$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft File: lFlKrsbtZqaAoVv-tc2leC1MLYg.mft (raw, json) Hash identifier: b6/rkVMb469D9kePn471RJGNJC3Fjo/Kz9fccsSjqMk= Subject key identifier: 94:C8:89:E4:D6:03:A0:EE:CC:1F:F0:5A:DD:6A:78:77:90:55:1A:AF Authority key identifier: 94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 Certificate issuer: /CN=A91E2EF9/serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Certificate serial: AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft Manifest number: A6 Signing time: Tue 01 Jul 2025 06:56:42 +0000 Manifest this update: Tue 01 Jul 2025 06:56:42 +0000 Manifest next update: Tue 08 Jul 2025 06:56:42 +0000 Files and hashes: 1: lFlKrsbtZqaAoVv-tc2leC1MLYg.crl (hash: l4aF4WTFJM+TkOqzRJAEGeOTQWXjfC2H2YQ1qNZkidc=) 2: D926DBDA605211EF90C2C621C4F9AE02.roa (hash: Cl2PJo7826qehYKKSG2/VdHV6kV/QSQl5KdRQS87oS0=) 3: E7C7DBF8A0E411EF98A7340EC4F9AE02.roa (hash: 7jEw+cOkWTAknu5PcBj2MNehVkDO0rbITl2EdNIaO7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 06:56:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2EF9, serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Validity Not Before: Jul 1 06:56:42 2025 GMT Not After : Jul 8 06:56:42 2025 GMT Subject: CN=686386aa-a942 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4c:73:d4:76:5e:38:da:78:0d:d4:33:5a:10: 93:1a:4a:67:1e:db:88:82:58:fe:74:37:17:78:23: 85:38:6a:b1:ac:09:ec:f7:51:90:bd:d9:09:81:04: ba:80:d0:ca:04:2c:d3:ee:8c:6c:e8:e6:84:6f:2e: bc:c9:7b:2e:09:fc:1b:f0:e8:8b:d2:f4:52:01:59: ac:3a:d1:a8:3a:03:f5:65:ca:82:d8:d6:62:12:8a: 47:11:4a:06:9e:b1:e0:d2:fc:0e:1c:f0:69:9f:8e: 5e:21:ef:66:e2:1e:82:b5:48:d0:64:04:82:36:57: ca:fb:c7:ad:e5:92:56:af:8a:ea:e4:20:f4:79:6b: ea:d7:4b:17:ab:2e:a2:f8:34:15:98:37:50:11:8a: c6:79:e3:06:57:34:76:1c:1a:e2:9a:a6:95:fb:3f: b3:48:5d:a7:c4:32:a6:c3:82:ed:6e:35:b5:bc:d8: 18:33:25:b0:db:3c:1b:bf:fe:88:59:5b:bc:41:ae: fa:64:19:2b:b2:c6:e4:3c:9a:d3:b7:cd:64:a9:21: c2:7d:c5:56:cc:17:41:10:ae:fb:77:d1:98:0b:f2: 7a:6b:10:3d:8f:8a:a6:94:6a:84:5f:67:16:dd:f5: e8:f6:e9:cb:f0:89:0b:b3:df:9d:02:65:d5:fd:d9: 57:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:C8:89:E4:D6:03:A0:EE:CC:1F:F0:5A:DD:6A:78:77:90:55:1A:AF X509v3 Authority Key Identifier: keyid:94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:d0:df:17:05:b1:ae:45:7b:e2:da:e2:2c:43:fd:1d:13:60: b4:02:15:75:35:42:97:0a:52:38:72:00:f3:f0:f6:62:85:af: dd:ac:72:b2:c7:81:d6:4e:16:53:49:02:ec:55:1d:c6:5e:16: 96:60:3e:86:e6:8f:02:be:a1:9c:fe:c1:91:d7:ab:e9:14:86: fe:b3:48:06:c4:a2:29:b2:ba:3e:8b:7e:ee:f0:67:5f:b9:8f: c8:e0:f3:e0:3a:0e:f4:d0:fd:9b:10:6c:53:e7:17:39:38:c9: 1b:79:1f:07:61:9a:b8:81:1c:b1:65:9f:55:0a:b8:87:4d:d2: 8e:9f:20:c2:12:e9:7d:9d:05:7c:68:10:1e:98:06:95:c9:ef: 42:de:c8:be:68:07:9c:65:18:77:38:a4:07:59:9a:22:2d:64: eb:47:24:a0:13:93:c7:2e:ec:d1:2c:95:32:ff:10:69:86:ee: 28:b6:c0:bf:fd:73:62:6c:ba:75:a0:a4:90:63:92:95:19:76: a1:fa:48:3d:0a:09:fa:f3:6d:04:c4:2a:4e:18:8e:78:27:8f: 52:fb:2d:a0:79:61:66:d8:f6:d5:8f:ca:3b:c3:82:07:9b:36: 62:19:d9:d4:a7:bf:2f:8a:32:0a:c0:ca:39:d0:eb:cd:73:f8: 8c:c9:97:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJFRjkxMTAvBgNVBAUTKDk0NTk0QUFFQzZFRDY2QTY4MEExNUJGRUI1Q0RBNTc4 MkQ0QzJEODgwHhcNMjUwNzAxMDY1NjQyWhcNMjUwNzA4MDY1NjQyWjAYMRYwFAYD VQQDEw02ODYzODZhYS1hOTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAukxz1HZeONp4DdQzWhCTGkpnHtuIglj+dDcXeCOFOGqxrAns91GQvdkJgQS6 gNDKBCzT7oxs6OaEby68yXsuCfwb8OiL0vRSAVmsOtGoOgP1ZcqC2NZiEopHEUoG nrHg0vwOHPBpn45eIe9m4h6CtUjQZASCNlfK+8et5ZJWr4rq5CD0eWvq10sXqy6i +DQVmDdQEYrGeeMGVzR2HBrimqaV+z+zSF2nxDKmw4LtbjW1vNgYMyWw2zwbv/6I WVu8Qa76ZBkrssbkPJrTt81kqSHCfcVWzBdBEK77d9GYC/J6axA9j4qmlGqEX2cW 3fXo9unL8IkLs9+dAmXV/dlXkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJTIieTW A6DuzB/wWt1qeHeQVRqvMB8GA1UdIwQYMBaAFJRZSq7G7WamgKFb/rXNpXgtTC2I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkVGOS84MDRENkJGMDYw NTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpxYUFvVnYtdGMybGVDMU1M WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xGbEtyc2J0WnFhQW9Wdi10YzJsZUMxTUxZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkVGOS84MDRENkJGMDYwNTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpx YUFvVnYtdGMybGVDMU1MWWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBn0N8XBbGuRXvi2uIsQ/0dE2C0AhV1NUKXClI4cgDz8PZiha/drHKy x4HWThZTSQLsVR3GXhaWYD6G5o8CvqGc/sGR16vpFIb+s0gGxKIpsro+i37u8Gdf uY/I4PPgOg700P2bEGxT5xc5OMkbeR8HYZq4gRyxZZ9VCriHTdKOnyDCEul9nQV8 aBAemAaVye9C3si+aAecZRh3OKQHWZoiLWTrRySgE5PHLuzRLJUy/xBphu4otsC/ /XNibLp1oKSQY5KVGXah+kg9Cgn6820ExCpOGI54J49S+y2geWFm2PbVj8o7w4IH mzZiGdnUp78vijIKwMo50OvNc/iMyZdL -----END CERTIFICATE-----Generated at Wed Jul 2 19:18:03 2025 by rpki-client