$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: Bb/e7I27b+IdFzxl5m+HW6CaLXcCT9i1RrTdzxJEiG8= Subject key identifier: 74:E5:7E:CF:75:95:4B:52:BE:53:B1:E8:13:D7:9E:0B:8A:59:C5:E3 Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 34A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 349F Signing time: Mon 30 Jun 2025 15:08:35 +0000 Manifest this update: Mon 30 Jun 2025 15:08:35 +0000 Manifest next update: Mon 07 Jul 2025 15:08:35 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: ypensJGrogOnA6fEemDYvWj6bBrjcRtACSjc5Z70bgY=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 15:08:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13476 (0x34a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Jun 30 15:08:35 2025 GMT Not After : Jul 7 15:08:35 2025 GMT Subject: CN=6862a873-2ee6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f9:50:f3:4e:44:4e:87:83:4b:99:f2:5c:d7: 18:63:a7:4d:97:e9:de:49:77:69:12:79:40:71:f3: d3:9b:71:f3:ff:2a:1e:36:3c:cb:29:9e:92:ba:4c: e4:1b:fe:fc:3b:fa:c5:08:fb:a9:40:92:bc:6e:f8: 05:56:17:e5:a7:02:f2:78:4f:d8:93:01:41:c3:72: b4:bb:15:51:43:da:1f:72:61:8f:f7:25:75:72:0d: 92:3b:91:3d:bb:ac:79:45:e8:23:af:35:99:76:8a: 64:4b:b4:c8:28:71:56:a7:c6:a2:99:b4:56:7a:a1: ac:c2:c7:25:8d:00:43:c8:98:57:2c:c2:f9:55:69: ad:33:58:10:9c:3e:24:35:a9:51:17:f9:ad:ae:5b: f2:0e:3b:59:3c:83:91:93:23:6c:5f:74:ae:08:52: f7:3d:92:37:d9:01:02:bf:b8:f1:23:9b:29:3b:68: 22:5c:0f:62:6e:3b:56:2b:8b:8c:d7:70:12:65:b5: d5:c4:32:80:38:7a:ed:48:23:40:a1:a6:0f:9e:a1: af:7d:83:c7:05:8e:91:2d:58:e7:76:18:ac:71:5d: dd:09:85:5d:6a:13:ca:60:9b:18:1c:01:83:8f:9a: 74:ee:b7:ac:63:e9:de:21:ab:d7:2a:99:6f:51:67: 92:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:E5:7E:CF:75:95:4B:52:BE:53:B1:E8:13:D7:9E:0B:8A:59:C5:E3 X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:9d:d6:6a:bf:3d:3b:aa:62:23:cb:28:06:bb:dc:58:d9:c5: f2:fa:4b:d3:78:66:d4:c8:22:b6:e1:80:41:f0:8f:84:fb:55: 68:44:bc:df:5e:91:16:53:d9:a4:e4:16:8c:aa:5b:5a:4e:1d: d6:ec:90:b1:36:f0:2c:b4:d2:40:8e:56:7b:cc:d0:f8:09:1c: 4f:78:42:b6:6d:fc:61:d9:8c:b6:2a:2e:c9:1f:12:4e:ac:c2: 7c:c8:a2:1f:4f:21:4f:34:10:45:1a:69:1b:0a:fb:22:07:8e: 09:76:9f:2d:36:1f:89:4d:ad:b3:0f:43:90:0f:41:94:86:ea: ca:00:17:9d:31:a7:f0:8e:c9:dd:82:27:dd:e9:98:41:ec:37: de:c7:65:88:37:80:50:1c:aa:87:2b:49:5a:88:53:b1:8e:b4: 1e:34:96:4e:04:18:49:6b:63:48:48:69:22:b5:aa:e7:dc:0d: 34:5c:9b:d7:d1:27:53:a7:ad:b3:f1:86:47:98:0b:af:05:b2: 5a:a8:6c:2e:d4:a1:6c:b5:30:0a:71:21:c2:f9:2c:ae:f9:a3: 31:f3:dd:6c:10:91:65:13:11:7f:23:f1:d4:e7:83:f9:6f:93: 67:54:7c:0a:d3:cf:f5:5d:23:bd:33:c7:0f:bf:2e:53:89:45: 88:6f:24:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNjMwMTUwODM1WhcNMjUwNzA3MTUwODM1WjAYMRYwFAYD VQQDEw02ODYyYTg3My0yZWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsflQ805EToeDS5nyXNcYY6dNl+neSXdpEnlAcfPTm3Hz/yoeNjzLKZ6Sukzk G/78O/rFCPupQJK8bvgFVhflpwLyeE/YkwFBw3K0uxVRQ9ofcmGP9yV1cg2SO5E9 u6x5RegjrzWZdopkS7TIKHFWp8aimbRWeqGswscljQBDyJhXLML5VWmtM1gQnD4k NalRF/mtrlvyDjtZPIORkyNsX3SuCFL3PZI32QECv7jxI5spO2giXA9ibjtWK4uM 13ASZbXVxDKAOHrtSCNAoaYPnqGvfYPHBY6RLVjndhiscV3dCYVdahPKYJsYHAGD j5p07resY+neIavXKplvUWeSbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHTlfs91 lUtSvlOx6BPXnguKWcXjMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKndZqvz07qmIjyygGu9xY2cXy+kvTeGbUyCK24YBB8I+E+1VoRLzf XpEWU9mk5BaMqltaTh3W7JCxNvAstNJAjlZ7zND4CRxPeEK2bfxh2Yy2Ki7JHxJO rMJ8yKIfTyFPNBBFGmkbCvsiB44Jdp8tNh+JTa2zD0OQD0GUhurKABedMafwjsnd gifd6ZhB7Dfex2WIN4BQHKqHK0laiFOxjrQeNJZOBBhJa2NISGkitarn3A00XJvX 0SdTp62z8YZHmAuvBbJaqGwu1KFstTAKcSHC+Syu+aMx891sEJFlExF/I/HU54P5 b5NnVHwK08/1XSO9M8cPvy5TiUWIbySj -----END CERTIFICATE-----Generated at Tue Jul 1 12:31:58 2025 by rpki-client