$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: qtqDx3gh+QNFDgthodtcf3XwbsQd66znz65xAqe9KUI= Subject key identifier: 8C:77:5B:24:27:17:0E:DE:4C:8C:39:61:7E:5E:A2:FA:80:9E:13:42 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 18 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 17 Signing time: Tue 15 Jul 2025 08:18:07 +0000 Manifest this update: Tue 15 Jul 2025 08:18:07 +0000 Manifest next update: Tue 22 Jul 2025 08:18:07 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: uD/iX6+3UCxfPNrefgj81R0c5JKjztbWmNGDmW5Rg0M=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 08:18:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Jul 15 08:18:07 2025 GMT Not After : Jul 22 08:18:07 2025 GMT Subject: CN=68760ebf-2511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:aa:39:45:2f:15:4a:3f:c8:e5:9d:a7:2c:7b: fe:a9:dc:f4:b8:fc:79:ee:15:2b:05:73:0f:57:f3: 28:46:10:aa:eb:ce:d5:df:13:e0:c2:22:b4:09:ea: 8f:d2:ca:ca:7f:e8:b3:41:18:1e:c6:e4:76:f4:1f: a8:19:01:8b:db:e3:06:94:b8:ed:ac:68:4e:97:be: 60:6a:92:c2:73:af:9a:5f:34:76:41:89:f1:6e:0c: 39:8d:82:00:b6:fd:76:83:f0:76:61:b2:e3:ae:dc: 44:9b:a4:fb:6a:da:3d:38:69:8a:b9:87:93:6e:2f: 15:07:43:9d:76:20:1c:90:04:4c:4f:65:58:0b:5d: fc:45:b3:81:6d:f8:13:25:57:b4:20:0a:94:9a:9b: 9a:bc:36:67:f1:d2:6e:8f:d8:c5:74:d5:3c:72:77: 6e:9b:60:2b:ec:8c:4c:cd:5e:2f:0a:c5:21:74:d5: 9f:ca:e5:14:7b:82:df:f4:e5:15:10:9c:8c:28:51: a6:4c:d9:c5:d5:a6:7c:63:57:02:39:b6:3e:29:ae: 58:c5:43:ae:1e:f6:69:36:6d:bf:7a:b4:04:37:d1: 6b:3e:b7:ae:59:d6:3d:1c:89:c1:0b:35:6e:44:ae: 77:35:b9:b6:f4:8f:fb:24:9a:1b:30:d2:af:39:38: e0:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:77:5B:24:27:17:0E:DE:4C:8C:39:61:7E:5E:A2:FA:80:9E:13:42 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:7a:e0:02:c4:25:b4:9c:1c:fd:88:ff:6f:37:93:67:f9:ac: 66:db:36:b8:eb:52:f2:6a:27:30:bb:7c:d5:fa:eb:34:c0:5f: ae:2d:80:8a:a7:47:d3:8a:98:01:3b:a3:b4:1c:9f:15:42:b2: 05:3c:68:6b:f5:7c:56:2a:5c:f6:3b:3e:6d:09:35:bd:66:95: 63:54:fe:ab:dc:c8:7d:10:0f:7a:eb:5e:43:0c:60:75:84:6e: 06:a8:24:9c:36:d2:f3:f2:0c:a5:93:a4:f3:6b:dd:c9:97:61: f6:19:7d:c5:88:1c:a4:93:d3:d1:f4:ba:8a:33:34:41:65:e1: 41:0c:11:81:e7:8c:a1:81:94:60:c4:7e:9b:af:79:f6:a6:58: 1a:ce:73:33:ab:b5:b2:91:40:3c:02:52:09:08:fa:64:03:dd: e7:e0:26:25:8b:19:9c:e3:c8:52:99:6f:b4:25:c4:38:28:63: 46:2f:69:a0:52:52:af:b1:fb:13:2a:60:46:b1:27:77:89:a8: ce:40:f7:bc:bc:bb:52:b3:8f:01:3e:d3:6c:bd:9c:a2:55:0f: 31:7b:e8:96:41:dc:52:8d:05:ae:b4:3e:f1:60:32:3b:5b:88: fd:af:ed:e9:fd:4c:1b:71:eb:3c:d1:2e:76:91:c9:10:e4:b4: a8:92:48:fa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTA3MTUwODE4MDdaFw0yNTA3MjIwODE4MDdaMBgxFjAUBgNV BAMTDTY4NzYwZWJmLTI1MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzqjlFLxVKP8jlnacse/6p3PS4/HnuFSsFcw9X8yhGEKrrztXfE+DCIrQJ6o/S ysp/6LNBGB7G5Hb0H6gZAYvb4waUuO2saE6XvmBqksJzr5pfNHZBifFuDDmNggC2 /XaD8HZhsuOu3ESbpPtq2j04aYq5h5NuLxUHQ512IByQBExPZVgLXfxFs4Ft+BMl V7QgCpSam5q8Nmfx0m6P2MV01Txyd26bYCvsjEzNXi8KxSF01Z/K5RR7gt/05RUQ nIwoUaZM2cXVpnxjVwI5tj4prljFQ64e9mk2bb96tAQ30Ws+t65Z1j0cicELNW5E rnc1ubb0j/skmhsw0q85OOAbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUjHdbJCcX Dt5MjDlhfl6i+oCeE0IwHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0VEMEYxMUY0NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0Umxj R1ZVdFN5OFZ2Ukp2RWJJay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAER64ALEJbScHP2I/283k2f5rGbbNrjrUvJqJzC7fNX66zTAX64tgIqn R9OKmAE7o7QcnxVCsgU8aGv1fFYqXPY7Pm0JNb1mlWNU/qvcyH0QD3rrXkMMYHWE bgaoJJw20vPyDKWTpPNr3cmXYfYZfcWIHKST09H0uoozNEFl4UEMEYHnjKGBlGDE fpuvefamWBrOczOrtbKRQDwCUgkI+mQD3efgJiWLGZzjyFKZb7QlxDgoY0YvaaBS Uq+x+xMqYEaxJ3eJqM5A97y8u1KzjwE+02y9nKJVDzF76JZB3FKNBa60PvFgMjtb iP2v7en9TBtx6zzRLnaRyRDktKiSSPo= -----END CERTIFICATE-----Generated at Wed Jul 16 23:09:42 2025 by rpki-client