$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: k9lUfuRyYGviK9FVvJmtvR/TStk0qGyQsQyCSsAl/YA= Subject key identifier: C8:CF:A1:C7:24:4F:C6:D7:4E:B1:EC:9A:0C:E7:38:78:A5:1D:AE:0B Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: 97 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: 96 Signing time: Tue 01 Jul 2025 07:06:19 +0000 Manifest this update: Tue 01 Jul 2025 07:06:19 +0000 Manifest next update: Tue 08 Jul 2025 07:06:19 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: lnI7sNdJR332wMdGHlGMRy5G47D7U9A93NOv6ufpShM=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 151 (0x97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: Jul 1 07:06:19 2025 GMT Not After : Jul 8 07:06:19 2025 GMT Subject: CN=686388eb-271d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e1:33:aa:f8:a5:cb:fc:30:aa:c3:10:22:6c: c3:b1:6e:a5:bb:00:ed:82:fa:1f:66:cd:df:de:55: db:b4:8b:88:28:dd:00:6d:e5:4e:f8:b0:b9:7e:2c: 93:d2:23:a5:91:b1:36:49:2f:90:8b:47:83:c9:c2: d3:b8:0f:ea:ed:34:87:0b:98:97:d2:37:8a:58:bb: a2:8e:a9:94:b4:e6:fb:14:0e:36:4e:8d:78:62:54: 97:14:8f:31:22:6b:2e:53:35:76:2d:d2:a7:52:8a: 1a:10:b5:49:43:16:54:79:df:f9:4d:41:f7:8e:13: ff:0d:96:ca:77:ab:d7:2d:64:b1:bc:e6:e1:ac:aa: 7c:c8:c6:ec:a8:10:67:8b:ea:62:e9:44:47:48:6b: 01:f4:20:29:7f:ad:f0:51:09:4f:3e:83:89:d3:1b: 68:bc:8f:6f:74:18:b4:96:33:3a:ab:69:23:70:b7: 65:9c:bb:9f:ea:d5:38:fc:51:8d:f1:13:3b:f0:13: 8c:4d:84:78:f7:9c:3c:57:64:fc:df:9d:78:b5:0b: 63:37:ca:d2:e2:eb:c6:93:f5:6c:01:f2:31:61:0c: a9:89:92:b7:b9:ef:d2:e0:0c:cc:5a:5f:f5:a9:6e: 68:aa:fe:76:1a:af:e9:f4:4e:a1:44:9a:88:c9:be: e8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:CF:A1:C7:24:4F:C6:D7:4E:B1:EC:9A:0C:E7:38:78:A5:1D:AE:0B X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:fd:6d:4b:b2:46:71:f4:76:22:ce:1e:e4:80:c0:92:f5:65: ad:ee:c3:f8:14:3e:01:8f:c0:36:c6:89:5e:ac:4c:b8:3e:3c: 5f:38:60:d0:73:2a:05:aa:c7:f0:b9:40:83:7e:13:cf:8a:a4: 39:3b:1e:5e:14:37:c0:51:77:b4:19:25:8d:ec:70:92:ce:e8: 94:bf:e2:cc:30:fb:d1:ae:1d:bb:bd:09:e2:f8:65:04:e1:ae: 14:0a:e7:42:76:8d:54:09:d8:48:6b:c4:6a:bc:8b:5d:a9:09: 88:47:e4:c6:ef:36:48:6d:3e:63:d8:15:08:24:6e:7f:f9:a8: 1d:bb:ae:0a:c3:67:e0:7a:5b:f1:b6:af:1c:12:b1:cc:56:01: 15:3d:97:c0:b1:80:8d:fb:75:6d:ab:d1:09:05:4d:30:e0:61: a8:97:5d:32:df:6c:32:2b:41:5f:97:9c:5e:5a:c4:2f:36:ba: 65:5c:42:b7:3f:fe:ae:51:a5:8e:4c:ad:d7:6e:6b:90:8f:80: b3:93:71:a1:09:0f:26:af:6b:14:1b:99:1e:8a:ec:85:dc:2e: 87:8b:5b:48:88:07:d9:d3:9c:84:da:24:13:62:03:06:20:8c: 99:08:24:2f:a4:c8:66:d5:9d:0a:73:27:10:55:82:a3:f4:2b: 6a:5a:80:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKDhCNDg2QUNDQUYxMkE2N0E5NTY4OEU4RDExQkQ2NThD MDQxQzEyNUEwHhcNMjUwNzAxMDcwNjE5WhcNMjUwNzA4MDcwNjE5WjAYMRYwFAYD VQQDEw02ODYzODhlYi0yNzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAweEzqvily/wwqsMQImzDsW6luwDtgvofZs3f3lXbtIuIKN0AbeVO+LC5fiyT 0iOlkbE2SS+Qi0eDycLTuA/q7TSHC5iX0jeKWLuijqmUtOb7FA42To14YlSXFI8x ImsuUzV2LdKnUooaELVJQxZUed/5TUH3jhP/DZbKd6vXLWSxvObhrKp8yMbsqBBn i+pi6URHSGsB9CApf63wUQlPPoOJ0xtovI9vdBi0ljM6q2kjcLdlnLuf6tU4/FGN 8RM78BOMTYR495w8V2T83514tQtjN8rS4uvGk/VsAfIxYQypiZK3ue/S4AzMWl/1 qW5oqv52Gq/p9E6hRJqIyb7oMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMjPocck T8bXTrHsmgznOHilHa4LMB8GA1UdIwQYMBaAFItIasyvEqZ6lWiOjRG9ZYwEHBJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi80RDdDRTY2QTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3BucVZhSTZORWIxbGpBUWNF bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi80RDdDRTY2QTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3Bu cVZhSTZORWIxbGpBUWNFbG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBg/W1LskZx9HYizh7kgMCS9WWt7sP4FD4Bj8A2xolerEy4PjxfOGDQ cyoFqsfwuUCDfhPPiqQ5Ox5eFDfAUXe0GSWN7HCSzuiUv+LMMPvRrh27vQni+GUE 4a4UCudCdo1UCdhIa8RqvItdqQmIR+TG7zZIbT5j2BUIJG5/+agdu64Kw2fgelvx tq8cErHMVgEVPZfAsYCN+3Vtq9EJBU0w4GGol10y32wyK0Ffl5xeWsQvNrplXEK3 P/6uUaWOTK3XbmuQj4Czk3GhCQ8mr2sUG5keiuyF3C6Hi1tIiAfZ05yE2iQTYgMG IIyZCCQvpMhm1Z0KcycQVYKj9CtqWoDy -----END CERTIFICATE-----Generated at Thu Jul 3 06:55:06 2025 by rpki-client