$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft File: 4Y0K0YMT4gIg3qG4cW37310JzPg.mft (raw, json) Hash identifier: Q8vxAVnktq3TQI97GGR0r3AFFNDLTFdeDVgyLaTE22A= Subject key identifier: 84:39:B1:0D:E0:93:CD:11:03:81:22:82:F9:22:86:71:B7:98:91:17 Authority key identifier: E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 Certificate issuer: /CN=A91DBB66/serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft Manifest number: 1E Signing time: Sat 05 Jul 2025 08:13:57 +0000 Manifest this update: Sat 05 Jul 2025 08:13:57 +0000 Manifest next update: Sat 12 Jul 2025 08:13:57 +0000 Files and hashes: 1: 4Y0K0YMT4gIg3qG4cW37310JzPg.crl (hash: 7fZGQKxeJOyTh86RMwXYhZ+F/ADdTe9a+GTVS7xXFfc=) 2: 099A56FE2FB311F09E3A9373C4F9AE02.roa (hash: c58CHJdQfloT8cjooayoSNCaLkxE9yxaVBgoB9VE0Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB66, serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Validity Not Before: Jul 5 08:13:57 2025 GMT Not After : Jul 12 08:13:57 2025 GMT Subject: CN=6868dec5-6994 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7e:43:55:b7:df:58:a5:24:ce:ab:e0:76:d9: 8b:eb:18:1a:ed:dd:d7:29:13:60:76:ab:f7:7b:d1: 09:f7:96:8b:0a:4a:09:d7:85:40:e2:24:d6:df:32: 4d:2c:2c:d1:56:ec:98:fa:3c:92:cd:e1:db:ab:42: a1:9c:0e:9f:32:55:57:90:d8:c1:43:a4:ab:1d:2c: 22:da:4e:9c:65:21:6b:7d:ae:52:3d:4d:7b:66:1e: 99:d1:f6:c3:0a:a0:f6:51:5a:43:f1:48:3e:e2:31: b6:ad:fb:e9:43:a7:eb:4b:78:d2:cc:c8:72:f0:8d: f9:b4:30:f3:11:de:73:bd:eb:32:62:ef:aa:a3:cb: 65:8a:4f:fc:96:23:a8:54:6b:14:19:57:8e:43:2f: ab:10:12:eb:9b:d9:19:88:b7:c1:f2:49:41:e4:b4: ac:4f:b5:61:a5:1c:c1:d2:de:b6:bd:da:77:ee:f6: 01:72:56:5b:b4:e8:20:84:ec:5c:de:0b:65:7b:c8: 0c:8d:af:e7:1a:7b:48:93:a3:4d:71:da:c5:73:99: 7d:50:2e:a9:9e:16:94:f4:1d:68:dc:b2:cf:fa:7a: b1:1b:47:e9:84:bd:1d:f4:54:4e:22:ab:43:39:a7: e1:1c:f8:4f:2c:35:11:15:58:ce:6c:3b:89:90:5f: 65:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:39:B1:0D:E0:93:CD:11:03:81:22:82:F9:22:86:71:B7:98:91:17 X509v3 Authority Key Identifier: keyid:E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:8a:51:8d:8b:7c:10:84:ec:61:3d:6a:91:26:af:c0:cf:fc: 4c:4f:7c:cb:15:de:c3:f2:cb:49:43:5e:14:0b:48:79:2e:56: cb:f5:f1:81:cc:8b:46:2c:89:0b:72:b6:6f:5b:ba:b8:15:c2: 21:5e:6b:08:db:3f:20:ed:66:e0:52:89:ff:d5:58:5e:b7:ee: aa:51:85:0e:ec:21:d5:bb:fd:2d:28:9d:73:af:c9:b4:5a:c8: a3:c3:16:d0:7a:95:9d:2e:89:e6:19:f8:7a:4a:1d:97:33:83: a3:7d:37:13:13:bc:f3:ce:b9:b7:b3:59:91:ba:2e:be:b2:fd: 94:57:b1:4f:ee:9b:6c:c0:6b:64:75:73:79:58:9b:8b:f3:08: ce:39:1e:f8:46:47:de:26:33:aa:04:c1:4a:d4:73:f8:be:c5: 22:2d:1a:83:d0:97:f4:30:1d:c6:3c:0c:fc:3f:30:19:e5:d2: 81:f2:1c:0b:53:e1:38:2f:c0:0a:e4:71:eb:e8:9f:5d:b5:21: c5:35:bb:de:4a:67:8c:e7:ea:a9:db:9d:5f:76:dd:9e:de:c7: 14:ef:e3:4b:e5:1c:52:77:df:a2:25:5c:d7:37:9c:e4:b9:07: dc:d3:bc:7f:11:b6:49:d7:10:98:1e:a9:f0:a3:44:1d:00:20: f1:01:40:b8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkI2NjExMC8GA1UEBRMoRTE4RDBBRDE4MzEzRTIwMjIwREVBMUI4NzE2REZCREY1 RDA5Q0NGODAeFw0yNTA3MDUwODEzNTdaFw0yNTA3MTIwODEzNTdaMBgxFjAUBgNV BAMTDTY4NjhkZWM1LTY5OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCdfkNVt99YpSTOq+B22YvrGBrt3dcpE2B2q/d70Qn3losKSgnXhUDiJNbfMk0s LNFW7Jj6PJLN4durQqGcDp8yVVeQ2MFDpKsdLCLaTpxlIWt9rlI9TXtmHpnR9sMK oPZRWkPxSD7iMbat++lDp+tLeNLMyHLwjfm0MPMR3nO96zJi76qjy2WKT/yWI6hU axQZV45DL6sQEuub2RmIt8HySUHktKxPtWGlHMHS3ra92nfu9gFyVlu06CCE7Fze C2V7yAyNr+cae0iTo01x2sVzmX1QLqmeFpT0HWjcss/6erEbR+mEvR30VE4iq0M5 p+Ec+E8sNREVWM5sO4mQX2U5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhDmxDeCT zREDgSKC+SKGcbeYkRcwHwYDVR0jBBgwFoAU4Y0K0YMT4gIg3qG4cW37310JzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQjY2LzBDMEQ4MERFMkZB QzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJZzNxRzRjVzM3MzEwSnpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFkwSzBZTVQ0Z0lnM3FHNGNXMzczMTBKelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QjY2LzBDMEQ4MERFMkZBQzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJ ZzNxRzRjVzM3MzEwSnpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGqKUY2LfBCE7GE9apEmr8DP/ExPfMsV3sPyy0lDXhQLSHkuVsv18YHM i0YsiQtytm9burgVwiFeawjbPyDtZuBSif/VWF637qpRhQ7sIdW7/S0onXOvybRa yKPDFtB6lZ0uieYZ+HpKHZczg6N9NxMTvPPOubezWZG6Lr6y/ZRXsU/um2zAa2R1 c3lYm4vzCM45HvhGR94mM6oEwUrUc/i+xSItGoPQl/QwHcY8DPw/MBnl0oHyHAtT 4TgvwArkcevon121IcU1u95KZ4zn6qnbnV923Z7exxTv40vlHFJ336IlXNc3nOS5 B9zTvH8RtknXEJgeqfCjRB0AIPEBQLg= -----END CERTIFICATE-----Generated at Sat Jul 5 21:42:45 2025 by rpki-client