$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft File: ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft (raw, json) Hash identifier: lm5xKKLleLnEQS2kS64NgU+HdaV5hqG7VD3M3zEcn2Q= Subject key identifier: 77:94:12:55:FA:D1:E9:6E:89:ED:D8:B3:90:6E:0B:8C:39:C9:6F:01 Authority key identifier: 93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 Certificate issuer: /CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Certificate serial: 0E98 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft Manifest number: 0E87 Signing time: Wed 02 Jul 2025 17:54:51 +0000 Manifest this update: Wed 02 Jul 2025 17:54:51 +0000 Manifest next update: Wed 09 Jul 2025 17:54:51 +0000 Files and hashes: 1: ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl (hash: ajyWcR50DKAedQgvu3bQNuG+eO8DM0/m7znXIrsCImY=) 2: 5C154406988911E991B10838C4F9AE02.roa (hash: rlBKToBwc/S7CrTJwY8L3fa6c6H9ms0SKbG322SWU2g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:54:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3736 (0xe98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEF3E, serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Validity Not Before: Jul 2 17:54:51 2025 GMT Not After : Jul 9 17:54:51 2025 GMT Subject: CN=6865726b-64ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:e9:2b:6a:bf:c5:4f:58:39:44:e4:3f:1b:ce: 91:68:18:22:bf:a9:b4:ac:2d:18:46:18:7e:40:cc: 9e:7b:1d:71:34:ae:07:d0:e1:75:57:67:91:fe:90: 1b:57:45:74:9e:79:83:d0:db:c6:45:d0:f9:b4:65: 32:d4:36:a4:29:58:69:1e:e7:dd:1f:24:11:71:1e: 05:42:20:51:37:66:18:b7:94:86:05:7e:d5:d3:62: 9f:7a:04:0e:e5:2b:9a:df:ec:1d:a9:cc:91:55:b0: e8:29:98:3b:8a:71:d7:a3:f6:22:6b:cb:7b:c7:01: 75:44:6b:b0:e5:a8:8a:87:a1:a2:8e:1b:00:5b:cf: 72:96:e6:48:aa:c9:14:88:55:39:a1:88:de:e8:b6: 12:b6:9e:77:4e:36:3c:56:ff:0e:02:57:7b:f9:24: 08:54:43:fc:00:ff:2f:43:07:37:52:28:75:d7:02: 35:09:da:1a:03:07:00:cd:5d:5f:56:dc:e4:0a:55: f9:40:bb:34:fe:70:30:e7:d1:87:c6:db:50:b7:de: a8:03:e4:b7:d7:1f:0a:d2:33:1a:a2:0c:5d:aa:8a: 8e:e7:8d:45:64:ad:71:c2:18:35:9c:82:68:4a:9a: 1c:64:96:c6:e8:ac:17:d4:02:52:e5:1f:4a:a0:1d: 95:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:94:12:55:FA:D1:E9:6E:89:ED:D8:B3:90:6E:0B:8C:39:C9:6F:01 X509v3 Authority Key Identifier: keyid:93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:dc:2e:76:4e:3d:82:33:78:45:2f:93:e7:e9:1c:dc:30:8c: 48:e3:c2:ce:c0:bb:57:ae:23:27:17:06:39:81:74:04:4a:49: 8e:ce:2b:c7:70:d2:0b:13:e5:2b:0b:f7:c6:64:0f:77:71:53: 59:4e:2f:e6:cb:68:7e:88:04:7d:e1:d4:0c:31:a5:38:3e:13: 01:5b:77:3d:90:02:d1:9f:95:2c:a4:31:5b:3d:e7:3f:a4:d5: 5a:2e:cd:85:34:b9:e9:e5:d2:85:69:93:c6:c4:0d:fa:b2:fa: 65:a5:35:52:98:af:f5:17:f0:ca:e9:65:49:3f:e2:ff:dd:63: 46:bc:13:54:71:50:a7:ea:0e:7e:0a:3a:b4:2c:99:c7:4c:4e: 11:43:0d:31:ab:a8:1e:91:3c:e2:7d:be:d1:0b:21:7f:90:ea: eb:bf:dd:73:6a:e9:b0:12:b6:78:ac:cc:6e:d4:9f:cd:16:dd: d3:8a:52:5d:5e:91:ce:5b:8a:3b:3a:f5:53:68:74:b5:ce:8f: 38:ae:4b:6d:9f:76:ac:99:d4:27:1a:38:c0:5e:4b:3a:20:7d: df:c1:bc:46:23:d6:78:47:43:44:94:4f:52:39:e8:d0:8f:5f: 20:35:6a:1d:3c:0f:1d:a0:be:77:92:89:33:6a:b4:db:1b:75: f9:c6:b8:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VGM0UxMTAvBgNVBAUTKDkzMkVDMkU2RTUyQjVBRjZDN0IwM0M0MTUwMjBFREUy NzJBQUExNDUwHhcNMjUwNzAyMTc1NDUxWhcNMjUwNzA5MTc1NDUxWjAYMRYwFAYD VQQDEw02ODY1NzI2Yi02NGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Okrar/FT1g5ROQ/G86RaBgiv6m0rC0YRhh+QMyeex1xNK4H0OF1V2eR/pAb V0V0nnmD0NvGRdD5tGUy1DakKVhpHufdHyQRcR4FQiBRN2YYt5SGBX7V02KfegQO 5Sua3+wdqcyRVbDoKZg7inHXo/Yia8t7xwF1RGuw5aiKh6GijhsAW89yluZIqskU iFU5oYje6LYStp53TjY8Vv8OAld7+SQIVEP8AP8vQwc3Uih11wI1CdoaAwcAzV1f VtzkClX5QLs0/nAw59GHxttQt96oA+S31x8K0jMaogxdqoqO541FZK1xwhg1nIJo SpocZJbG6KwX1AJS5R9KoB2V9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHeUElX6 0eluie3Ys5BuC4w5yW8BMB8GA1UdIwQYMBaAFJMuwublK1r2x7A8QVAg7eJyqqFF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUYzRS9DQjc0Q0Y2RTk4 N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2YkhzRHhCVUNEdDRuS3Fv VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2t5N0M1dVVyV3ZiSHNEeEJVQ0R0NG5LcW9VVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUYzRS9DQjc0Q0Y2RTk4N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2 YkhzRHhCVUNEdDRuS3FvVVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAa3C52Tj2CM3hFL5Pn6RzcMIxI48LOwLtXriMnFwY5gXQESkmOzivH cNILE+UrC/fGZA93cVNZTi/my2h+iAR94dQMMaU4PhMBW3c9kALRn5UspDFbPec/ pNVaLs2FNLnp5dKFaZPGxA36svplpTVSmK/1F/DK6WVJP+L/3WNGvBNUcVCn6g5+ Cjq0LJnHTE4RQw0xq6gekTzifb7RCyF/kOrrv91zaumwErZ4rMxu1J/NFt3TilJd XpHOW4o7OvVTaHS1zo84rkttn3asmdQnGjjAXks6IH3fwbxGI9Z4R0NElE9SOejQ j18gNWodPA8doL53kokzarTbG3X5xrji -----END CERTIFICATE-----Generated at Thu Jul 3 03:46:03 2025 by rpki-client