$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft File: pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft (raw, json) Hash identifier: aSKpcrJmrQLQF4SZTSp2t6uPPewN06jkr3SNIKwFQfA= Subject key identifier: 3B:AB:DB:B9:05:FA:4B:B0:DE:5A:53:33:2E:0D:31:56:D2:A3:C8:D4 Authority key identifier: A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 Certificate issuer: /CN=A91DD902/serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Certificate serial: 01AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft Manifest number: 01AA Signing time: Tue 01 Jul 2025 03:37:01 +0000 Manifest this update: Tue 01 Jul 2025 03:37:00 +0000 Manifest next update: Tue 08 Jul 2025 03:37:00 +0000 Files and hashes: 1: pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl (hash: JqJKyVfWp4hQTV+GNnEAq8VEXR8jBm+sPvkvovg4JGs=) 2: 33A48584C92911EDAE3AB84EC4F9AE02.roa (hash: ZbC1fIWVYM0VLVl8rd4V+PKdCpSrgSM3tfi0uNsU2b0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:37:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 429 (0x1ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD902, serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Validity Not Before: Jul 1 03:37:00 2025 GMT Not After : Jul 8 03:37:00 2025 GMT Subject: CN=686357dd-ddc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:53:85:24:9c:4a:d9:1c:83:b6:b1:e5:e6:ef: 20:ae:04:5e:ba:a9:1d:a2:2e:11:e6:06:1c:ce:ec: 2d:40:9f:38:79:9c:ea:cf:ba:6c:8c:e4:1a:d5:47: 68:8e:cc:ed:34:b8:57:ce:8f:73:88:7d:f3:fe:08: ac:ab:4b:98:df:64:6e:d2:e2:3b:fb:a2:98:9d:a1: 9e:4c:aa:0c:1a:a9:4d:66:f2:e6:0b:86:9b:82:c2: 3b:6a:08:1c:78:8e:df:bb:fa:41:83:b9:48:6e:9b: a5:8a:ad:22:16:54:6b:e9:ce:d7:79:a4:1d:fc:5b: 9a:2d:c9:11:b6:66:9f:b6:c3:f9:fc:d2:13:d4:d7: 5a:a7:9d:b8:e2:0e:95:0e:d4:e0:10:dd:47:fb:f1: bb:ef:40:d5:84:9f:fa:23:29:71:29:d0:1b:e2:f5: d0:3c:b9:8d:77:4a:8e:0c:b1:0d:5d:07:67:42:fb: 25:f6:b1:3e:f4:05:93:5b:0b:c8:84:5f:00:5a:ae: 0e:f6:5e:87:4b:34:bc:14:db:49:22:c4:11:06:32: f3:87:74:73:de:c8:25:35:c6:84:d2:b7:66:8f:37: 25:54:48:72:80:ff:ac:88:0c:01:4c:23:e5:96:36: 17:24:0f:66:2a:ce:8a:f6:63:ff:58:c4:cc:f2:c0: 7e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:AB:DB:B9:05:FA:4B:B0:DE:5A:53:33:2E:0D:31:56:D2:A3:C8:D4 X509v3 Authority Key Identifier: keyid:A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:0f:fb:51:02:ee:93:4c:c3:a2:47:46:85:e2:9c:7b:39:8b: 39:6d:c0:a0:20:7b:fd:bf:fb:af:09:ae:4c:f5:40:7d:bc:a2: e5:53:e6:66:d1:e1:b4:84:7e:61:46:f0:7f:a0:56:c4:31:a6: 0d:ae:a7:1a:16:c6:0a:b8:ba:05:36:db:f4:7c:ab:cb:84:90: 29:79:ba:e8:ae:70:e5:06:68:49:e1:c6:e5:46:5e:95:02:31: 0c:f8:ae:80:ca:d4:fd:3d:c5:f4:0e:40:f1:a8:a7:25:69:5e: 06:de:57:0a:0b:47:64:d1:13:90:43:ab:0d:21:7c:aa:8f:49: 77:d8:2f:89:85:7d:cb:16:25:a7:80:9e:9e:c0:0c:ec:2e:02: 33:4d:94:ff:30:5f:2f:a6:5c:0c:d7:96:c2:35:2c:ed:f9:f8: 42:24:dd:ec:23:6c:d7:4e:7b:8d:37:60:af:57:a9:b0:3e:f3: 5b:f1:0e:7c:bc:7b:3a:7b:bf:d9:44:83:d4:c2:ca:3d:a6:b1: f2:b9:8b:eb:34:96:71:e4:5a:a7:51:86:a1:1b:8d:a7:94:ea: 36:ea:42:79:e6:0c:d5:26:ea:89:96:7d:c1:26:0e:f1:fa:19: 0c:db:27:2a:59:67:1a:6c:d2:01:f5:e3:b1:68:ec:24:80:66: ff:17:2a:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ5MDIxMTAvBgNVBAUTKEE2NzRDNjcwMUUyQjBDRTNEMTA3RTlGMjM2QzU1Q0VG RTY4NzY4RjEwHhcNMjUwNzAxMDMzNzAwWhcNMjUwNzA4MDMzNzAwWjAYMRYwFAYD VQQDEw02ODYzNTdkZC1kZGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs1OFJJxK2RyDtrHl5u8grgReuqkdoi4R5gYczuwtQJ84eZzqz7psjOQa1Udo jsztNLhXzo9ziH3z/gisq0uY32Ru0uI7+6KYnaGeTKoMGqlNZvLmC4abgsI7aggc eI7fu/pBg7lIbpuliq0iFlRr6c7XeaQd/FuaLckRtmaftsP5/NIT1Ndap5244g6V DtTgEN1H+/G770DVhJ/6IylxKdAb4vXQPLmNd0qODLENXQdnQvsl9rE+9AWTWwvI hF8AWq4O9l6HSzS8FNtJIsQRBjLzh3Rz3sglNcaE0rdmjzclVEhygP+siAwBTCPl ljYXJA9mKs6K9mP/WMTM8sB+jQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDur27kF +kuw3lpTMy4NMVbSo8jUMB8GA1UdIwQYMBaAFKZ0xnAeKwzj0Qfp8jbFXO/mh2jx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDkwMi81NzBCM0Y4RUM5 MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRPUFJCLW55TnNWYzctYUhh UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BuVEdjQjRyRE9QUkItbnlOc1ZjNy1hSGFQRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDkwMi81NzBCM0Y4RUM5MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRP UFJCLW55TnNWYzctYUhhUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYD/tRAu6TTMOiR0aF4px7OYs5bcCgIHv9v/uvCa5M9UB9vKLlU+Zm 0eG0hH5hRvB/oFbEMaYNrqcaFsYKuLoFNtv0fKvLhJApebrornDlBmhJ4cblRl6V AjEM+K6AytT9PcX0DkDxqKclaV4G3lcKC0dk0ROQQ6sNIXyqj0l32C+JhX3LFiWn gJ6ewAzsLgIzTZT/MF8vplwM15bCNSzt+fhCJN3sI2zXTnuNN2CvV6mwPvNb8Q58 vHs6e7/ZRIPUwso9prHyuYvrNJZx5FqnUYahG42nlOo26kJ55gzVJuqJln3BJg7x +hkM2ycqWWcabNIB9eOxaOwkgGb/Fyrx -----END CERTIFICATE-----Generated at Wed Jul 2 04:52:31 2025 by rpki-client