$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.mft File: lQJWKPFDQQRhRqwgujJGFEYanMM.mft (raw, json) Hash identifier: CJg8qYNE+mXTAlZlw8sGVuxbS0qa78yz5vJjS58glOc= Subject key identifier: 20:9E:B7:1B:E6:B2:E8:BB:EC:09:EA:57:8E:84:E0:FE:09:77:DC:A3 Authority key identifier: 95:02:56:28:F1:43:41:04:61:46:AC:20:BA:32:46:14:46:1A:9C:C3 Certificate issuer: /CN=A91E5A9F/serialNumber=95025628F14341046146AC20BA324614461A9CC3 Certificate serial: 068F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQJWKPFDQQRhRqwgujJGFEYanMM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.mft Manifest number: 11D1 Signing time: Sat 28 Jun 2025 16:59:28 +0000 Manifest this update: Sat 28 Jun 2025 16:59:28 +0000 Manifest next update: Sat 05 Jul 2025 16:59:27 +0000 Files and hashes: 1: lQJWKPFDQQRhRqwgujJGFEYanMM.crl (hash: ajBiDQJwRzPfH291SwyBYgPTrtccetbCfApMBFcOSIc=) 2: E4BB55347C4E11EBB889AF7EC4F9AE02.roa (hash: j4Rp5D2+LCtQywvaF1YDJd+cLnUdbw+y2x0d8ZW0p8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.crl rsync://rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQJWKPFDQQRhRqwgujJGFEYanMM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 16:59:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1679 (0x68f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5A9F, serialNumber=95025628F14341046146AC20BA324614461A9CC3 Validity Not Before: Jun 28 16:59:28 2025 GMT Not After : Jul 5 16:59:27 2025 GMT Subject: CN=68601f70-9be5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b8:65:f3:e2:2a:2b:05:10:3d:7f:9b:a8:04: 2c:d0:51:71:93:a8:12:17:21:a3:2d:1a:88:2e:46: 6a:42:8c:fc:8c:a3:44:a8:92:e6:16:a1:7a:42:3e: 59:ac:d3:8c:1e:d4:ac:c3:82:71:58:a5:bf:c1:3d: 16:46:ab:1a:04:30:cd:14:d7:3d:ad:29:22:7e:ed: 58:a6:f2:b0:46:31:75:b2:23:1d:bc:1b:62:04:9d: 0b:3a:02:12:14:93:e2:25:d8:53:6f:24:90:0e:e0: 34:82:0b:0c:fc:0c:c3:20:6f:59:13:73:23:d7:eb: 37:61:26:59:6f:29:e9:4b:f5:c7:c1:94:a2:15:02: 95:6f:40:f5:af:b4:5c:c5:72:53:c2:a7:ac:2c:1d: 9f:81:49:0c:67:f4:f2:39:95:14:18:40:2a:6f:1b: a3:d0:47:b1:ef:dc:18:35:8f:93:89:1d:a0:dc:53: cf:22:0f:ff:d7:66:aa:a7:a2:7b:b1:33:35:47:a6: 6b:d9:5a:0f:56:6a:78:7c:66:79:f7:0a:dd:c2:16: 67:c5:84:73:bf:2b:a2:ce:64:92:c8:2e:5f:e1:a0: 46:f3:43:73:7f:24:b0:fd:d9:34:a4:d5:08:20:99: ff:90:11:1f:b6:a4:41:e7:5b:7d:b3:f3:6d:5e:97: 9e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:9E:B7:1B:E6:B2:E8:BB:EC:09:EA:57:8E:84:E0:FE:09:77:DC:A3 X509v3 Authority Key Identifier: keyid:95:02:56:28:F1:43:41:04:61:46:AC:20:BA:32:46:14:46:1A:9C:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQJWKPFDQQRhRqwgujJGFEYanMM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5A9F/6736F334E33A11E886117780C4F9AE02/lQJWKPFDQQRhRqwgujJGFEYanMM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:95:56:5f:5f:ab:17:87:e1:6f:1f:0a:95:3d:be:30:01:e6: bf:c4:cc:b3:3e:41:b6:4c:43:6c:1f:5c:f2:bb:0b:0e:54:cf: 0d:95:f1:7e:13:14:25:b5:97:5c:c5:26:7e:7d:76:1a:46:32: 29:92:50:eb:68:e1:e1:dd:37:0f:52:68:8a:f5:fb:ea:2e:4d: c8:e9:53:3f:a3:07:e0:20:3d:8f:e7:71:d3:27:63:20:4d:a6: ee:9d:75:bb:6f:00:18:fc:85:0d:c2:fa:4d:fb:93:eb:71:e8: 89:82:99:01:a3:51:ea:31:b2:e4:e9:cd:5d:f2:50:b6:48:40: 32:f4:40:cb:0d:ba:01:c2:99:32:d8:c6:7d:c4:c6:ea:80:f7: 2d:cd:b0:9a:d8:c3:4d:40:c8:1a:d1:0e:6e:e5:61:a0:ce:29: d2:f6:55:84:ed:a1:0e:61:e6:22:b7:d4:22:2e:f0:f8:94:0f: 37:ac:95:d9:0f:de:ff:86:8f:b2:39:37:84:82:c5:73:8e:a2: 79:f2:80:bb:bf:8b:8b:a9:15:3a:cb:c1:3e:7a:d8:5e:ab:f5: 12:34:54:a0:31:da:c6:d8:40:ed:25:a4:bc:36:12:7d:ad:ec: 7d:be:18:6f:44:dd:12:46:b6:d7:17:82:2d:87:59:29:8e:2c: 63:cc:fc:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVBOUYxMTAvBgNVBAUTKDk1MDI1NjI4RjE0MzQxMDQ2MTQ2QUMyMEJBMzI0NjE0 NDYxQTlDQzMwHhcNMjUwNjI4MTY1OTI4WhcNMjUwNzA1MTY1OTI3WjAYMRYwFAYD VQQDEw02ODYwMWY3MC05YmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7hl8+IqKwUQPX+bqAQs0FFxk6gSFyGjLRqILkZqQoz8jKNEqJLmFqF6Qj5Z rNOMHtSsw4JxWKW/wT0WRqsaBDDNFNc9rSkifu1YpvKwRjF1siMdvBtiBJ0LOgIS FJPiJdhTbySQDuA0ggsM/AzDIG9ZE3Mj1+s3YSZZbynpS/XHwZSiFQKVb0D1r7Rc xXJTwqesLB2fgUkMZ/TyOZUUGEAqbxuj0Eex79wYNY+TiR2g3FPPIg//12aqp6J7 sTM1R6Zr2VoPVmp4fGZ59wrdwhZnxYRzvyuizmSSyC5f4aBG80NzfySw/dk0pNUI IJn/kBEftqRB51t9s/NtXpeeqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCCetxvm sui77AnqV46E4P4Jd9yjMB8GA1UdIwQYMBaAFJUCVijxQ0EEYUasILoyRhRGGpzD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUE5Ri82NzM2RjMzNEUz M0ExMUU4ODYxMTc3ODBDNEY5QUUwMi9sUUpXS1BGRFFRUmhScXdndWpKR0ZFWWFu TU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xRSldLUEZEUVFSaFJxd2d1akpHRkVZYW5NTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUE5Ri82NzM2RjMzNEUzM0ExMUU4ODYxMTc3ODBDNEY5QUUwMi9sUUpXS1BGRFFR UmhScXdndWpKR0ZFWWFuTU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVlVZfX6sXh+FvHwqVPb4wAea/xMyzPkG2TENsH1zyuwsOVM8NlfF+ ExQltZdcxSZ+fXYaRjIpklDraOHh3TcPUmiK9fvqLk3I6VM/owfgID2P53HTJ2Mg TabunXW7bwAY/IUNwvpN+5PrceiJgpkBo1HqMbLk6c1d8lC2SEAy9EDLDboBwpky 2MZ9xMbqgPctzbCa2MNNQMga0Q5u5WGgzinS9lWE7aEOYeYit9QiLvD4lA83rJXZ D97/ho+yOTeEgsVzjqJ58oC7v4uLqRU6y8E+etheq/USNFSgMdrG2EDtJaS8NhJ9 rex9vhhvRN0SRrbXF4Ith1kpjixjzPyx -----END CERTIFICATE-----Generated at Sun Jun 29 12:09:16 2025 by rpki-client