$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft File: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft (raw, json) Hash identifier: 72zpc3nyho6ZRsDeUoXWpbZWlWCWir9R7dJOr6rWU1s= Subject key identifier: 9E:34:DD:32:D5:68:76:EE:2E:78:4E:7C:05:51:B9:7D:9E:E5:51:C3 Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 3557 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft Manifest number: 34F2 Signing time: Mon 30 Jun 2025 14:56:32 +0000 Manifest this update: Mon 30 Jun 2025 14:56:31 +0000 Manifest next update: Mon 07 Jul 2025 14:56:31 +0000 Files and hashes: 1: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl (hash: OXy5bDAoJWVjrLLnTfFH/U80jlIsw9QgWb/r3Uk34yE=) 2: 64E2B628BE4911EE897F291BC4F9AE02.roa (hash: oj9MA2Xl79Ulu/1U7XExVD59vw2GZhJkFrHTogIDTCg=) 3: E6F73E22B99E11EEBF189021C4F9AE02.roa (hash: 1mDu3Q1bdiSa3axtc15ZDTGlc4zW4OxSySLPwHbTbvE=) 4: DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa (hash: 3IhKk2ns73ug1cPcItokkvNYGQWI9rs7b4nF6YtsTSc=) 5: D79607EEDCDD11EE85DBEB12C4F9AE02.roa (hash: vltJ7Buw53igWVIfCgs9blss6VeKEkgF9l7xhGZDnwo=) 6: 29F7413CBB6011EEB59E5D81C4F9AE02.roa (hash: ZqgeyChgSkuAuEy8E4XBqCcFOmGTEjV9SXx7odN3pv4=) 7: D1EE6884F06C11EEA5BAA656C4F9AE02.roa (hash: 8K4hb6GJHcWswysfKKK+VFXlsdhKy8EjS5fIz+8731Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:56:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13655 (0x3557) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: Jun 30 14:56:31 2025 GMT Not After : Jul 7 14:56:31 2025 GMT Subject: CN=6862a59f-6342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f7:31:32:ce:04:4a:d3:ed:87:48:f5:c1:da: ae:8e:1e:71:86:e9:01:ac:94:06:ca:be:d1:dd:37: a0:eb:9b:23:d9:b1:49:ab:bb:42:e5:45:55:2f:ac: 50:3c:c7:86:0e:29:ec:08:93:09:04:86:a4:55:09: f4:96:6e:87:ab:4f:63:e9:19:89:cb:b0:c5:71:77: 29:7e:48:31:7c:19:1c:a0:19:68:31:83:52:08:f8: 9b:23:d9:1e:02:74:34:d8:61:07:90:9c:9a:b9:0c: 69:5e:97:c9:ea:b9:bf:1c:d8:dd:e9:10:4b:2c:bc: d4:a0:6d:ea:2f:00:b1:bb:10:66:a8:bd:51:4d:0b: 04:ac:48:d7:5a:bb:e6:24:03:6d:5d:68:9d:87:f6: f8:4f:64:47:3f:b9:89:52:5d:55:b1:6c:b0:ef:0c: 08:c8:fa:25:d3:62:12:75:90:e3:fc:93:39:22:6b: 61:87:6d:28:9c:e2:2a:92:e1:1f:51:d7:50:35:94: 69:b0:aa:2c:27:b6:47:15:bd:ef:a3:52:bc:6e:31: 2e:08:94:3d:83:9c:86:43:98:93:7c:3e:9a:14:04: 1d:a0:54:b2:7f:5e:f8:ac:a4:16:1f:a1:f5:78:0a: 32:66:c3:57:d5:94:fc:37:a8:8e:b9:ee:63:ba:7f: 97:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:34:DD:32:D5:68:76:EE:2E:78:4E:7C:05:51:B9:7D:9E:E5:51:C3 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:87:c6:20:07:14:f7:2c:84:8b:3f:c5:c6:67:66:df:15:ee: 8f:fd:29:ec:5a:45:aa:dd:58:2e:7a:d7:18:77:0a:aa:c5:d5: d0:25:c6:d0:9d:ed:b8:9c:f5:f8:78:b3:2c:14:ef:6a:ae:9c: 13:19:30:56:60:4c:d1:db:8c:70:0e:d7:5d:f1:77:44:9d:81: c1:02:49:6e:1a:e5:7b:1a:d2:83:64:cd:b2:8f:9a:59:43:6a: b0:3d:4e:ba:fe:b5:9a:9a:5c:3e:f6:8f:5f:3c:52:ca:5b:3d: e7:11:3e:3b:1f:96:f5:4c:85:4d:7d:83:c5:b8:58:47:9f:49: c5:a9:16:b6:50:c4:e7:3f:85:d5:a1:5b:15:17:1e:c2:e0:6f: 65:c0:33:43:fd:ac:f1:5d:a5:b9:a4:62:35:79:93:7a:2a:e5: ff:9b:a3:8d:45:67:c7:46:87:1c:12:5a:98:1c:55:6c:df:7b: b7:77:95:69:7b:5f:14:cd:07:12:72:18:a1:b8:75:b3:a1:2a: 8d:eb:c8:ec:44:13:d1:70:f0:20:a1:c9:2f:07:80:09:5e:17: d3:9c:6b:b3:0e:64:ea:e0:f7:49:9a:26:f4:48:da:b0:b3:dd: 8a:7c:b8:b3:2a:a0:a1:25:54:01:70:96:f3:ed:41:84:a4:7a: 52:9f:78:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjUwNjMwMTQ1NjMxWhcNMjUwNzA3MTQ1NjMxWjAYMRYwFAYD VQQDEw02ODYyYTU5Zi02MzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuvcxMs4EStPth0j1wdqujh5xhukBrJQGyr7R3Teg65sj2bFJq7tC5UVVL6xQ PMeGDinsCJMJBIakVQn0lm6Hq09j6RmJy7DFcXcpfkgxfBkcoBloMYNSCPibI9ke AnQ02GEHkJyauQxpXpfJ6rm/HNjd6RBLLLzUoG3qLwCxuxBmqL1RTQsErEjXWrvm JANtXWidh/b4T2RHP7mJUl1VsWyw7wwIyPol02ISdZDj/JM5Imthh20onOIqkuEf UddQNZRpsKosJ7ZHFb3vo1K8bjEuCJQ9g5yGQ5iTfD6aFAQdoFSyf174rKQWH6H1 eAoyZsNX1ZT8N6iOue5jun+XmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ403TLV aHbuLnhOfAVRuX2e5VHDMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTk3OC8zMjIzRjM1RTFEOTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMy bVZJc2s5Sm5jX0RmZzVicjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAh8YgBxT3LISLP8XGZ2bfFe6P/SnsWkWq3VguetcYdwqqxdXQJcbQ ne24nPX4eLMsFO9qrpwTGTBWYEzR24xwDtdd8XdEnYHBAkluGuV7GtKDZM2yj5pZ Q2qwPU66/rWamlw+9o9fPFLKWz3nET47H5b1TIVNfYPFuFhHn0nFqRa2UMTnP4XV oVsVFx7C4G9lwDND/azxXaW5pGI1eZN6KuX/m6ONRWfHRoccElqYHFVs33u3d5Vp e18UzQcSchihuHWzoSqN68jsRBPRcPAgockvB4AJXhfTnGuzDmTq4PdJmib0SNqw s92KfLizKqChJVQBcJbz7UGEpHpSn3gb -----END CERTIFICATE-----Generated at Tue Jul 1 18:02:19 2025 by rpki-client