$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.mft File: We3oFpsKLDIUaf8RsWKL3gwfLEE.mft (raw, json) Hash identifier: gvwl6zix+2cZdMFWK5e4QCbn63XYtVs+uqQZzsbKy+0= Subject key identifier: 29:9B:55:9B:CD:0C:14:B6:1D:DC:6C:AB:14:CD:43:8E:45:0E:62:B0 Authority key identifier: 59:ED:E8:16:9B:0A:2C:32:14:69:FF:11:B1:62:8B:DE:0C:1F:2C:41 Certificate issuer: /CN=A91DEFAF/serialNumber=59EDE8169B0A2C321469FF11B1628BDE0C1F2C41 Certificate serial: 0711 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/We3oFpsKLDIUaf8RsWKL3gwfLEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.mft Manifest number: 070A Signing time: Mon 30 Jun 2025 22:13:08 +0000 Manifest this update: Mon 30 Jun 2025 22:13:08 +0000 Manifest next update: Mon 07 Jul 2025 22:13:08 +0000 Files and hashes: 1: We3oFpsKLDIUaf8RsWKL3gwfLEE.crl (hash: B0AcbtMaxtL5rlaybFh02mBPOYAOVXkWQf7zYoK30SE=) 2: A793BA7E492D11EB8BE07D54C4F9AE02.roa (hash: rr5k3fKZgvDyXFLnJfEeotntvMNKxGcDJEuXf2w7Hns=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.crl rsync://rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/We3oFpsKLDIUaf8RsWKL3gwfLEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 22:13:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1809 (0x711) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEFAF, serialNumber=59EDE8169B0A2C321469FF11B1628BDE0C1F2C41 Validity Not Before: Jun 30 22:13:08 2025 GMT Not After : Jul 7 22:13:08 2025 GMT Subject: CN=68630bf4-d964 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:6b:ac:94:74:be:6e:a8:03:6a:4e:8c:08:40: b9:ed:93:c7:a4:5d:58:18:66:07:10:e4:4c:8d:fb: d0:8e:38:04:53:6d:75:c2:82:60:00:84:b8:04:47: 17:4f:92:40:e5:0e:44:77:6e:8b:f5:2d:ad:b6:da: 10:2f:b8:4d:e6:7d:d5:4a:bd:23:62:b2:d5:77:d6: a6:57:90:e6:d1:48:bf:52:5c:4d:88:3b:75:79:7f: c2:ed:bd:2c:5a:72:0d:d0:9c:a5:f5:8c:e1:78:9c: a5:8e:f2:11:a7:d1:e9:ce:58:05:4b:d9:78:d6:a9: 16:0c:2b:06:8b:75:f2:6d:30:05:bb:e5:df:d3:2d: d7:0d:52:12:7c:29:2d:24:95:55:24:34:b5:19:6e: b4:90:11:39:c3:71:a1:35:cb:0a:4a:e0:4c:47:7d: 7d:55:47:7f:c2:32:d9:c4:30:d6:6b:26:24:88:0b: 6e:2d:62:4b:22:32:ad:63:f9:13:ec:cd:08:d8:76: 66:eb:ab:3e:7e:19:5f:a3:6c:48:26:81:a2:f5:da: 70:e7:22:cd:ba:53:c2:9c:b1:51:92:ed:6a:6d:d8: e9:b7:fa:0d:6b:46:a0:39:88:4c:85:a3:9a:11:18: 63:7e:92:44:b7:a0:ab:82:50:92:49:bc:ad:0e:6c: ed:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:9B:55:9B:CD:0C:14:B6:1D:DC:6C:AB:14:CD:43:8E:45:0E:62:B0 X509v3 Authority Key Identifier: keyid:59:ED:E8:16:9B:0A:2C:32:14:69:FF:11:B1:62:8B:DE:0C:1F:2C:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/We3oFpsKLDIUaf8RsWKL3gwfLEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEFAF/07176240492C11EBA981BF52C4F9AE02/We3oFpsKLDIUaf8RsWKL3gwfLEE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:86:a1:8e:33:2e:9c:47:fa:3e:81:98:75:f9:f3:36:c1:b4: 34:de:79:92:5e:5b:f8:a6:e4:f9:c3:7b:e9:e7:5b:2c:68:44: 3f:c2:40:2e:1f:c3:88:1a:38:6c:9f:02:9f:7f:01:6c:a7:60: 81:2c:18:fc:bf:fa:34:5f:f1:15:29:4b:00:0c:22:f8:ed:9f: e8:93:91:65:44:10:e9:c2:ce:00:87:64:cf:69:7f:4a:f1:76: b7:a0:c1:cf:89:b3:66:be:ae:e8:b1:8e:0d:d0:b0:ed:37:3e: af:f7:0a:e0:49:73:67:f2:15:44:7a:92:6e:fb:c8:f9:c8:ad: 29:56:50:23:8b:9b:53:2d:e2:0c:ee:d2:da:b1:34:7a:63:87: 08:6e:b8:3d:68:8e:01:cb:9d:ab:35:85:ca:0e:b3:6c:e1:b0: 63:4c:77:b4:9f:da:fa:ba:d8:37:8f:b5:73:1d:76:71:5f:24: 8d:6c:eb:9e:bc:4c:a4:fe:c6:ad:88:d7:82:62:ed:a7:71:cd: 95:1a:86:07:c4:cd:a7:7e:e2:ea:e9:0f:e7:af:f1:6f:51:d1: 2c:49:8e:bf:53:15:aa:b9:eb:14:5c:1c:40:aa:c7:a8:43:29: 6f:92:61:c2:d1:93:28:5f:61:50:18:02:cf:fa:11:f5:77:52: 4a:a1:e7:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVGQUYxMTAvBgNVBAUTKDU5RURFODE2OUIwQTJDMzIxNDY5RkYxMUIxNjI4QkRF MEMxRjJDNDEwHhcNMjUwNjMwMjIxMzA4WhcNMjUwNzA3MjIxMzA4WjAYMRYwFAYD VQQDEw02ODYzMGJmNC1kOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoWuslHS+bqgDak6MCEC57ZPHpF1YGGYHEORMjfvQjjgEU211woJgAIS4BEcX T5JA5Q5Ed26L9S2tttoQL7hN5n3VSr0jYrLVd9amV5Dm0Ui/UlxNiDt1eX/C7b0s WnIN0Jyl9YzheJyljvIRp9HpzlgFS9l41qkWDCsGi3XybTAFu+Xf0y3XDVISfCkt JJVVJDS1GW60kBE5w3GhNcsKSuBMR319VUd/wjLZxDDWayYkiAtuLWJLIjKtY/kT 7M0I2HZm66s+fhlfo2xIJoGi9dpw5yLNulPCnLFRku1qbdjpt/oNa0agOYhMhaOa ERhjfpJEt6CrglCSSbytDmzt+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCmbVZvN DBS2HdxsqxTNQ45FDmKwMB8GA1UdIwQYMBaAFFnt6BabCiwyFGn/EbFii94MHyxB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUZBRi8wNzE3NjI0MDQ5 MkMxMUVCQTk4MUJGNTJDNEY5QUUwMi9XZTNvRnBzS0xESVVhZjhSc1dLTDNnd2ZM RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dlM29GcHNLTERJVWFmOFJzV0tMM2d3ZkxFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUZBRi8wNzE3NjI0MDQ5MkMxMUVCQTk4MUJGNTJDNEY5QUUwMi9XZTNvRnBzS0xE SVVhZjhSc1dLTDNnd2ZMRUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARhqGOMy6cR/o+gZh1+fM2wbQ03nmSXlv4puT5w3vp51ssaEQ/wkAu H8OIGjhsnwKffwFsp2CBLBj8v/o0X/EVKUsADCL47Z/ok5FlRBDpws4Ah2TPaX9K 8Xa3oMHPibNmvq7osY4N0LDtNz6v9wrgSXNn8hVEepJu+8j5yK0pVlAji5tTLeIM 7tLasTR6Y4cIbrg9aI4By52rNYXKDrNs4bBjTHe0n9r6utg3j7VzHXZxXySNbOue vEyk/satiNeCYu2ncc2VGoYHxM2nfuLq6Q/nr/FvUdEsSY6/UxWquesUXBxAqseo QylvkmHC0ZMoX2FQGALP+hH1d1JKoedQ -----END CERTIFICATE-----Generated at Wed Jul 2 20:57:18 2025 by rpki-client