$ rpki-client -vvf rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.mft File: vGOOV8p7khRPunE61ttk5tCtSZE.mft (raw, json) Hash identifier: L+L9pARA11GQBVg5dJI82dEMYvmufm+qxc7LSU9M1/E= Subject key identifier: 0A:19:26:5D:A4:24:63:1F:9C:95:FB:E3:44:05:75:07:7A:7B:C2:6D Authority key identifier: BC:63:8E:57:CA:7B:92:14:4F:BA:71:3A:D6:DB:64:E6:D0:AD:49:91 Certificate issuer: /CN=A91D31B0/serialNumber=BC638E57CA7B92144FBA713AD6DB64E6D0AD4991 Certificate serial: 02AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vGOOV8p7khRPunE61ttk5tCtSZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.mft Manifest number: 02A8 Signing time: Tue 01 Jul 2025 02:08:51 +0000 Manifest this update: Tue 01 Jul 2025 02:08:51 +0000 Manifest next update: Tue 08 Jul 2025 02:08:51 +0000 Files and hashes: 1: vGOOV8p7khRPunE61ttk5tCtSZE.crl (hash: U+7HqswH0b1cWF/vY9OFbx9pMzHFGATeblffcS+qXw4=) 2: 7BB181E201BA11EDA4103D0DC4F9AE02.roa (hash: lORLBE7+FfhOwINAGtcBHyopu2FbSYXSTs4IIjqvS/U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.crl rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vGOOV8p7khRPunE61ttk5tCtSZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:08:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 685 (0x2ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D31B0, serialNumber=BC638E57CA7B92144FBA713AD6DB64E6D0AD4991 Validity Not Before: Jul 1 02:08:51 2025 GMT Not After : Jul 8 02:08:51 2025 GMT Subject: CN=68634333-9c87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ea:37:68:6c:a6:19:25:f0:f8:88:72:b6:4a: c2:a7:1e:00:95:ec:76:39:b4:59:b2:c9:5f:b7:bc: 55:c0:98:b0:e6:d1:10:d6:d0:ab:7c:c9:8d:54:30: 46:2d:2e:5c:f0:93:79:c2:9b:26:63:73:09:c8:53: 7e:24:b7:38:20:a6:91:f6:99:c7:ec:df:89:68:d0: b5:03:29:e8:09:02:69:30:29:b3:e2:06:10:6d:76: 73:9c:7c:44:b1:0a:6e:49:d4:93:e5:ae:ea:4a:3b: fb:13:a6:6c:78:c4:91:c6:77:c0:3f:01:a4:74:dc: 6f:ab:01:70:cb:b2:f6:44:87:c4:45:1e:85:9c:c4: 0a:43:8a:9a:10:e0:f6:30:92:f1:95:4e:2a:af:dd: 87:85:25:82:80:a3:a6:5e:bd:80:47:09:1c:9c:4c: d3:9d:c4:99:9d:a6:93:58:36:5a:aa:85:11:6c:bb: 4f:99:87:bb:16:00:80:fb:2c:58:45:ec:07:3e:06: ce:1a:42:04:df:65:c7:44:e5:2d:7e:33:75:49:df: b2:e6:1a:bc:cc:41:7b:7f:f3:d1:2a:90:61:a9:5c: 78:25:a6:1f:98:63:f4:35:d7:83:5c:1a:56:67:66: 11:48:db:51:a5:57:ff:13:98:88:97:f8:fb:67:5c: 6a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:19:26:5D:A4:24:63:1F:9C:95:FB:E3:44:05:75:07:7A:7B:C2:6D X509v3 Authority Key Identifier: keyid:BC:63:8E:57:CA:7B:92:14:4F:BA:71:3A:D6:DB:64:E6:D0:AD:49:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vGOOV8p7khRPunE61ttk5tCtSZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D31B0/15CF5A8801B611EDB1A4D282C4F9AE02/vGOOV8p7khRPunE61ttk5tCtSZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:47:70:46:00:d6:c9:09:2f:67:08:47:b5:68:ef:85:57:8d: b2:28:3e:24:39:34:84:b6:87:56:ad:5e:ac:e7:20:a1:0e:d5: 20:d5:b1:b5:5c:5a:c2:18:a3:ca:90:02:c3:42:8e:23:74:bf: 5d:ba:09:3e:15:2e:71:de:34:67:05:e8:c2:c4:08:5a:fe:ce: b4:ff:41:7f:0e:7c:02:49:a9:e3:db:d5:72:6f:a2:c9:9c:4c: 87:0c:8e:a3:60:f6:4a:6d:27:33:b9:fc:b0:6a:e2:02:b7:56: 16:5a:8d:59:26:6c:ef:e8:4f:6f:fc:ab:3f:11:fb:7e:23:74: 7b:5a:07:d7:ef:84:02:49:0a:3f:ee:83:a1:b9:d9:52:3e:fd: 79:a9:a5:96:76:32:da:f5:bf:2d:0e:75:b0:c9:06:78:8e:a0: 21:65:3c:53:20:fb:b7:b1:ee:ab:12:64:cf:8b:b6:d8:db:d4: 97:c4:3c:92:99:b9:9d:29:bd:f8:52:18:b4:ef:f6:2d:21:94: b2:1d:30:65:f0:b4:ee:50:ef:9f:ab:b0:af:99:e3:c6:ee:ff: 33:5e:1b:61:73:c5:e1:4c:a7:bb:cf:9d:91:b9:32:e3:4d:a2: a6:17:9d:3a:0f:7d:4b:1c:a9:cb:20:37:c8:23:6c:74:5c:29: b4:ee:d5:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxQjAxMTAvBgNVBAUTKEJDNjM4RTU3Q0E3QjkyMTQ0RkJBNzEzQUQ2REI2NEU2 RDBBRDQ5OTEwHhcNMjUwNzAxMDIwODUxWhcNMjUwNzA4MDIwODUxWjAYMRYwFAYD VQQDEw02ODYzNDMzMy05Yzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1uo3aGymGSXw+IhytkrCpx4Alex2ObRZsslft7xVwJiw5tEQ1tCrfMmNVDBG LS5c8JN5wpsmY3MJyFN+JLc4IKaR9pnH7N+JaNC1AynoCQJpMCmz4gYQbXZznHxE sQpuSdST5a7qSjv7E6ZseMSRxnfAPwGkdNxvqwFwy7L2RIfERR6FnMQKQ4qaEOD2 MJLxlU4qr92HhSWCgKOmXr2ARwkcnEzTncSZnaaTWDZaqoURbLtPmYe7FgCA+yxY RewHPgbOGkIE32XHROUtfjN1Sd+y5hq8zEF7f/PRKpBhqVx4JaYfmGP0NdeDXBpW Z2YRSNtRpVf/E5iIl/j7Z1xqzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAoZJl2k JGMfnJX740QFdQd6e8JtMB8GA1UdIwQYMBaAFLxjjlfKe5IUT7pxOtbbZObQrUmR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzFCMC8xNUNGNUE4ODAx QjYxMUVEQjFBNEQyODJDNEY5QUUwMi92R09PVjhwN2toUlB1bkU2MXR0azV0Q3RT WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZHT09WOHA3a2hSUHVuRTYxdHRrNXRDdFNaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzFCMC8xNUNGNUE4ODAxQjYxMUVEQjFBNEQyODJDNEY5QUUwMi92R09PVjhwN2to UlB1bkU2MXR0azV0Q3RTWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqR3BGANbJCS9nCEe1aO+FV42yKD4kOTSEtodWrV6s5yChDtUg1bG1 XFrCGKPKkALDQo4jdL9dugk+FS5x3jRnBejCxAha/s60/0F/DnwCSanj29Vyb6LJ nEyHDI6jYPZKbSczufywauICt1YWWo1ZJmzv6E9v/Ks/Eft+I3R7WgfX74QCSQo/ 7oOhudlSPv15qaWWdjLa9b8tDnWwyQZ4jqAhZTxTIPu3se6rEmTPi7bY29SXxDyS mbmdKb34Uhi07/YtIZSyHTBl8LTuUO+fq7CvmePG7v8zXhthc8XhTKe7z52RuTLj TaKmF506D31LHKnLIDfII2x0XCm07tUT -----END CERTIFICATE-----Generated at Tue Jul 1 21:07:23 2025 by rpki-client