuVu7DAswqElRXx8Jl+1EVJdhPZTkujSWg7Znf7OK3lAhezXkHDxm+Wdz2ha4 moAuROXTPwaFsc6etJI/HftyNUYZYM2wnY7vGIyqT5TJjsCEPLPe/g77jh53+HJ/ eUAKCI2XnxcEHpA9jPMpJqIm2kibHuubtdVvMdcXSsuyF1V8VrtUQ2f+rf1sGf2O gqvHaP1mUb0dHDSp+KRJzLqB3J85Be9fzgRsXDwokNGAF1JOLe6pXQxKHcjIwl5Z n2R5tcnMU1APB6sv+1w28yc6/wPvMVOOLLwRiAmcQNvyElmhkIF0zAS8F1EUe7sb v4bqBNrd9jhrb6rTFLFwhrMrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIpZ1vyfu GgDzu8RP1+HyxXprb90wHwYDVR0jBBgwFoAUq1PZkoECuRnbfFRlyN1f8mZ0Q7Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3RTVCL0Q4NEU3QkYyM0M2 RTExRjA5RDc2QTI0REM0RjlBRTAyL3ExUFprb0VDdVJuYmZGUmx5TjFmOG1aMFE3 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcTFQWmtvRUN1Um5iZkZSbHlOMWY4bVowUTdNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 RTVCL0Q4NEU3QkYyM0M2RTExRjA5RDc2QTI0REM0RjlBRTAyL3ExUFprb0VDdVJu YmZGUmx5TjFmOG1aMFE3TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGXo8Km3MTFyfCIafPkvyrQ8BBaTqTN6HrYuGkMAmHyntVUe/eZf9RSc xHa1RYI8oohW5jl6W4sXapqAoA6+5CMo2Xmv2Aa2f6t2ASxKsM2qGjb2M/5q+0MX 1LR4K4BntOaQDLvG5W9XW6IOoThJcCFJ688Go7bA7KeYmK5ndXWTbrFE/4wtzbD5 9+GOSC9U3QlUU5/aCB1WboBuOTG6zJzFOYzv4LGWKjl+Xq2oYgak6tfqksdkgWQZ PX+bIWpG9DLFL+sU9Ze11kRL4sxkByI1iNaI/6Runw31sT8c24ZNzy25+SCptS1n mwIqRPiQwcM8qK/5Q6PgULckkCGodzg= -----END CERTIFICATE-----Generated at Tue Jul 1 17:05:53 2025 by rpki-client