$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft File: df43qD7agAphAmCFh-30CJ2CQOA.mft (raw, json) Hash identifier: Ain2XgluIGFEBx+kQRHOXCrmm09nTGFeIYJ1o7UvPPI= Subject key identifier: 95:7E:33:1B:2B:1E:EA:7F:95:C4:7C:FA:D2:62:82:9D:5E:C6:3F:52 Authority key identifier: 75:FE:37:A8:3E:DA:80:0A:61:02:60:85:87:ED:F4:08:9D:82:40:E0 Certificate issuer: /CN=A91DC7AA/serialNumber=75FE37A83EDA800A6102608587EDF4089D8240E0 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft Manifest number: 1F Signing time: Thu 03 Jul 2025 08:08:41 +0000 Manifest this update: Thu 03 Jul 2025 08:08:41 +0000 Manifest next update: Thu 10 Jul 2025 08:08:41 +0000 Files and hashes: 1: df43qD7agAphAmCFh-30CJ2CQOA.crl (hash: ooSnbjQme2pLg6PiFrm30UZ4sq1cpXwXasigfJjinc4=) 2: A7C7EF962A8911F09526D35BC4F9AE02.roa (hash: q6DsrTnHuS/+1sVBywXv85oiJzaT3sKc0CSqiWHXn5c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.crl rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC7AA, serialNumber=75FE37A83EDA800A6102608587EDF4089D8240E0 Validity Not Before: Jul 3 08:08:41 2025 GMT Not After : Jul 10 08:08:41 2025 GMT Subject: CN=68663a89-e89e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:9c:15:83:fe:57:0b:f9:30:a3:09:9f:df:ec: 81:d9:4c:d2:50:f3:74:e3:53:a7:1d:06:03:22:15: 52:91:54:0c:f8:a0:af:71:d6:7c:33:21:3d:e9:3a: ef:7c:d9:81:59:ba:60:f1:f2:38:b5:96:88:57:f7: f1:59:fc:bd:d1:9d:10:f7:95:14:dc:ff:c8:37:c0: 16:09:b2:ce:17:8f:b8:da:a8:7a:6e:89:ee:e3:e9: e1:ce:c4:3e:6b:d1:8e:97:1b:e4:dd:e3:03:c0:7b: 8d:d6:02:59:2c:4a:a9:ef:06:04:5a:45:0b:7e:18: f8:af:14:fd:ca:a4:3f:af:76:fd:68:20:bf:5b:fe: 0c:d2:d4:1d:8d:e4:f1:21:e3:cb:fc:ac:6e:52:3d: 69:32:d8:62:b3:86:9a:6d:72:74:ba:cc:64:7a:3e: d6:d8:ee:f2:20:05:6a:e9:c8:73:8f:d5:e3:a6:fb: 0c:59:58:21:1d:ed:63:09:9f:76:98:f2:09:1f:a0: 43:ba:a9:1c:95:9a:ac:b1:8e:19:b8:d8:05:1c:23: 9c:46:05:98:f2:79:29:13:68:22:b6:51:07:da:b4: 0f:e9:61:c4:cb:51:7b:9b:79:f4:97:5e:cd:56:50: b9:e7:69:bf:71:15:6b:a8:4d:ed:79:21:75:b5:cc: 59:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:7E:33:1B:2B:1E:EA:7F:95:C4:7C:FA:D2:62:82:9D:5E:C6:3F:52 X509v3 Authority Key Identifier: keyid:75:FE:37:A8:3E:DA:80:0A:61:02:60:85:87:ED:F4:08:9D:82:40:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:23:b4:a9:b8:d5:86:3d:40:60:0a:c2:61:94:dc:42:ef:46: 85:63:87:6d:24:b0:51:b3:de:b9:7b:0b:14:d3:78:4a:e4:9f: bf:3b:4c:c6:7b:17:dd:24:c6:d9:f4:e4:8b:97:84:a1:5d:b6: cd:c8:87:56:92:2c:0b:91:59:2f:b5:e6:a9:ad:ea:f2:e2:a5: 07:af:9e:65:2a:19:27:18:24:59:6e:d5:c5:04:05:6a:16:b2: 41:6b:11:44:f8:0a:bc:fb:f2:bd:22:b1:3c:10:0f:c6:26:eb: fd:31:ff:4a:74:24:08:3c:c0:72:79:8c:66:d7:fa:32:46:db: 9a:e0:f8:8d:ce:c5:4a:33:78:d0:15:e9:eb:8c:98:1a:55:30: 88:d5:29:52:59:55:6b:57:97:82:f9:02:d8:88:01:a7:1b:51: 92:a1:b6:0a:bd:21:3a:94:28:e8:5d:6e:23:2c:a0:c9:8d:d6: df:ed:37:7d:43:f6:64:f0:91:2f:53:18:b8:25:ea:cb:cf:d1: 80:e8:f1:aa:b2:e6:e6:22:5e:41:fc:a1:12:e0:66:7f:01:4d: 52:2e:54:53:56:d2:c7:3f:89:ac:03:7d:0e:3f:af:ae:f8:aa: c0:18:e9:ed:6f:2e:00:fa:dc:5a:74:0d:e9:b8:38:eb:56:d3: 50:03:e4:a3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QzdBQTExMC8GA1UEBRMoNzVGRTM3QTgzRURBODAwQTYxMDI2MDg1ODdFREY0MDg5 RDgyNDBFMDAeFw0yNTA3MDMwODA4NDFaFw0yNTA3MTAwODA4NDFaMBgxFjAUBgNV BAMTDTY4NjYzYTg5LWU4OWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCynBWD/lcL+TCjCZ/f7IHZTNJQ83TjU6cdBgMiFVKRVAz4oK9x1nwzIT3pOu98 2YFZumDx8ji1lohX9/FZ/L3RnRD3lRTc/8g3wBYJss4Xj7jaqHpuie7j6eHOxD5r 0Y6XG+Td4wPAe43WAlksSqnvBgRaRQt+GPivFP3KpD+vdv1oIL9b/gzS1B2N5PEh 48v8rG5SPWky2GKzhpptcnS6zGR6PtbY7vIgBWrpyHOP1eOm+wxZWCEd7WMJn3aY 8gkfoEO6qRyVmqyxjhm42AUcI5xGBZjyeSkTaCK2UQfatA/pYcTLUXubefSXXs1W ULnnab9xFWuoTe15IXW1zFnpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUlX4zGyse 6n+VxHz60mKCnV7GP1IwHwYDVR0jBBgwFoAUdf43qD7agAphAmCFh+30CJ2CQOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDN0FBL0QyMkVEQTM0MkE4 ODExRjBBMzBEOTE1OUM0RjlBRTAyL2RmNDNxRDdhZ0FwaEFtQ0ZoLTMwQ0oyQ1FP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZGY0M3FEN2FnQXBoQW1DRmgtMzBDSjJDUU9BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURD N0FBL0QyMkVEQTM0MkE4ODExRjBBMzBEOTE1OUM0RjlBRTAyL2RmNDNxRDdhZ0Fw aEFtQ0ZoLTMwQ0oyQ1FPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIsjtKm41YY9QGAKwmGU3ELvRoVjh20ksFGz3rl7CxTTeErkn787TMZ7 F90kxtn05IuXhKFdts3Ih1aSLAuRWS+15qmt6vLipQevnmUqGScYJFlu1cUEBWoW skFrEUT4Crz78r0isTwQD8Ym6/0x/0p0JAg8wHJ5jGbX+jJG25rg+I3OxUozeNAV 6euMmBpVMIjVKVJZVWtXl4L5AtiIAacbUZKhtgq9ITqUKOhdbiMsoMmN1t/tN31D 9mTwkS9TGLgl6svP0YDo8aqy5uYiXkH8oRLgZn8BTVIuVFNW0sc/iawDfQ4/r674 qsAY6e1vLgD63Fp0Dem4OOtW01AD5KM= -----END CERTIFICATE-----Generated at Thu Jul 3 10:03:13 2025 by rpki-client