$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft File: U8lIF-sTZfHejDwrRAIjmIHBlD0.mft (raw, json) Hash identifier: XQ1lK10GjribbM4p6/HEtM5FuorVTINRfMpTsXe5yz8= Subject key identifier: 10:04:BF:EA:59:1E:1B:99:92:DF:30:84:99:4F:D3:8A:FA:EC:FB:2B Authority key identifier: 53:C9:48:17:EB:13:65:F1:DE:8C:3C:2B:44:02:23:98:81:C1:94:3D Certificate issuer: /CN=A91D3307/serialNumber=53C94817EB1365F1DE8C3C2B4402239881C1943D Certificate serial: 04BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft Manifest number: 04A6 Signing time: Tue 01 Jul 2025 00:32:45 +0000 Manifest this update: Tue 01 Jul 2025 00:32:45 +0000 Manifest next update: Tue 08 Jul 2025 00:32:45 +0000 Files and hashes: 1: U8lIF-sTZfHejDwrRAIjmIHBlD0.crl (hash: r3jRL75uz8XP1Sb+rsGxSqrrsflHKRn7765kjaZ9hGc=) 2: C908B72A696F11EFA4DA475FC4F9AE02.roa (hash: tXoHtibATlzSAFpYW8FXeLBuzqLRo++NJ/KLRuKUVS4=) 3: C9C70AEA696F11EFA4DA475FC4F9AE02.roa (hash: 8/T20piCaEKmwex2vfHli1eA2pf6jywQnHESOXqs7Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.crl rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:32:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1215 (0x4bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3307, serialNumber=53C94817EB1365F1DE8C3C2B4402239881C1943D Validity Not Before: Jul 1 00:32:45 2025 GMT Not After : Jul 8 00:32:45 2025 GMT Subject: CN=68632cad-2241 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:db:10:28:b0:4e:bb:1c:ca:af:f3:76:42:a5: b9:33:0f:c3:1a:8a:ba:06:28:ba:55:fb:5c:5f:fb: c9:11:ab:71:ed:b3:ce:a5:45:d1:ee:8f:72:03:cc: 22:11:03:64:27:a7:c4:49:3f:15:db:22:a2:22:7f: fb:51:be:60:ec:2d:20:2c:21:10:26:86:4a:2e:75: 9b:a8:53:ff:5d:dc:96:2b:28:ba:0a:d1:d7:66:b3: 53:65:d4:3b:dd:95:8a:e6:92:2e:02:15:3e:c2:09: cf:e9:56:30:4e:d7:a3:7f:02:41:14:6b:c4:3d:c8: 78:e4:f2:7b:88:ed:30:d6:b5:6b:de:1d:5b:fb:3c: e5:f0:14:a5:f7:2a:3d:5d:63:de:38:06:12:7b:d2: b9:bb:9d:0e:4d:d7:fb:8e:f2:c9:cb:25:96:8d:4b: 87:40:7b:e7:a2:0e:0d:0c:04:0d:cb:d9:90:4a:a6: c2:70:88:de:c6:e0:6a:85:42:95:eb:04:85:a3:af: b5:09:a6:a0:00:7b:7f:da:08:56:7e:83:25:ff:8a: d9:de:3c:18:79:08:44:8e:16:aa:fa:23:6b:06:ba: f4:b3:8e:2a:dc:f2:06:1b:e8:c2:66:1f:ff:cd:9a: 12:c7:7f:fc:84:a2:50:0a:12:7a:26:db:5c:a1:31: 39:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:04:BF:EA:59:1E:1B:99:92:DF:30:84:99:4F:D3:8A:FA:EC:FB:2B X509v3 Authority Key Identifier: keyid:53:C9:48:17:EB:13:65:F1:DE:8C:3C:2B:44:02:23:98:81:C1:94:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:9f:3b:14:22:c4:a8:a1:8a:58:30:b1:c7:4e:4d:ef:e3:75: dd:ca:5a:6c:ac:4b:ba:62:30:7e:1f:71:2d:7b:a3:bf:94:e6: 70:c2:d3:20:6d:00:38:aa:bf:1d:97:a9:0c:64:43:0e:11:43: 8d:d5:e3:4f:29:18:81:bf:87:80:a1:58:fc:d5:3d:2e:45:4c: d9:06:75:3c:52:7c:f9:d2:a7:15:32:1c:00:a6:9d:b4:32:22: 41:64:37:ce:fc:8a:53:10:3a:69:c0:f9:18:78:d4:c5:dd:be: 82:0f:ae:19:da:ce:30:98:98:70:46:a9:61:10:ac:fd:41:b1: cc:27:e8:af:18:f1:e4:21:bd:44:c1:da:e7:cf:25:0b:33:3c: f2:24:d2:11:e9:d8:db:42:ff:03:98:06:96:0a:25:ec:4e:d7: 1a:9b:37:7e:c3:f2:48:60:f5:83:2d:bb:36:00:3e:2a:63:fd: 2e:49:b7:09:a2:b0:ed:37:62:22:93:8e:36:01:03:f4:54:a7: d9:6f:7a:d9:4c:ca:01:25:42:18:b5:21:bd:f4:3c:f6:a5:5a: e9:cf:e0:2b:e1:e4:14:8b:90:44:21:95:92:5d:69:72:f1:aa: d3:53:84:61:eb:6c:78:50:42:f1:2e:4f:30:fc:81:31:89:fd: 9e:07:a0:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMzMDcxMTAvBgNVBAUTKDUzQzk0ODE3RUIxMzY1RjFERThDM0MyQjQ0MDIyMzk4 ODFDMTk0M0QwHhcNMjUwNzAxMDAzMjQ1WhcNMjUwNzA4MDAzMjQ1WjAYMRYwFAYD VQQDEw02ODYzMmNhZC0yMjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuNsQKLBOuxzKr/N2QqW5Mw/DGoq6Bii6VftcX/vJEatx7bPOpUXR7o9yA8wi EQNkJ6fEST8V2yKiIn/7Ub5g7C0gLCEQJoZKLnWbqFP/XdyWKyi6CtHXZrNTZdQ7 3ZWK5pIuAhU+wgnP6VYwTtejfwJBFGvEPch45PJ7iO0w1rVr3h1b+zzl8BSl9yo9 XWPeOAYSe9K5u50OTdf7jvLJyyWWjUuHQHvnog4NDAQNy9mQSqbCcIjexuBqhUKV 6wSFo6+1CaagAHt/2ghWfoMl/4rZ3jwYeQhEjhaq+iNrBrr0s44q3PIGG+jCZh// zZoSx3/8hKJQChJ6JttcoTE5qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBAEv+pZ HhuZkt8whJlP04r67PsrMB8GA1UdIwQYMBaAFFPJSBfrE2Xx3ow8K0QCI5iBwZQ9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzMwNy8zNDJEODMyODQy Q0MxMUVDOEYxMzMyMERDNEY5QUUwMi9VOGxJRi1zVFpmSGVqRHdyUkFJam1JSEJs RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U4bElGLXNUWmZIZWpEd3JSQUlqbUlIQmxEMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzMwNy8zNDJEODMyODQyQ0MxMUVDOEYxMzMyMERDNEY5QUUwMi9VOGxJRi1zVFpm SGVqRHdyUkFJam1JSEJsRDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKnzsUIsSooYpYMLHHTk3v43XdylpsrEu6YjB+H3Ete6O/lOZwwtMg bQA4qr8dl6kMZEMOEUON1eNPKRiBv4eAoVj81T0uRUzZBnU8Unz50qcVMhwApp20 MiJBZDfO/IpTEDppwPkYeNTF3b6CD64Z2s4wmJhwRqlhEKz9QbHMJ+ivGPHkIb1E wdrnzyULMzzyJNIR6djbQv8DmAaWCiXsTtcamzd+w/JIYPWDLbs2AD4qY/0uSbcJ orDtN2Iik442AQP0VKfZb3rZTMoBJUIYtSG99Dz2pVrpz+Ar4eQUi5BEIZWSXWly 8arTU4Rh62x4UELxLk8w/IExif2eB6AH -----END CERTIFICATE-----Generated at Wed Jul 2 11:32:38 2025 by rpki-client