$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft File: BstI9X1UOpeC2KfJbaTh3tvDwws.mft (raw, json) Hash identifier: oWZDqK/p2IFnCafU7SIjTkLPbgg0hTRSiSx/+EMcEHI= Subject key identifier: EC:E4:A7:52:83:A7:2C:74:F2:F4:71:8C:9D:2E:F2:E9:94:32:A7:56 Authority key identifier: 06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B Certificate issuer: /CN=A91E2EFF/serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B Certificate serial: 0D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft Manifest number: 0C Signing time: Thu 03 Jul 2025 08:23:12 +0000 Manifest this update: Thu 03 Jul 2025 08:23:12 +0000 Manifest next update: Thu 10 Jul 2025 08:23:12 +0000 Files and hashes: 1: BstI9X1UOpeC2KfJbaTh3tvDwws.crl (hash: RTdrELo0Fuh2OFg8It8g6SYsEcovAXU3gzFFCQKyMnE=) 2: 3698C9BA484A11F0B96B9D10C4F9AE02.roa (hash: 3/VlviI5lXmsXT9HHGTTjCEqy33hQJaRKWakW7gYvqc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2EFF, serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B Validity Not Before: Jul 3 08:23:12 2025 GMT Not After : Jul 10 08:23:12 2025 GMT Subject: CN=68663df0-bae2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:6e:b5:81:14:27:c6:a2:cf:7a:1b:1d:51: 16:9c:a8:23:b0:39:48:bd:29:b6:c0:00:0a:d9:74: 47:94:f2:b1:2c:33:d6:97:fe:69:7f:2e:f4:4d:b2: 16:46:40:24:30:37:e9:22:cd:fd:38:56:24:0f:f3: 46:d2:b2:24:a8:68:f3:37:ad:ce:a5:f1:97:34:03: fd:9f:43:01:d2:57:ed:9b:d2:eb:11:da:70:f1:33: 68:1b:78:a0:ea:17:88:8d:8d:a1:9a:e5:b1:1a:6e: 34:09:92:54:43:93:3c:2e:ea:77:05:3f:9b:f6:f3: 5d:68:c8:5a:2a:21:a2:e8:45:cc:2a:ed:7d:f0:8a: d1:ab:78:88:d2:fb:da:d5:7f:1b:21:df:9b:43:31: 7c:7c:50:a1:c9:b3:4a:aa:19:94:96:57:9f:cc:49: 9c:c8:f5:69:57:ec:9e:e1:68:cb:dd:e3:b5:48:45: 7f:c7:5d:a2:8d:e0:ae:de:30:4d:29:82:aa:58:9c: b5:94:6c:68:22:48:b3:03:b7:18:58:eb:b0:78:1c: 41:47:ab:02:06:21:62:b6:6e:f6:d7:ec:88:56:51: a5:b3:e3:bd:2e:e7:b4:a1:e1:ff:6e:d5:5f:ac:3b: 37:29:fc:d4:44:27:df:e1:e4:24:b9:c5:c4:d3:d4: 3b:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:E4:A7:52:83:A7:2C:74:F2:F4:71:8C:9D:2E:F2:E9:94:32:A7:56 X509v3 Authority Key Identifier: keyid:06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:5d:49:88:ed:cd:bf:f5:0f:79:c6:85:3d:ea:0e:65:7e:df: dc:ee:a5:fc:c5:c6:14:69:40:67:6f:de:30:fc:12:12:4a:17: 19:4a:ea:23:1a:74:c0:dc:36:a2:49:4a:cd:60:f6:c8:66:ab: f0:3b:bb:ca:f2:f1:04:85:98:18:72:e0:4a:b3:c4:83:9a:b7: e4:da:8b:ed:32:ab:ad:69:16:63:fd:28:fb:97:00:76:b1:17: dc:14:fc:4b:26:4a:3d:5e:49:c9:80:e5:ee:6c:97:5c:19:87: 50:08:a2:60:3b:f3:a0:8f:36:57:25:bc:2a:b0:30:e5:7f:e5: 89:b6:93:5e:ce:c9:ad:c5:8e:f4:5b:97:11:d4:13:a7:72:cd: ec:00:a6:e4:b4:7b:c1:22:fd:1e:bf:ec:46:1e:41:a5:9d:ab: 46:af:b4:8c:c8:9c:48:fb:eb:45:c6:76:9b:39:34:3e:e3:e1: 40:d3:2f:61:74:0e:96:2b:06:73:e8:2c:ed:cd:09:e4:7f:be: 6f:e1:57:87:c3:28:8b:9b:e1:16:a7:2a:10:b4:91:76:6d:99: 8c:96:ff:c4:af:1a:c4:f4:41:ae:1e:9d:be:8a:d6:95:f0:4a: cb:f2:24:ef:c2:ea:93:f8:ba:a5:b0:9e:81:88:52:22:88:3b: 48:28:85:05 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MkVGRjExMC8GA1UEBRMoMDZDQjQ4RjU3RDU0M0E5NzgyRDhBN0M5NkRBNEUxREVE QkMzQzMwQjAeFw0yNTA3MDMwODIzMTJaFw0yNTA3MTAwODIzMTJaMBgxFjAUBgNV BAMTDTY4NjYzZGYwLWJhZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7iG61gRQnxqLPehsdURacqCOwOUi9KbbAAArZdEeU8rEsM9aX/ml/LvRNshZG QCQwN+kizf04ViQP80bSsiSoaPM3rc6l8Zc0A/2fQwHSV+2b0usR2nDxM2gbeKDq F4iNjaGa5bEabjQJklRDkzwu6ncFP5v2811oyFoqIaLoRcwq7X3witGreIjS+9rV fxsh35tDMXx8UKHJs0qqGZSWV5/MSZzI9WlX7J7haMvd47VIRX/HXaKN4K7eME0p gqpYnLWUbGgiSLMDtxhY67B4HEFHqwIGIWK2bvbX7IhWUaWz470u57Sh4f9u1V+s Ozcp/NREJ9/h5CS5xcTT1DvvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7OSnUoOn LHTy9HGMnS7y6ZQyp1YwHwYDVR0jBBgwFoAUBstI9X1UOpeC2KfJbaTh3tvDwwsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRUZGL0EzMTQ4NDdDNDg0 OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3BlQzJLZkpiYVRoM3R2RHd3 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQnN0STlYMVVPcGVDMktmSmJhVGgzdHZEd3dzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUy RUZGL0EzMTQ4NDdDNDg0OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3Bl QzJLZkpiYVRoM3R2RHd3cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJFdSYjtzb/1D3nGhT3qDmV+39zupfzFxhRpQGdv3jD8EhJKFxlK6iMa dMDcNqJJSs1g9shmq/A7u8ry8QSFmBhy4EqzxIOat+Tai+0yq61pFmP9KPuXAHax F9wU/EsmSj1eScmA5e5sl1wZh1AIomA786CPNlclvCqwMOV/5Ym2k17Oya3FjvRb lxHUE6dyzewApuS0e8Ei/R6/7EYeQaWdq0avtIzInEj760XGdps5ND7j4UDTL2F0 DpYrBnPoLO3NCeR/vm/hV4fDKIub4RanKhC0kXZtmYyW/8SvGsT0Qa4enb6K1pXw SsvyJO/C6pP4uqWwnoGIUiKIO0gohQU= -----END CERTIFICATE-----Generated at Thu Jul 3 23:33:58 2025 by rpki-client