$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft File: akXWGoN3DJDQWMdBUx2NnGtnk1o.mft (raw, json) Hash identifier: Y1fyTMaZtVKgkGxD28MkwQGmuFCFjaZRCQ4odpVboB8= Subject key identifier: 33:E4:48:3F:8F:78:14:39:82:42:7E:DC:57:80:B2:7C:E0:30:03:25 Authority key identifier: 6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A Certificate issuer: /CN=A91D1AC7/serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A Certificate serial: 0A51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft Manifest number: 0A3C Signing time: Mon 30 Jun 2025 19:53:39 +0000 Manifest this update: Mon 30 Jun 2025 19:53:38 +0000 Manifest next update: Mon 07 Jul 2025 19:53:38 +0000 Files and hashes: 1: akXWGoN3DJDQWMdBUx2NnGtnk1o.crl (hash: C3NQBubg2en2I/uPTOwJwaEmA6am1KSeRnnmD7i7szU=) 2: 57C25DB2E42811EA881AB667C4F9AE02.roa (hash: E9181+VVT+rwNNkc7uINFuNWW6wPgms9gTqr7A850dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 19:53:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2641 (0xa51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1AC7, serialNumber=6A45D61A83770C90D058C741531D8D9C6B67935A Validity Not Before: Jun 30 19:53:38 2025 GMT Not After : Jul 7 19:53:38 2025 GMT Subject: CN=6862eb42-564a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:77:b0:91:45:04:f1:8a:cc:4a:a4:bf:ba:8b: c2:ae:84:7f:29:24:22:79:9a:1e:53:3e:dc:b4:27: 1c:83:e5:bf:f5:22:9b:06:cc:34:8e:10:e2:41:65: b5:f3:4d:e2:72:3d:82:bd:a3:0e:cc:e9:5b:e6:da: 5f:b3:ee:d4:07:55:39:35:48:40:4d:44:0f:31:0b: 04:37:5a:99:f3:9b:a6:65:66:6a:5b:fd:5f:b8:64: 21:fd:d8:ef:78:4b:26:72:4c:18:d8:3f:bf:ae:ea: a0:11:b0:f0:c6:3a:cf:ea:15:b3:cf:20:8d:63:73: 45:db:3d:a7:c0:be:48:27:14:49:b7:9c:66:1a:fa: 11:d8:99:b9:6f:2b:ab:fb:67:48:03:30:ee:1a:be: 9a:76:cf:a3:d8:1c:c9:a8:92:33:05:63:3f:bf:bb: 10:07:ff:df:ad:8b:fc:42:3b:47:60:f9:58:69:d3: 24:13:fc:b9:7d:94:6c:df:35:8e:dc:96:66:a4:e7: c0:5e:ce:ad:66:f5:bc:b1:dc:6f:17:64:d0:b0:46: d5:2a:78:72:80:28:8a:3a:84:f2:1c:c8:68:1c:7f: 35:75:f6:49:fa:ce:86:84:41:f4:f1:b5:f8:4c:3d: 0b:14:d3:54:ec:f0:ee:a4:74:93:b5:b5:b2:74:4a: 2f:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E4:48:3F:8F:78:14:39:82:42:7E:DC:57:80:B2:7C:E0:30:03:25 X509v3 Authority Key Identifier: keyid:6A:45:D6:1A:83:77:0C:90:D0:58:C7:41:53:1D:8D:9C:6B:67:93:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/akXWGoN3DJDQWMdBUx2NnGtnk1o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1AC7/81A4C4D66E4311EA949D9922C4F9AE02/akXWGoN3DJDQWMdBUx2NnGtnk1o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d1:c3:4c:69:3a:8d:d6:5d:1c:40:37:84:19:d3:b1:2c:8c:e1: 3b:37:7a:b0:36:fc:01:15:d7:3e:25:87:ca:67:ba:5b:9c:2a: dc:37:1c:3f:b0:8c:8b:89:db:79:18:c6:20:59:f2:57:fd:d9: 4f:66:fb:99:35:77:a5:aa:47:a8:2a:0f:58:4b:ea:c6:78:b6: 3c:40:e9:c0:66:03:61:11:6e:85:c3:4c:1e:48:3b:16:76:14: 21:0d:76:2b:88:3f:c8:72:7b:37:d4:f1:36:61:ff:98:8f:03: 0d:81:ab:67:c9:71:0f:7d:db:54:65:9f:f7:0b:b9:1c:26:77: 08:bc:b9:54:06:a4:4f:e3:4e:9e:36:ce:bb:86:d4:6c:5a:88: 76:ce:e2:c6:11:32:a7:30:38:97:9c:70:b2:c5:3d:c3:2d:c8: 5a:98:18:18:7c:65:28:b1:96:97:c9:29:e9:2a:81:0f:d6:cd: 21:48:0a:6e:dd:3b:99:d3:a2:c4:7a:6d:7a:f6:dd:aa:a0:0f: 03:33:8a:dc:1d:34:27:fa:ee:4a:01:17:c2:e7:bb:5a:f2:6f: 7e:52:e7:05:07:18:db:b8:4c:53:9d:f0:98:51:6c:ea:9e:3e: 64:82:9e:3c:7e:8e:a6:85:8f:19:37:cb:2d:22:fc:76:9d:27: 83:7f:93:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFBQzcxMTAvBgNVBAUTKDZBNDVENjFBODM3NzBDOTBEMDU4Qzc0MTUzMUQ4RDlD NkI2NzkzNUEwHhcNMjUwNjMwMTk1MzM4WhcNMjUwNzA3MTk1MzM4WjAYMRYwFAYD VQQDEw02ODYyZWI0Mi01NjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAonewkUUE8YrMSqS/uovCroR/KSQieZoeUz7ctCccg+W/9SKbBsw0jhDiQWW1 803icj2CvaMOzOlb5tpfs+7UB1U5NUhATUQPMQsEN1qZ85umZWZqW/1fuGQh/djv eEsmckwY2D+/ruqgEbDwxjrP6hWzzyCNY3NF2z2nwL5IJxRJt5xmGvoR2Jm5byur +2dIAzDuGr6ads+j2BzJqJIzBWM/v7sQB//frYv8QjtHYPlYadMkE/y5fZRs3zWO 3JZmpOfAXs6tZvW8sdxvF2TQsEbVKnhygCiKOoTyHMhoHH81dfZJ+s6GhEH08bX4 TD0LFNNU7PDupHSTtbWydEovVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDPkSD+P eBQ5gkJ+3FeAsnzgMAMlMB8GA1UdIwQYMBaAFGpF1hqDdwyQ0FjHQVMdjZxrZ5Na MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUFDNy84MUE0QzRENjZF NDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RKRFFXTWRCVXgyTm5HdG5r MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FrWFdHb04zREpEUVdNZEJVeDJObkd0bmsxby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUFDNy84MUE0QzRENjZFNDMxMUVBOTQ5RDk5MjJDNEY5QUUwMi9ha1hXR29OM0RK RFFXTWRCVXgyTm5HdG5rMW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDRw0xpOo3WXRxAN4QZ07EsjOE7N3qwNvwBFdc+JYfKZ7pbnCrcNxw/ sIyLidt5GMYgWfJX/dlPZvuZNXelqkeoKg9YS+rGeLY8QOnAZgNhEW6Fw0weSDsW dhQhDXYriD/Icns31PE2Yf+YjwMNgatnyXEPfdtUZZ/3C7kcJncIvLlUBqRP406e Ns67htRsWoh2zuLGETKnMDiXnHCyxT3DLchamBgYfGUosZaXySnpKoEP1s0hSApu 3TuZ06LEem169t2qoA8DM4rcHTQn+u5KARfC57ta8m9+UucFBxjbuExTnfCYUWzq nj5kgp48fo6mhY8ZN8stIvx2nSeDf5PC -----END CERTIFICATE-----Generated at Wed Jul 2 05:18:38 2025 by rpki-client