$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft File: 4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft (raw, json) Hash identifier: 3zc1/rpyJ0CSxj/RPt4enXp37/NaGR6wvoTV07D91TE= Subject key identifier: 78:33:FD:DE:14:23:DF:3A:C8:90:C0:37:BA:B1:83:82:B0:18:5E:04 Authority key identifier: E1:D9:5A:3C:BD:D9:20:29:AE:BE:1E:13:08:09:9E:62:49:CD:36:24 Certificate issuer: /CN=A91E0CA1/serialNumber=E1D95A3CBDD92029AEBE1E1308099E6249CD3624 Certificate serial: 0ACE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft Manifest number: 0AC7 Signing time: Wed 02 Jul 2025 19:41:17 +0000 Manifest this update: Wed 02 Jul 2025 19:41:16 +0000 Manifest next update: Wed 09 Jul 2025 19:41:16 +0000 Files and hashes: 1: 4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl (hash: 9pcYfh6UBp4btA/4O2qOk34HNRZV5CO2L4/e4w/IhIk=) 2: 29B9D5B8524111EABEF0A119C4F9AE02.roa (hash: XgnhviRQUKAkeu4itRmlPhHlV4kxqNIZcBKK2pdxl3k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:41:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2766 (0xace) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0CA1, serialNumber=E1D95A3CBDD92029AEBE1E1308099E6249CD3624 Validity Not Before: Jul 2 19:41:16 2025 GMT Not After : Jul 9 19:41:16 2025 GMT Subject: CN=68658b5c-6181 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2f:fe:09:ad:c9:f0:54:30:32:4f:7d:91:45: fd:ff:cd:bc:ad:2a:45:e3:42:fc:2a:4b:39:2a:21: b4:c5:72:f0:95:84:73:79:ac:1b:10:04:de:ee:43: f7:d3:8f:da:07:e4:9a:4c:ff:69:e0:9c:9d:4b:0b: 3e:dd:79:79:fb:ff:7b:10:e5:37:fe:35:eb:28:c6: 3c:fb:6a:f9:2b:81:95:bc:5b:6d:1b:1e:ec:df:31: c9:ee:dd:33:de:bf:1a:49:81:6f:63:b3:34:50:28: c7:5c:09:53:66:82:e1:90:53:e9:b7:8c:53:7a:1d: 6e:ae:30:0a:96:b2:53:19:c2:8e:7f:69:a3:0f:af: 40:d5:60:96:6b:f1:86:0d:a1:4a:dc:27:02:d7:f4: 89:1a:3f:12:7d:8e:e5:ef:de:79:f5:f9:55:03:8e: 5e:b4:fd:64:a9:e1:43:ee:a9:2f:20:33:29:66:d3: c8:72:77:02:96:96:1b:f0:40:5b:d2:10:de:43:78: 25:c5:3a:52:a1:b5:43:4e:24:33:8c:e0:c9:6e:77: 2a:4d:e9:f9:02:6a:04:bd:4b:d1:7b:c1:2b:41:91: b4:05:45:36:20:fb:ae:ce:59:55:ca:c5:66:ab:52: 7e:39:0d:ad:4f:3d:ff:a0:a1:02:bb:d3:d8:2e:04: 7c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:33:FD:DE:14:23:DF:3A:C8:90:C0:37:BA:B1:83:82:B0:18:5E:04 X509v3 Authority Key Identifier: keyid:E1:D9:5A:3C:BD:D9:20:29:AE:BE:1E:13:08:09:9E:62:49:CD:36:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:0f:48:29:c1:0a:55:b8:b5:7f:bf:74:3a:07:56:fb:93:02: b7:bb:af:48:de:69:df:c0:d6:96:7d:3b:9e:8d:30:bb:60:e8: 1d:58:19:a9:d0:d6:a3:d1:c9:d7:b1:b2:65:ad:8c:2e:15:f1: f6:90:58:cd:bc:eb:28:89:b3:49:cf:62:ca:57:47:19:95:6b: 8b:cc:ea:e5:aa:63:d1:69:19:e0:74:ce:db:4d:d0:ab:72:90: 38:10:d7:c7:0c:02:46:5e:15:6b:02:66:bc:d5:62:23:e1:a7: 9d:34:3b:6f:43:60:95:15:e3:3f:d3:a0:12:6b:64:b7:ca:f6: 92:1b:66:12:df:2f:eb:c7:5c:e2:a9:09:c6:70:a2:76:bf:29: 25:5d:38:97:f7:8d:46:c8:98:02:9e:79:74:33:5a:dd:40:54: 3b:8b:d8:b1:71:62:4d:a1:58:e1:71:ec:38:f5:de:81:a9:ec: 47:a7:5b:f0:bc:83:80:03:5e:04:c2:84:7d:5e:60:f2:e4:27: ed:aa:ea:07:9d:5f:c0:6d:d0:a0:ab:59:30:04:6b:7e:c8:3e: 30:01:9f:55:e2:2f:29:c2:94:78:70:c7:a0:0a:d7:5d:b1:42: f2:cb:7a:40:71:cb:3e:44:64:88:0a:9a:a1:91:25:e4:a1:04: 3d:b3:a5:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDQTExMTAvBgNVBAUTKEUxRDk1QTNDQkREOTIwMjlBRUJFMUUxMzA4MDk5RTYy NDlDRDM2MjQwHhcNMjUwNzAyMTk0MTE2WhcNMjUwNzA5MTk0MTE2WjAYMRYwFAYD VQQDEw02ODY1OGI1Yy02MTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAui/+Ca3J8FQwMk99kUX9/828rSpF40L8Kks5KiG0xXLwlYRzeawbEATe7kP3 04/aB+SaTP9p4JydSws+3Xl5+/97EOU3/jXrKMY8+2r5K4GVvFttGx7s3zHJ7t0z 3r8aSYFvY7M0UCjHXAlTZoLhkFPpt4xTeh1urjAKlrJTGcKOf2mjD69A1WCWa/GG DaFK3CcC1/SJGj8SfY7l79559flVA45etP1kqeFD7qkvIDMpZtPIcncClpYb8EBb 0hDeQ3glxTpSobVDTiQzjODJbncqTen5AmoEvUvRe8ErQZG0BUU2IPuuzllVysVm q1J+OQ2tTz3/oKECu9PYLgR8WQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHgz/d4U I986yJDAN7qxg4KwGF4EMB8GA1UdIwQYMBaAFOHZWjy92SAprr4eEwgJnmJJzTYk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENBMS83MDYzRTQyNDUy M0YxMUVBOEM5Q0YwMTZDNEY5QUUwMi80ZGxhUEwzWklDbXV2aDRUQ0FtZVlrbk5O aVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRkbGFQTDNaSUNtdXZoNFRDQW1lWWtuTk5pUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MENBMS83MDYzRTQyNDUyM0YxMUVBOEM5Q0YwMTZDNEY5QUUwMi80ZGxhUEwzWklD bXV2aDRUQ0FtZVlrbk5OaVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeD0gpwQpVuLV/v3Q6B1b7kwK3u69I3mnfwNaWfTuejTC7YOgdWBmp 0Naj0cnXsbJlrYwuFfH2kFjNvOsoibNJz2LKV0cZlWuLzOrlqmPRaRngdM7bTdCr cpA4ENfHDAJGXhVrAma81WIj4aedNDtvQ2CVFeM/06ASa2S3yvaSG2YS3y/rx1zi qQnGcKJ2vyklXTiX941GyJgCnnl0M1rdQFQ7i9ixcWJNoVjhcew49d6BqexHp1vw vIOAA14EwoR9XmDy5CftquoHnV/AbdCgq1kwBGt+yD4wAZ9V4i8pwpR4cMegCtdd sULyy3pAccs+RGSICpqhkSXkoQQ9s6XR -----END CERTIFICATE-----Generated at Wed Jul 2 23:29:11 2025 by rpki-client