$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft File: m2fIchTtmWVAcRkL688LjZ-hr04.mft (raw, json) Hash identifier: fE9dlcDiYjgrVgWqErwaZ9/nyVR/mASPUsVvPaAfb2E= Subject key identifier: 4E:4D:86:14:D6:22:84:2A:F5:D0:54:4F:1D:6C:02:6A:6D:24:40:DB Authority key identifier: 9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E Certificate issuer: /CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Certificate serial: 0C17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft Manifest number: 0C00 Signing time: Mon 30 Jun 2025 18:57:07 +0000 Manifest this update: Mon 30 Jun 2025 18:57:06 +0000 Manifest next update: Mon 07 Jul 2025 18:57:06 +0000 Files and hashes: 1: m2fIchTtmWVAcRkL688LjZ-hr04.crl (hash: A9wCvovagIXw+YLpiJv0g8u/550eKuwK4ZX6BlYCEuY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 18:57:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3095 (0xc17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBDC8, serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Validity Not Before: Jun 30 18:57:06 2025 GMT Not After : Jul 7 18:57:06 2025 GMT Subject: CN=6862de02-df98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:3d:ea:5e:ca:6b:f5:38:cb:6e:27:51:b2:51: a1:7d:5b:88:21:8b:dc:22:9b:35:ac:c0:4a:b7:a9: 81:9c:6c:71:96:48:05:57:65:f3:22:f6:a1:f4:c9: 72:cd:d8:b0:5b:3a:3e:54:23:d2:ff:eb:a1:40:e4: ae:88:1d:98:13:ca:96:3b:03:d6:6e:56:f8:62:ed: cd:c4:90:4e:46:0f:b9:a2:c5:eb:b3:0c:33:1b:6e: e4:f0:3a:cb:43:03:fc:3c:a0:e3:57:35:69:65:7e: 71:78:eb:42:da:2a:27:34:9d:48:d1:71:6a:2a:63: 00:12:60:03:e7:04:5c:d1:f7:5e:63:2f:52:fa:27: b8:b9:87:5a:64:cc:66:9c:0d:ff:11:eb:9d:b6:92: 5c:91:e1:ad:3f:91:e0:4f:58:00:a2:48:bb:cb:1e: 51:95:39:6c:49:84:df:76:28:81:cd:2e:93:91:de: 9a:34:9e:97:72:41:84:08:6d:42:2a:36:8d:22:fc: f4:e1:fe:16:63:96:25:e4:cf:33:04:21:10:2b:63: f0:04:11:1e:74:50:a1:fd:50:3f:73:60:40:48:e6: f0:2f:95:8b:bb:4a:cc:75:39:d4:c1:f8:f1:07:ac: 20:4a:e8:a4:f6:8d:0b:c0:48:ee:14:95:c8:10:27: ca:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:4D:86:14:D6:22:84:2A:F5:D0:54:4F:1D:6C:02:6A:6D:24:40:DB X509v3 Authority Key Identifier: keyid:9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:c6:96:99:11:bc:97:2a:87:6e:3f:96:32:ed:76:90:00:9a: 22:ef:de:f1:6c:8d:c7:3a:d1:8c:2d:15:3a:eb:ee:dd:48:c0: b5:31:ae:74:5d:f6:ed:28:33:51:58:35:82:2a:05:76:06:21: 37:fd:8c:5f:90:ec:f6:ab:10:0f:c7:47:f6:01:95:3d:f4:3e: 49:cd:7c:8a:f2:02:72:7a:4c:a7:df:91:7b:c4:dc:8f:b6:95: 5c:c2:19:27:37:58:aa:04:bf:b5:97:ee:80:7a:ed:84:eb:15: 0c:3b:ac:86:a2:28:8e:9c:1f:0e:56:a2:9e:23:90:71:1b:a0: 77:81:f2:1c:d0:65:49:14:e8:37:78:17:17:06:96:db:9b:2e: 7d:92:65:b7:d2:1c:95:55:46:76:c0:46:b2:a9:3b:ee:0a:d9: 35:1a:c0:a4:f0:0a:df:09:d6:7a:bb:b2:e1:d1:08:03:33:e2: 00:13:2e:e0:f1:ec:ec:4d:4d:66:94:f2:39:e3:7b:85:d2:52: 29:2d:6c:70:1c:0a:16:bc:47:e9:77:66:82:88:63:84:14:ae: 10:c1:a8:60:75:d7:b7:34:22:55:fd:4b:d3:16:eb:a8:c4:38: 90:fa:aa:1a:04:c7:dd:95:4a:c5:80:38:94:f4:89:f7:be:51: f4:9b:2c:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JEQzgxMTAvBgNVBAUTKDlCNjdDODcyMTRFRDk5NjU0MDcxMTkwQkVCQ0YwQjhE OUZBMUFGNEUwHhcNMjUwNjMwMTg1NzA2WhcNMjUwNzA3MTg1NzA2WjAYMRYwFAYD VQQDEw02ODYyZGUwMi1kZjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4z3qXspr9TjLbidRslGhfVuIIYvcIps1rMBKt6mBnGxxlkgFV2XzIvah9Mly zdiwWzo+VCPS/+uhQOSuiB2YE8qWOwPWblb4Yu3NxJBORg+5osXrswwzG27k8DrL QwP8PKDjVzVpZX5xeOtC2ionNJ1I0XFqKmMAEmAD5wRc0fdeYy9S+ie4uYdaZMxm nA3/EeudtpJckeGtP5HgT1gAoki7yx5RlTlsSYTfdiiBzS6Tkd6aNJ6XckGECG1C KjaNIvz04f4WY5Yl5M8zBCEQK2PwBBEedFCh/VA/c2BASObwL5WLu0rMdTnUwfjx B6wgSuik9o0LwEjuFJXIECfKvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE5NhhTW IoQq9dBUTx1sAmptJEDbMB8GA1UdIwQYMBaAFJtnyHIU7ZllQHEZC+vPC42foa9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkRDOC82Njk3NjNGMDE4 RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1XVkFjUmtMNjg4TGpaLWhy MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL20yZkljaFR0bVdWQWNSa0w2ODhMalotaHIwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QkRDOC82Njk3NjNGMDE4RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1X VkFjUmtMNjg4TGpaLWhyMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGxpaZEbyXKoduP5Yy7XaQAJoi797xbI3HOtGMLRU66+7dSMC1Ma50 XfbtKDNRWDWCKgV2BiE3/YxfkOz2qxAPx0f2AZU99D5JzXyK8gJyekyn35F7xNyP tpVcwhknN1iqBL+1l+6Aeu2E6xUMO6yGoiiOnB8OVqKeI5BxG6B3gfIc0GVJFOg3 eBcXBpbbmy59kmW30hyVVUZ2wEayqTvuCtk1GsCk8ArfCdZ6u7Lh0QgDM+IAEy7g 8ezsTU1mlPI543uF0lIpLWxwHAoWvEfpd2aCiGOEFK4Qwahgdde3NCJV/UvTFuuo xDiQ+qoaBMfdlUrFgDiU9In3vlH0myyp -----END CERTIFICATE-----Generated at Tue Jul 1 21:11:33 2025 by rpki-client