$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft File: 0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft (raw, json) Hash identifier: KejbcLsIdGqfqlfEkweZ9cN8piIREsy9EQ83S2ZDNHE= Subject key identifier: A7:65:17:B9:36:5F:D1:26:C6:67:FD:26:43:8B:37:1F:69:D6:4A:2C Authority key identifier: D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51 Certificate issuer: /CN=A91DA8C2/serialNumber=D24FCCAD3ACE7FFE5BF02A6A8F68C0602E1C1B51 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft Manifest number: 39 Signing time: Tue 01 Jul 2025 08:21:08 +0000 Manifest this update: Tue 01 Jul 2025 08:21:07 +0000 Manifest next update: Tue 08 Jul 2025 08:21:07 +0000 Files and hashes: 1: 0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl (hash: LuCLDZ1qpVMqSGNGo8YjnL1PzNCUYwmnf/V1/a+LKPI=) 2: 32EE2B68005411F08A6FEB4BC4F9AE02.roa (hash: wwcr+8+DOyZmloRteEL56x1j3vM+7vfdbP5INKVgy7U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:21:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA8C2, serialNumber=D24FCCAD3ACE7FFE5BF02A6A8F68C0602E1C1B51 Validity Not Before: Jul 1 08:21:07 2025 GMT Not After : Jul 8 08:21:07 2025 GMT Subject: CN=68639a73-6ed6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:63:12:d3:85:53:ff:96:4a:a0:ae:e5:51:92: 68:34:ea:f6:1d:2b:9b:79:ca:45:b0:ed:d1:13:a7: d5:35:ee:88:87:a9:35:7b:de:1a:20:5f:11:63:d8: 3b:23:cf:c4:5e:2f:a8:33:ef:e5:3d:1f:f9:a7:11: c0:6f:57:34:7b:d3:28:d8:01:da:f7:af:82:d2:38: 5e:0b:da:d3:d8:eb:87:c6:98:96:a0:8c:7b:f2:7b: 2c:fc:39:73:12:9f:06:50:3a:5c:32:f6:31:3f:f9: 9d:64:53:1c:33:de:29:c6:11:76:2b:14:eb:ff:bd: fd:ce:8f:85:22:9c:c5:86:a1:03:16:83:b0:9d:17: 52:22:ff:66:7d:97:43:92:93:6d:a7:4e:58:a3:5e: a8:34:a8:ca:70:72:d4:8e:20:2d:62:37:bf:65:aa: 85:39:83:72:21:88:74:93:61:bb:8b:97:70:0d:c3: fa:1b:8e:fe:c9:31:0f:7f:9a:57:0e:5f:a6:e1:b6: ba:bc:93:41:50:c1:d0:55:e6:b8:bc:dd:07:d2:0c: 0f:0b:53:96:07:65:47:fd:b0:f3:6a:94:c5:95:c3: e5:32:37:b9:27:aa:98:d2:af:dd:06:70:cf:1b:6e: df:2d:f1:bc:68:1d:7b:cf:78:e0:3b:62:9b:bd:66: 9a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:65:17:B9:36:5F:D1:26:C6:67:FD:26:43:8B:37:1F:69:D6:4A:2C X509v3 Authority Key Identifier: keyid:D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:78:1f:7d:d2:69:de:e4:17:6c:28:d4:58:59:53:c6:b1:27: 37:96:0e:3b:93:77:7c:71:c5:72:d7:93:48:38:06:1e:8b:05: ec:5b:f1:6f:ef:2d:34:ea:42:a0:6d:75:9b:68:15:a3:b7:57: 4f:a2:19:1d:66:14:6b:a0:57:a6:c0:29:96:ed:0b:cb:87:56: 04:3a:3f:09:14:d6:0f:88:45:05:28:20:e9:b4:db:ae:ad:6e: d9:8c:c9:de:66:96:2e:fb:14:f5:07:d2:c0:37:03:50:60:f9: b8:9a:c9:5e:06:5d:3c:83:1a:2b:37:a9:4b:53:73:28:23:cc: 75:69:3e:64:33:69:09:50:e9:62:3d:d0:08:9a:73:94:9c:00: 31:5b:b9:e5:47:52:8c:58:5d:8d:61:60:39:f7:8c:37:b5:e9: 83:a9:2b:f6:7e:68:18:4a:be:6f:b8:2b:7e:68:a9:97:36:4d: 68:f0:87:dd:e1:22:5b:90:82:65:19:2e:07:87:49:e8:a5:32: 71:99:51:db:89:80:79:71:43:61:5b:fc:a5:c5:b1:55:20:c2: 9d:89:c2:d2:ce:0a:c6:bd:b2:43:9d:e8:29:e2:bd:7d:72:c4: e5:9e:91:53:4b:a3:ea:d3:ab:5d:51:47:da:94:ea:78:ce:63: 45:9a:9d:ed -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QThDMjExMC8GA1UEBRMoRDI0RkNDQUQzQUNFN0ZGRTVCRjAyQTZBOEY2OEMwNjAy RTFDMUI1MTAeFw0yNTA3MDEwODIxMDdaFw0yNTA3MDgwODIxMDdaMBgxFjAUBgNV BAMTDTY4NjM5YTczLTZlZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2YxLThVP/lkqgruVRkmg06vYdK5t5ykWw7dETp9U17oiHqTV73hogXxFj2Dsj z8ReL6gz7+U9H/mnEcBvVzR70yjYAdr3r4LSOF4L2tPY64fGmJagjHvyeyz8OXMS nwZQOlwy9jE/+Z1kUxwz3inGEXYrFOv/vf3Oj4UinMWGoQMWg7CdF1Ii/2Z9l0OS k22nTlijXqg0qMpwctSOIC1iN79lqoU5g3IhiHSTYbuLl3ANw/objv7JMQ9/mlcO X6bhtrq8k0FQwdBV5ri83QfSDA8LU5YHZUf9sPNqlMWVw+UyN7knqpjSr90GcM8b bt8t8bxoHXvPeOA7Ypu9ZpplAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUp2UXuTZf 0SbGZ/0mQ4s3H2nWSiwwHwYDVR0jBBgwFoAU0k/MrTrOf/5b8Cpqj2jAYC4cG1Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBOEMyLzk1QTY5QkUyMDA1 MzExRjA4RTczRTE0QUM0RjlBRTAyLzBrX01yVHJPZl81YjhDcHFqMmpBWUM0Y0cx RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMGtfTXJUck9mXzViOENwcWoyakFZQzRjRzFFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURB OEMyLzk1QTY5QkUyMDA1MzExRjA4RTczRTE0QUM0RjlBRTAyLzBrX01yVHJPZl81 YjhDcHFqMmpBWUM0Y0cxRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH54H33Sad7kF2wo1FhZU8axJzeWDjuTd3xxxXLXk0g4Bh6LBexb8W/v LTTqQqBtdZtoFaO3V0+iGR1mFGugV6bAKZbtC8uHVgQ6PwkU1g+IRQUoIOm0266t btmMyd5mli77FPUH0sA3A1Bg+biayV4GXTyDGis3qUtTcygjzHVpPmQzaQlQ6WI9 0Aiac5ScADFbueVHUoxYXY1hYDn3jDe16YOpK/Z+aBhKvm+4K35oqZc2TWjwh93h IluQgmUZLgeHSeilMnGZUduJgHlxQ2Fb/KXFsVUgwp2JwtLOCsa9skOd6CnivX1y xOWekVNLo+rTq11RR9qU6njOY0Wane0= -----END CERTIFICATE-----Generated at Tue Jul 1 16:03:10 2025 by rpki-client