$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: UnGupcuZH3T6ArLiL+5+fW1i382dH7nmqj5cI8hUBsY= Subject key identifier: 59:F5:A3:6E:10:00:7A:13:B5:25:D7:8C:AA:D4:4F:8F:5F:D7:AB:F1 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AA1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2B68 Signing time: Wed 02 Jul 2025 16:04:10 +0000 Manifest this update: Wed 02 Jul 2025 16:04:10 +0000 Manifest next update: Wed 09 Jul 2025 16:04:10 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: jJjDT0KBBlxjMQR7gxVF7zvhX5XSvWjeTNGtTIWCQAk=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2721 (0xaa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Jul 2 16:04:10 2025 GMT Not After : Jul 9 16:04:10 2025 GMT Subject: CN=6865587a-6428 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:9a:0a:f1:68:aa:69:2e:e3:6e:ca:91:16:96: 9c:f0:2a:93:9f:31:8a:bc:02:f4:b1:4c:6b:68:97: 0a:6e:59:d8:87:8c:cb:f0:b5:98:89:10:cb:75:85: b8:a8:1e:bd:4a:1b:61:c9:8e:ff:5a:f7:a4:39:a7: ae:fc:fb:49:e1:b7:eb:14:54:eb:21:5c:f5:e2:5d: 61:b1:a5:04:89:ed:55:07:01:23:d3:94:a4:63:3d: b3:b0:e9:c7:52:94:1d:17:59:01:8c:73:97:90:b8: d8:56:70:57:be:2d:f0:39:df:7c:33:fe:b4:90:81: 00:98:87:a8:bc:02:be:2c:42:ca:14:19:d9:e5:2c: 2c:f4:a3:cf:4f:37:90:10:1f:49:e4:d1:a9:d1:b7: 15:59:5a:8d:63:a5:e1:80:57:5d:b0:64:db:4d:fd: 6e:f7:7f:8e:6a:79:e9:63:25:65:78:99:7b:07:de: ab:ae:66:50:bd:ee:6f:7e:fe:b3:37:d8:cf:f3:08: ea:72:19:45:a0:ad:8b:45:9d:6c:13:39:73:48:6c: 5f:3d:3c:13:ca:5f:db:85:fb:b6:2b:20:1a:1a:d5: 82:9c:85:79:63:6f:4c:0b:34:1e:7d:0b:04:26:25: eb:61:21:8d:b6:50:87:0a:62:d1:4d:1a:05:30:bf: 5d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:F5:A3:6E:10:00:7A:13:B5:25:D7:8C:AA:D4:4F:8F:5F:D7:AB:F1 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:96:d4:fa:1a:6b:3b:71:45:a3:ec:e8:30:40:33:eb:35:9e: 60:f2:19:18:24:3b:32:01:f3:27:09:52:0c:bc:12:41:97:48: a8:f1:e5:48:b6:1e:b7:81:0a:73:82:a1:3e:7e:ff:e0:4d:ec: 82:60:08:41:c5:40:44:4b:ce:14:be:43:55:bd:46:6a:61:76: f3:e9:67:c3:38:ff:00:01:4a:90:51:09:d4:0e:89:ea:67:6a: 54:96:c5:d8:34:0d:e6:ac:03:4a:0f:b2:85:36:79:a7:48:bb: c7:85:a6:22:1a:b0:4e:8e:58:13:02:12:36:ad:17:28:44:c2: 06:0f:fb:79:1a:49:58:30:dd:d0:9b:ab:62:c4:79:94:54:16: e8:b9:f8:4b:bc:77:2c:96:70:97:da:25:ff:4e:6c:b2:c3:29: ad:71:ae:95:12:ff:db:22:32:1e:67:c2:89:e4:e3:c8:6c:d7: f3:2f:f4:29:1a:fb:3d:76:c0:bf:92:85:97:ad:65:21:c5:82: 44:89:a5:b8:74:e1:b3:51:a0:be:52:35:16:b5:f7:e3:4e:4e: 42:a6:ee:67:7d:ac:70:ad:f5:91:a5:ab:72:06:d6:68:ab:01: 4f:90:be:76:af:ce:e4:c3:4e:fd:17:7f:51:81:9d:9a:2e:1b: db:8e:f9:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUwNzAyMTYwNDEwWhcNMjUwNzA5MTYwNDEwWjAYMRYwFAYD VQQDEw02ODY1NTg3YS02NDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5JoK8WiqaS7jbsqRFpac8CqTnzGKvAL0sUxraJcKblnYh4zL8LWYiRDLdYW4 qB69ShthyY7/WvekOaeu/PtJ4bfrFFTrIVz14l1hsaUEie1VBwEj05SkYz2zsOnH UpQdF1kBjHOXkLjYVnBXvi3wOd98M/60kIEAmIeovAK+LELKFBnZ5Sws9KPPTzeQ EB9J5NGp0bcVWVqNY6XhgFddsGTbTf1u93+OannpYyVleJl7B96rrmZQve5vfv6z N9jP8wjqchlFoK2LRZ1sEzlzSGxfPTwTyl/bhfu2KyAaGtWCnIV5Y29MCzQefQsE JiXrYSGNtlCHCmLRTRoFML9dSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFn1o24Q AHoTtSXXjKrUT49f16vxMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVltT6Gms7cUWj7OgwQDPrNZ5g8hkYJDsyAfMnCVIMvBJBl0io8eVI th63gQpzgqE+fv/gTeyCYAhBxUBES84UvkNVvUZqYXbz6WfDOP8AAUqQUQnUDonq Z2pUlsXYNA3mrANKD7KFNnmnSLvHhaYiGrBOjlgTAhI2rRcoRMIGD/t5GklYMN3Q m6tixHmUVBboufhLvHcslnCX2iX/Tmyywymtca6VEv/bIjIeZ8KJ5OPIbNfzL/Qp Gvs9dsC/koWXrWUhxYJEiaW4dOGzUaC+UjUWtffjTk5Cpu5nfaxwrfWRpatyBtZo qwFPkL52r87kw079F39RgZ2aLhvbjvnP -----END CERTIFICATE-----Generated at Thu Jul 3 23:37:53 2025 by rpki-client