$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: 7w2/hv/hGCB7/CuYXhi64JpDVQlBFWVS7SRgnjSAVM0= Subject key identifier: E7:52:11:0E:1B:C0:24:80:E4:75:B5:2C:0E:E4:19:DD:34:BF:A5:EC Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0504 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 04FA Signing time: Sat 28 Jun 2025 23:17:15 +0000 Manifest this update: Sat 28 Jun 2025 23:17:14 +0000 Manifest next update: Sat 05 Jul 2025 23:17:14 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: /PUtS/MIfgHLonsGtyS3DLyoB6Ia+ptisPpGsxLQlyI=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 23:17:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1284 (0x504) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Jun 28 23:17:14 2025 GMT Not After : Jul 5 23:17:14 2025 GMT Subject: CN=686077fb-fdd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b7:1b:2f:58:d8:2e:9d:d8:89:6b:f4:5c:14: c5:fe:a7:70:bd:d4:54:15:47:55:e0:6a:7d:32:21: d8:ef:f2:6a:c6:ad:3e:4e:9b:16:79:a5:2e:8d:8a: 85:13:9e:04:1f:f9:70:fa:9c:5b:b3:4b:8d:f2:8b: bd:8a:89:90:e6:50:27:6d:f6:17:91:f5:07:66:23: 3b:90:e9:45:38:5c:09:ff:93:35:2c:64:b6:c8:0e: 58:52:29:24:e2:89:a8:90:d5:ed:36:e7:b1:43:58: 0d:12:c7:d2:e2:fa:d1:6d:8b:b9:ac:0b:b0:ab:03: dd:cd:ec:ae:9f:b4:f5:88:95:3f:42:17:8d:ee:20: db:20:0a:3c:48:be:f0:b3:be:93:10:27:63:50:a8: c5:fc:25:3b:8c:31:9f:43:72:2e:45:d8:a9:4e:a9: 2e:94:f9:b1:b8:f4:f0:79:40:f4:55:01:c0:fc:9a: 3b:c1:3b:04:8b:aa:6f:db:b8:24:4d:13:75:cf:7c: 67:1e:37:57:52:66:6a:4d:45:a4:04:23:e7:fd:d9: 0c:48:ca:f2:58:df:4a:db:f0:bc:8a:64:59:a4:da: 4b:db:17:38:0f:bf:2c:35:6e:b6:93:1c:24:e8:6e: d5:70:4d:e4:ae:5b:73:3d:c4:98:0c:6e:76:a3:21: 10:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:52:11:0E:1B:C0:24:80:E4:75:B5:2C:0E:E4:19:DD:34:BF:A5:EC X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:02:39:96:59:45:6c:2e:63:b6:1e:c9:f5:9b:87:4f:81:a0: 26:fa:38:9f:b8:be:85:dc:fe:fb:9f:d5:78:60:a6:17:75:d5: a6:4c:bd:2f:8e:2f:ff:f1:33:ff:24:4d:2a:19:71:fb:d8:af: 4d:fc:a4:ee:d9:00:91:21:4d:92:98:d1:07:ae:35:9a:b1:ca: c2:41:60:b5:e7:df:a2:4e:d5:6e:6a:2a:98:a0:fc:5c:da:6e: b4:1c:25:5d:67:ec:bc:fe:15:cb:25:9b:0a:38:02:77:6a:ca: 24:d5:61:67:52:db:be:22:e7:f5:e0:ee:1c:24:2a:7a:85:f3: 30:21:57:76:5c:b4:ed:47:16:34:c7:08:49:e8:41:60:5b:1a: b5:9c:b4:cd:d2:27:7d:96:42:44:1e:eb:b1:b1:ae:b5:ed:4b: 67:f2:33:5b:3e:e4:2c:ec:df:c6:4a:4e:71:df:3d:5c:a1:03: 12:7e:69:14:89:fe:fd:ae:99:28:d5:0f:fe:db:26:84:6f:28: 44:bb:45:75:7e:a5:43:90:12:e4:ca:4f:f4:0e:cb:bf:89:6c: c8:b7:71:12:97:e0:0a:c5:a2:5a:93:2e:30:2f:c8:89:cf:e9: 64:c1:69:91:1f:24:94:c3:51:17:5b:69:84:7d:bc:a9:85:7d: 8f:06:0d:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwNjI4MjMxNzE0WhcNMjUwNzA1MjMxNzE0WjAYMRYwFAYD VQQDEw02ODYwNzdmYi1mZGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLcbL1jYLp3YiWv0XBTF/qdwvdRUFUdV4Gp9MiHY7/Jqxq0+TpsWeaUujYqF E54EH/lw+pxbs0uN8ou9iomQ5lAnbfYXkfUHZiM7kOlFOFwJ/5M1LGS2yA5YUikk 4omokNXtNuexQ1gNEsfS4vrRbYu5rAuwqwPdzeyun7T1iJU/QheN7iDbIAo8SL7w s76TECdjUKjF/CU7jDGfQ3IuRdipTqkulPmxuPTweUD0VQHA/Jo7wTsEi6pv27gk TRN1z3xnHjdXUmZqTUWkBCPn/dkMSMryWN9K2/C8imRZpNpL2xc4D78sNW62kxwk 6G7VcE3krltzPcSYDG52oyEQSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOdSEQ4b wCSA5HW1LA7kGd00v6XsMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwAjmWWUVsLmO2Hsn1m4dPgaAm+jifuL6F3P77n9V4YKYXddWmTL0v ji//8TP/JE0qGXH72K9N/KTu2QCRIU2SmNEHrjWascrCQWC159+iTtVuaiqYoPxc 2m60HCVdZ+y8/hXLJZsKOAJ3asok1WFnUtu+Iuf14O4cJCp6hfMwIVd2XLTtRxY0 xwhJ6EFgWxq1nLTN0id9lkJEHuuxsa617Utn8jNbPuQs7N/GSk5x3z1coQMSfmkU if79rpko1Q/+2yaEbyhEu0V1fqVDkBLkyk/0Dsu/iWzIt3ESl+AKxaJaky4wL8iJ z+lkwWmRHySUw1EXW2mEfbyphX2PBg3f -----END CERTIFICATE-----Generated at Mon Jun 30 20:28:53 2025 by rpki-client