$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft File: z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json) Hash identifier: scWXCjDoU8Zd7gw7HFUHO8Mf3YhemIov1VgnlUCRbnQ= Subject key identifier: B4:33:13:E4:7E:F7:9F:D9:DB:45:5C:C1:13:74:82:86:EA:91:A1:43 Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE Certificate issuer: /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Certificate serial: 087B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft Manifest number: 0871 Signing time: Wed 02 Jul 2025 20:56:43 +0000 Manifest this update: Wed 02 Jul 2025 20:56:42 +0000 Manifest next update: Wed 09 Jul 2025 20:56:42 +0000 Files and hashes: 1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: vK+P1IDDKrKHVc3gdcxgjDTjFMk6ElndK+ZAYDm737o=) 2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: jP9WQeUuHByQOgvhcc4yViwwc1IsiLi4j4kFeZuXSLA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:56:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2171 (0x87b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Validity Not Before: Jul 2 20:56:42 2025 GMT Not After : Jul 9 20:56:42 2025 GMT Subject: CN=68659d0a-8ec7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e9:51:47:1f:11:98:54:c1:52:16:b6:a3:be: 50:bc:ee:19:4b:2e:b6:89:5a:93:77:33:77:48:24: 20:d0:66:4b:91:ec:35:12:17:c2:a6:fb:91:40:25: 09:9a:c3:c1:22:2b:80:e5:52:61:f0:44:0d:fd:cd: e7:7b:8f:a3:a3:2f:1f:70:42:d6:dd:4a:0a:9d:52: a2:42:86:a4:a1:d4:b7:e7:4f:58:64:e1:72:06:78: 4e:e1:e5:cb:69:84:ff:d8:97:f1:2a:26:e5:19:01: 74:d8:a2:44:db:20:7f:e4:66:df:1b:21:00:a0:4e: af:0a:6f:2a:9a:07:e1:32:00:3e:75:63:0b:85:37: 37:2b:88:11:03:44:17:5a:f8:bd:76:dd:e7:e7:47: 09:24:ea:f0:be:83:f7:00:d5:6d:14:89:61:37:cc: 43:42:93:5d:a6:a3:3f:82:6b:fa:9b:b3:e9:64:56: ce:00:dd:4b:b0:17:7e:03:1a:ed:55:96:02:a3:ac: 56:cd:71:47:03:95:4e:56:96:ec:d3:ce:c8:a2:8c: 78:c8:4a:6c:a9:f6:88:d3:69:80:c3:ac:bf:26:d4: c0:66:d0:58:a2:7b:3e:ef:9e:e5:3f:20:b9:24:11: 23:89:61:2e:43:90:91:3e:c4:04:72:d8:cc:65:85: 30:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:33:13:E4:7E:F7:9F:D9:DB:45:5C:C1:13:74:82:86:EA:91:A1:43 X509v3 Authority Key Identifier: keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:b2:51:70:d3:2d:40:7b:f6:ec:00:9d:27:20:46:2b:e7:fc: c3:9f:c3:0b:bc:98:fa:cd:10:25:df:4f:de:69:eb:24:42:05: ac:5e:1c:be:e8:32:53:e2:e9:73:af:5a:09:d4:2c:07:77:d5: 43:9d:8b:f3:b7:29:0e:5b:b0:95:a2:e5:d6:26:fc:85:02:fc: 91:f3:6b:2d:93:f8:89:02:9f:59:27:08:26:44:04:29:77:ad: fe:f6:2d:7f:29:c2:b9:96:66:dd:7a:5a:dd:18:bf:94:0b:ea: b8:25:9d:c9:03:da:64:e4:98:92:e1:ee:a3:7e:31:00:f0:ea: 0e:ce:9f:70:a9:fc:f6:46:5b:c4:b3:57:b9:9a:4f:8b:86:1e: 2f:ed:6e:f2:90:30:6d:7d:43:29:8c:da:f8:c4:81:40:a2:7d: d5:31:aa:b3:e9:c4:f0:e1:7f:8d:e5:11:3a:0f:11:ad:98:1f: 5b:25:cd:57:cd:c9:c2:27:14:eb:0b:a8:81:aa:9e:0d:ca:b8: aa:d5:cc:36:2e:28:ba:0f:fe:e9:1d:a9:04:7c:de:f9:10:ae: c1:3f:64:ee:fc:d0:fe:6d:bd:db:a4:85:f1:72:91:21:21:69: fd:7e:da:38:fb:a6:fb:53:30:cf:a9:ae:d4:37:d0:af:39:79: 9e:ce:4c:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3 MUNCQTQ3QUUwHhcNMjUwNzAyMjA1NjQyWhcNMjUwNzA5MjA1NjQyWjAYMRYwFAYD VQQDEw02ODY1OWQwYS04ZWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArulRRx8RmFTBUha2o75QvO4ZSy62iVqTdzN3SCQg0GZLkew1EhfCpvuRQCUJ msPBIiuA5VJh8EQN/c3ne4+joy8fcELW3UoKnVKiQoakodS3509YZOFyBnhO4eXL aYT/2JfxKiblGQF02KJE2yB/5GbfGyEAoE6vCm8qmgfhMgA+dWMLhTc3K4gRA0QX Wvi9dt3n50cJJOrwvoP3ANVtFIlhN8xDQpNdpqM/gmv6m7PpZFbOAN1LsBd+Axrt VZYCo6xWzXFHA5VOVpbs087Ioox4yEpsqfaI02mAw6y/JtTAZtBYons+757lPyC5 JBEjiWEuQ5CRPsQEctjMZYUwoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQzE+R+ 95/Z20VcwRN0gobqkaFDMB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4 MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoslFw0y1Ae/bsAJ0nIEYr5/zDn8MLvJj6zRAl30/eaeskQgWsXhy+ 6DJT4ulzr1oJ1CwHd9VDnYvztykOW7CVouXWJvyFAvyR82stk/iJAp9ZJwgmRAQp d63+9i1/KcK5lmbdelrdGL+UC+q4JZ3JA9pk5JiS4e6jfjEA8OoOzp9wqfz2RlvE s1e5mk+Lhh4v7W7ykDBtfUMpjNr4xIFAon3VMaqz6cTw4X+N5RE6DxGtmB9bJc1X zcnCJxTrC6iBqp4Nyriq1cw2Lii6D/7pHakEfN75EK7BP2Tu/ND+bb3bpIXxcpEh IWn9fto4+6b7UzDPqa7UN9CvOXmezkwy -----END CERTIFICATE-----Generated at Thu Jul 3 14:57:49 2025 by rpki-client