$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: l7+gic3NV2IWk8sIwrH+cqhQTST4MsACEQxObSRAdBA= Subject key identifier: BF:A0:01:3C:A6:08:B5:6C:F5:FA:30:92:C8:06:7D:CF:E8:6A:77:C7 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DB9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0D7F Signing time: Wed 02 Jul 2025 18:13:06 +0000 Manifest this update: Wed 02 Jul 2025 18:13:05 +0000 Manifest next update: Wed 09 Jul 2025 18:13:05 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: BW0HleglAP6VczWvIJkMKa1hWGwBLItWaWomK1S7E3c=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:13:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3513 (0xdb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Jul 2 18:13:05 2025 GMT Not After : Jul 9 18:13:05 2025 GMT Subject: CN=686576b1-f0b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ea:a0:d9:b7:05:33:ac:32:bc:9f:b3:5b:94: fd:d8:74:c2:af:59:f2:ec:b8:93:e9:d7:96:bd:27: a2:c5:00:12:e6:93:46:d1:2a:8f:2c:63:21:6f:ca: e0:25:25:b0:d3:12:63:0e:50:94:24:bd:58:38:34: 0f:a8:a7:c1:bd:30:c2:b9:2b:0e:3e:85:89:18:2e: 3f:d4:84:ca:ef:88:29:dd:3b:4c:fc:0c:5d:24:33: e8:0d:49:ec:fe:3a:09:dd:9c:08:d0:8d:22:8e:39: 39:a6:3e:21:09:6a:98:a1:64:63:16:51:d8:c7:ab: 28:94:0b:e3:61:f4:0b:bb:74:30:9e:0d:a6:4f:8f: bf:97:ae:62:33:71:7b:a6:9f:a8:ce:67:ed:13:c7: c0:ad:14:a6:9f:80:74:53:96:0b:31:2d:52:43:20: 0d:1c:24:4b:fd:35:ab:a5:38:4a:11:d3:1c:bf:81: da:2b:33:67:a8:b8:4c:4d:90:c4:3d:59:ca:d3:fa: 53:8d:07:c5:a6:67:ee:f6:6e:5f:3d:0f:5a:27:5f: a5:43:3f:10:a0:07:a1:b1:30:db:27:7f:c3:a6:89: 61:c9:0b:9d:ce:69:65:d2:18:dd:27:c2:d7:32:b4: e9:84:fb:85:52:9d:ad:5d:32:8d:9e:6e:ce:bb:25: 3e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:A0:01:3C:A6:08:B5:6C:F5:FA:30:92:C8:06:7D:CF:E8:6A:77:C7 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:99:51:7f:07:5f:4c:e5:36:5b:45:f9:a2:ec:1a:67:af:4b: ed:92:86:db:f0:79:6e:ba:26:ea:40:26:a5:5b:37:88:a1:db: e1:55:f1:fb:8b:1a:91:36:0d:1a:60:bc:62:b6:d5:21:4f:e5: 9d:d3:f6:de:e6:b8:4e:a7:f7:55:ea:d4:7e:1b:00:26:47:64: e4:11:6d:0d:64:3c:df:57:01:48:03:d8:24:90:3a:bf:8d:ab: a6:a4:44:35:34:1b:e0:55:f0:ba:4a:86:63:77:c0:c4:44:b1: 98:1a:f6:92:c5:b8:a6:d0:01:01:0c:69:8e:62:10:e2:33:0c: b1:c6:77:ca:8d:f1:c9:47:37:d5:2e:32:ba:d0:2e:1e:cd:bd: 14:9f:ea:09:48:bf:d8:44:e2:3e:47:b2:7a:de:19:7b:a8:12: cd:d6:d0:34:00:5b:32:a7:d1:d9:79:92:41:35:f7:26:ec:56: 6d:71:0e:46:d1:70:a6:a3:2b:36:bd:77:41:cc:90:ab:7d:0d: 6e:1b:47:e4:99:25:8e:03:46:3b:f6:4b:fe:33:bf:ae:ac:a5: 9d:22:3e:f9:92:f5:32:53:9e:03:1b:24:d8:c1:63:b9:bd:71: 5f:ba:3b:72:b0:c0:da:e0:27:20:81:31:2f:0d:10:48:4e:03: 72:44:8c:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUwNzAyMTgxMzA1WhcNMjUwNzA5MTgxMzA1WjAYMRYwFAYD VQQDEw02ODY1NzZiMS1mMGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAveqg2bcFM6wyvJ+zW5T92HTCr1ny7LiT6deWvSeixQAS5pNG0SqPLGMhb8rg JSWw0xJjDlCUJL1YODQPqKfBvTDCuSsOPoWJGC4/1ITK74gp3TtM/AxdJDPoDUns /joJ3ZwI0I0ijjk5pj4hCWqYoWRjFlHYx6solAvjYfQLu3Qwng2mT4+/l65iM3F7 pp+ozmftE8fArRSmn4B0U5YLMS1SQyANHCRL/TWrpThKEdMcv4HaKzNnqLhMTZDE PVnK0/pTjQfFpmfu9m5fPQ9aJ1+lQz8QoAehsTDbJ3/DpolhyQudzmll0hjdJ8LX MrTphPuFUp2tXTKNnm7OuyU+zwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL+gATym CLVs9fowksgGfc/oanfHMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrmVF/B19M5TZbRfmi7Bpnr0vtkobb8HluuibqQCalWzeIodvhVfH7 ixqRNg0aYLxittUhT+Wd0/be5rhOp/dV6tR+GwAmR2TkEW0NZDzfVwFIA9gkkDq/ jaumpEQ1NBvgVfC6SoZjd8DERLGYGvaSxbim0AEBDGmOYhDiMwyxxnfKjfHJRzfV LjK60C4ezb0Un+oJSL/YROI+R7J63hl7qBLN1tA0AFsyp9HZeZJBNfcm7FZtcQ5G 0XCmoys2vXdBzJCrfQ1uG0fkmSWOA0Y79kv+M7+urKWdIj75kvUyU54DGyTYwWO5 vXFfujtysMDa4CcggTEvDRBITgNyRIzU -----END CERTIFICATE-----Generated at Thu Jul 3 14:15:46 2025 by rpki-client