$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft File: MGSQ23RcleyGYUmf_IJkZnumf4o.mft (raw, json) Hash identifier: 9rrkSQ+X3DpC7jIFXZ5n08ELJrA63Hr2tRuRKITiaXA= Subject key identifier: 6B:91:98:2E:90:1F:C6:98:F3:CA:9C:EA:97:32:89:A3:F1:FE:72:2F Authority key identifier: 30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A Certificate issuer: /CN=A91CE7A4/serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Certificate serial: 5E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft Manifest number: 5D Signing time: Thu 03 Jul 2025 07:20:32 +0000 Manifest this update: Thu 03 Jul 2025 07:20:31 +0000 Manifest next update: Thu 10 Jul 2025 07:20:31 +0000 Files and hashes: 1: MGSQ23RcleyGYUmf_IJkZnumf4o.crl (hash: rKCEuZlysfp4zvlGFJ39ndztCB3jucT9GS+5RSWRZYc=) 2: 19C407C0CC1011EFBC7E0050C4F9AE02.roa (hash: 0uD06YfXP8jJiypkQtgg/+0Dg/DOv6s8Gpjo5ybB4rE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 94 (0x5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE7A4, serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Validity Not Before: Jul 3 07:20:31 2025 GMT Not After : Jul 10 07:20:31 2025 GMT Subject: CN=68662f3f-55de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:85:a7:5a:8e:5a:fa:57:1a:af:4a:17:00:8d: c1:ae:4a:60:63:c7:0b:9c:88:aa:02:39:f6:ce:b8: 7d:d0:7c:a9:20:ce:e4:c7:7e:2d:6f:bf:00:87:3d: 22:14:c2:73:c8:55:fc:ae:ce:b2:59:da:7e:30:6f: d3:a4:d6:3c:8a:c8:9e:c1:e9:27:c0:60:38:2d:86: 57:6a:12:34:e0:34:35:dc:78:f8:31:4b:0a:7d:5a: db:90:d1:77:99:11:00:cd:df:4c:4f:5a:3c:eb:ca: 2d:2d:87:f9:d1:b0:31:49:01:22:d1:05:f8:5f:4c: 1a:9c:8a:e9:33:39:64:70:99:f0:69:a0:05:2c:78: 7e:af:ae:52:93:2c:6c:40:ea:7c:17:1a:17:0d:c7: 3a:c0:17:12:dc:6c:99:7a:ee:6b:f7:58:25:af:4d: 37:13:fc:ae:90:65:2c:74:93:3f:35:f9:70:07:7c: da:be:79:b9:3f:63:cc:54:d8:35:84:c4:4c:1e:8e: cc:f6:37:1c:5b:d2:c5:40:20:ef:69:94:4e:37:14: 38:2b:ef:84:1d:cc:2b:5b:d5:c0:77:86:f3:65:df: cb:9b:cc:23:9b:8f:66:43:79:ee:1b:be:47:4d:c9: 55:4f:01:42:a5:f4:35:37:14:a7:24:dd:b5:2e:0a: 5c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:91:98:2E:90:1F:C6:98:F3:CA:9C:EA:97:32:89:A3:F1:FE:72:2F X509v3 Authority Key Identifier: keyid:30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:ca:fe:de:64:e2:a0:0a:45:8b:c5:ec:cb:87:e9:01:c2:12: 72:3e:d5:e0:f3:7c:a4:fe:fe:63:89:a9:7c:aa:20:8e:92:4b: 6a:da:e7:6e:e6:21:dd:d3:82:19:a2:7d:5d:82:c9:09:45:3a: 5e:e2:38:e3:e7:61:76:1e:3c:18:1f:5d:fe:4d:64:47:19:a7: 9c:91:1a:b9:d7:fd:67:e8:6f:0d:db:c3:d6:9f:de:33:59:b3: ae:53:57:06:0b:29:3e:7b:50:b6:e9:33:ff:ad:44:05:d9:da: dc:fb:d5:e8:c0:8a:a2:89:84:dc:48:76:43:cb:53:1c:85:90: 93:f5:bc:0c:50:ef:82:0f:a3:22:4b:d8:07:74:01:e8:8b:d8: 17:ba:71:26:70:ff:4b:75:7a:b2:95:38:b6:a9:d1:20:de:a7: 7b:1c:af:49:ce:43:b2:39:7a:a6:9e:f6:d9:89:f4:4e:d1:21: 4a:28:4f:6e:70:7e:04:8b:6c:97:de:a7:3e:69:f2:17:bd:8b: 26:d2:42:da:27:8b:3d:8b:f7:2f:69:6a:d6:0b:53:c5:f4:58: 9a:69:05:ed:c1:6c:d9:a7:8d:c9:ac:e2:d3:01:14:e7:77:25: 6f:a0:bf:bf:27:6f:31:4c:1f:2c:f2:01:7e:25:e5:72:5a:1d: 83:10:50:11 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTdBNDExMC8GA1UEBRMoMzA2NDkwREI3NDVDOTVFQzg2NjE0OTlGRkM4MjY0NjY3 QkE2N0Y4QTAeFw0yNTA3MDMwNzIwMzFaFw0yNTA3MTAwNzIwMzFaMBgxFjAUBgNV BAMTDTY4NjYyZjNmLTU1ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUhadajlr6VxqvShcAjcGuSmBjxwuciKoCOfbOuH3QfKkgzuTHfi1vvwCHPSIU wnPIVfyuzrJZ2n4wb9Ok1jyKyJ7B6SfAYDgthldqEjTgNDXcePgxSwp9WtuQ0XeZ EQDN30xPWjzryi0th/nRsDFJASLRBfhfTBqciukzOWRwmfBpoAUseH6vrlKTLGxA 6nwXGhcNxzrAFxLcbJl67mv3WCWvTTcT/K6QZSx0kz81+XAHfNq+ebk/Y8xU2DWE xEwejsz2Nxxb0sVAIO9plE43FDgr74QdzCtb1cB3hvNl38ubzCObj2ZDee4bvkdN yVVPAUKl9DU3FKck3bUuClxZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUa5GYLpAf xpjzypzqlzKJo/H+ci8wHwYDVR0jBBgwFoAUMGSQ23RcleyGYUmf/IJkZnumf4ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFN0E0L0I4OTBERkQyQ0Mw RjExRUZBMjc4RkQ0Q0M0RjlBRTAyL01HU1EyM1JjbGV5R1lVbWZfSUprWm51bWY0 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTUdTUTIzUmNsZXlHWVVtZl9JSmtabnVtZjRvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF N0E0L0I4OTBERkQyQ0MwRjExRUZBMjc4RkQ0Q0M0RjlBRTAyL01HU1EyM1JjbGV5 R1lVbWZfSUprWm51bWY0by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGPK/t5k4qAKRYvF7MuH6QHCEnI+1eDzfKT+/mOJqXyqII6SS2ra527m Id3TghmifV2CyQlFOl7iOOPnYXYePBgfXf5NZEcZp5yRGrnX/Wfobw3bw9af3jNZ s65TVwYLKT57ULbpM/+tRAXZ2tz71ejAiqKJhNxIdkPLUxyFkJP1vAxQ74IPoyJL 2Ad0AeiL2Be6cSZw/0t1erKVOLap0SDep3scr0nOQ7I5eqae9tmJ9E7RIUooT25w fgSLbJfepz5p8he9iybSQtoniz2L9y9patYLU8X0WJppBe3BbNmnjcms4tMBFOd3 JW+gv78nbzFMHyzyAX4l5XJaHYMQUBE= -----END CERTIFICATE-----Generated at Thu Jul 3 19:43:52 2025 by rpki-client