$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.mft File: MO7z6BnpmwANZl9r1ZSvpMYiai4.mft (raw, json) Hash identifier: 5zJh+ETtADUqvRr0xdGdd6VDfIPpBEg13tXUuWP2U90= Subject key identifier: 8F:35:2A:FD:B0:15:D2:EC:09:6E:94:A3:77:8D:93:05:59:59:FA:75 Authority key identifier: 30:EE:F3:E8:19:E9:9B:00:0D:66:5F:6B:D5:94:AF:A4:C6:22:6A:2E Certificate issuer: /CN=A91D5D9F/serialNumber=30EEF3E819E99B000D665F6BD594AFA4C6226A2E Certificate serial: 021C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MO7z6BnpmwANZl9r1ZSvpMYiai4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.mft Manifest number: 0217 Signing time: Tue 01 Jul 2025 02:40:57 +0000 Manifest this update: Tue 01 Jul 2025 02:40:56 +0000 Manifest next update: Tue 08 Jul 2025 02:40:56 +0000 Files and hashes: 1: MO7z6BnpmwANZl9r1ZSvpMYiai4.crl (hash: sPVhvfj1AuJ04tTonY7EqQ5GyCGmR9ahU9SaxpEROlw=) 2: D7803F3A3A5511EDB9410C50C4F9AE02.roa (hash: 5RvSp27bzJLpaJnE9Vp9OHr3zH1Dq7i1O2ke5dqvusQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.crl rsync://rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MO7z6BnpmwANZl9r1ZSvpMYiai4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:40:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 540 (0x21c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5D9F, serialNumber=30EEF3E819E99B000D665F6BD594AFA4C6226A2E Validity Not Before: Jul 1 02:40:56 2025 GMT Not After : Jul 8 02:40:56 2025 GMT Subject: CN=68634ab9-e036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:e2:e7:3b:c7:1f:62:67:a9:22:f8:78:61: 11:69:76:05:5a:63:c2:7e:6e:8a:90:d5:5d:f7:13: 9a:54:7d:4a:5d:8d:6c:bc:5c:2c:34:88:a6:00:f2: d6:e5:4f:77:64:8c:a2:2c:c1:40:9a:fd:d2:fc:d2: f9:11:62:5f:9a:3e:93:84:6f:a3:5d:63:31:51:3c: 23:ff:20:e5:20:5a:15:c8:d4:ff:fb:fa:fc:88:c8: 8f:6e:8f:90:c2:ba:30:a0:3b:9e:6d:f8:54:b7:5a: 0a:d5:5d:0d:61:93:b8:7e:a6:3b:6d:b5:ce:ee:c4: dd:df:c3:01:1c:1d:b5:58:bf:bf:40:44:c0:eb:ee: 08:e7:38:ce:ed:89:2b:a2:24:9b:8d:d9:9a:96:7d: 90:91:a5:f3:23:1a:e3:9d:2d:47:48:04:fa:7a:00: 08:0f:40:6f:6d:e1:d0:f1:cb:5a:d8:30:7b:40:41: 1b:84:67:97:a5:02:1e:52:7d:99:ff:a0:7d:8b:a9: ae:3c:2e:c5:79:dc:46:6b:ca:09:46:0d:73:42:2c: fc:01:64:67:be:5e:1c:f7:46:dd:f3:90:89:d1:0b: b7:53:cb:a4:7a:37:89:4f:7a:33:8a:6d:99:fb:a1: cf:55:fa:15:35:71:f9:bc:ce:fe:a4:04:a6:c4:e5: 8f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:35:2A:FD:B0:15:D2:EC:09:6E:94:A3:77:8D:93:05:59:59:FA:75 X509v3 Authority Key Identifier: keyid:30:EE:F3:E8:19:E9:9B:00:0D:66:5F:6B:D5:94:AF:A4:C6:22:6A:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MO7z6BnpmwANZl9r1ZSvpMYiai4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5D9F/926F333E3A4F11EDB7B6AE20C4F9AE02/MO7z6BnpmwANZl9r1ZSvpMYiai4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:c9:25:2f:c2:a0:1f:40:f8:41:39:d6:12:62:7d:db:c2:1d: 30:1f:2f:f4:bf:aa:8f:d6:b9:c9:26:04:46:4f:68:43:c7:d9: 87:d1:32:ff:90:e1:2f:fc:69:42:e8:11:e9:63:be:0e:72:0f: cd:cc:9c:c5:1c:76:26:19:e5:a4:ca:8e:fe:06:30:ee:b2:8a: 3a:e3:45:12:ae:8a:b6:b8:00:24:4f:95:f5:cf:f4:0a:02:53: f0:e2:14:58:52:a6:2e:a8:30:0f:08:f1:45:dd:a4:7f:8a:1f: b3:95:c0:64:41:c0:65:75:13:ed:0a:2d:e6:ce:74:3f:6c:2f: 4f:5c:26:b5:97:93:8a:ef:56:43:f3:18:78:dd:b9:1e:d0:09: a9:eb:cf:8e:7d:f5:09:bd:23:62:f4:3e:60:ab:9e:15:9c:39: dc:92:1c:1a:a5:1e:d1:49:e5:86:35:be:ef:0e:cf:d9:44:4e: 65:e7:ed:df:62:8a:29:ee:f1:0a:8c:a5:96:11:fb:cb:be:ef: 06:7e:9e:29:51:43:17:7a:22:14:4e:7d:28:51:55:a6:8c:a8: 50:9e:64:f0:e4:32:9b:2b:8d:47:75:6f:12:14:ba:08:ae:72: 60:a5:25:f4:fc:ed:b6:00:45:fb:1a:a6:72:4e:6d:e1:23:b9: 90:44:57:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVEOUYxMTAvBgNVBAUTKDMwRUVGM0U4MTlFOTlCMDAwRDY2NUY2QkQ1OTRBRkE0 QzYyMjZBMkUwHhcNMjUwNzAxMDI0MDU2WhcNMjUwNzA4MDI0MDU2WjAYMRYwFAYD VQQDEw02ODYzNGFiOS1lMDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtGvi5zvHH2JnqSL4eGERaXYFWmPCfm6KkNVd9xOaVH1KXY1svFwsNIimAPLW 5U93ZIyiLMFAmv3S/NL5EWJfmj6ThG+jXWMxUTwj/yDlIFoVyNT/+/r8iMiPbo+Q wrowoDuebfhUt1oK1V0NYZO4fqY7bbXO7sTd38MBHB21WL+/QETA6+4I5zjO7Ykr oiSbjdmaln2QkaXzIxrjnS1HSAT6egAID0BvbeHQ8cta2DB7QEEbhGeXpQIeUn2Z /6B9i6muPC7FedxGa8oJRg1zQiz8AWRnvl4c90bd85CJ0Qu3U8ukejeJT3ozim2Z +6HPVfoVNXH5vM7+pASmxOWP9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI81Kv2w FdLsCW6Uo3eNkwVZWfp1MB8GA1UdIwQYMBaAFDDu8+gZ6ZsADWZfa9WUr6TGImou MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUQ5Ri85MjZGMzMzRTNB NEYxMUVEQjdCNkFFMjBDNEY5QUUwMi9NTzd6NkJucG13QU5abDlyMVpTdnBNWWlh aTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01PN3o2Qm5wbXdBTlpsOXIxWlN2cE1ZaWFpNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUQ5Ri85MjZGMzMzRTNBNEYxMUVEQjdCNkFFMjBDNEY5QUUwMi9NTzd6NkJucG13 QU5abDlyMVpTdnBNWWlhaTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXySUvwqAfQPhBOdYSYn3bwh0wHy/0v6qP1rnJJgRGT2hDx9mH0TL/ kOEv/GlC6BHpY74Ocg/NzJzFHHYmGeWkyo7+BjDusoo640USroq2uAAkT5X1z/QK AlPw4hRYUqYuqDAPCPFF3aR/ih+zlcBkQcBldRPtCi3mznQ/bC9PXCa1l5OK71ZD 8xh43bke0Amp68+OffUJvSNi9D5gq54VnDnckhwapR7RSeWGNb7vDs/ZRE5l5+3f Yoop7vEKjKWWEfvLvu8Gfp4pUUMXeiIUTn0oUVWmjKhQnmTw5DKbK41HdW8SFLoI rnJgpSX0/O22AEX7GqZyTm3hI7mQRFdx -----END CERTIFICATE-----Generated at Tue Jul 1 11:43:18 2025 by rpki-client