$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft File: 5OTCQkd4XDQv81kH9-EcSrs5i4M.mft (raw, json) Hash identifier: f9aJnKRP6WsgeBkPPO7JfOLHjc0+A+48DfpQ/9wh6oQ= Subject key identifier: D9:D0:94:67:D3:8C:AC:57:4A:D0:A4:12:75:82:9B:B4:B3:E9:1C:88 Authority key identifier: E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 Certificate issuer: /CN=A91E85F1/serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft Manifest number: 34 Signing time: Thu 03 Jul 2025 07:55:01 +0000 Manifest this update: Thu 03 Jul 2025 07:55:00 +0000 Manifest next update: Thu 10 Jul 2025 07:55:00 +0000 Files and hashes: 1: 5OTCQkd4XDQv81kH9-EcSrs5i4M.crl (hash: +bpnarCEz1vV/nqFkZDsuIQJxiUhMqb8LGUhGVXv1DY=) 2: 212E0B520DFE11F0B266963AC4F9AE02.roa (hash: 44vHU0H/9/bs4kOPReZOgC2D0Y7H1F8Nu3vr76cFkxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Validity Not Before: Jul 3 07:55:00 2025 GMT Not After : Jul 10 07:55:00 2025 GMT Subject: CN=68663754-826f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:52:3a:9c:fe:f9:0b:97:78:02:cb:f3:d7:4f: 88:8c:20:79:51:87:3f:08:55:67:89:9f:24:e6:7c: 7c:fb:42:41:2b:31:dd:25:d7:05:42:64:b4:f8:d1: 53:b5:da:1b:c9:7a:24:c7:30:e3:1e:96:34:7e:8d: be:ed:ac:2c:35:1c:02:e9:51:11:b9:7f:54:e4:48: dd:3d:38:8e:99:ca:0f:0f:c1:6f:99:21:5b:c4:17: a0:42:05:26:37:91:fb:3a:c7:98:4d:5f:b2:9a:61: 18:6e:3b:1c:63:f0:9f:a8:86:b2:5c:95:ae:e5:64: c7:1b:c0:f5:0a:b0:bf:5f:1d:ca:24:e0:6d:31:d9: 79:4a:90:49:71:d0:0c:c7:20:52:8c:42:1a:d9:e9: 58:c5:0d:46:54:7f:40:22:a8:79:de:94:b9:d1:ce: 48:cf:a0:eb:a0:25:e4:32:7b:e7:83:a1:68:4c:9f: 4f:04:b8:35:78:a3:98:57:4a:10:df:13:25:94:fb: b6:8a:47:ca:a2:79:ff:e3:40:8f:6f:79:e1:05:30: 0c:75:a1:6e:c7:e3:2d:f2:ab:23:5b:35:5b:b7:8d: e5:c2:cc:cb:df:11:05:48:23:84:16:a8:cf:d6:9f: 34:3b:3f:26:18:aa:8e:be:40:1f:6f:43:a9:4f:53: 70:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:D0:94:67:D3:8C:AC:57:4A:D0:A4:12:75:82:9B:B4:B3:E9:1C:88 X509v3 Authority Key Identifier: keyid:E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:d9:f1:f9:59:66:0c:86:a3:eb:fa:f0:3a:8b:ca:09:30:35: 00:7d:c4:3e:92:ed:51:3a:5f:00:16:e6:90:58:47:cf:17:ef: 35:db:fc:af:93:ab:8f:80:b1:e4:83:0b:11:50:12:30:aa:5e: 07:98:07:4e:62:5d:99:cf:95:2c:a6:cb:0a:ba:20:52:95:05: db:20:d5:21:0a:d5:5e:d1:3b:65:5b:80:fd:c4:d2:92:00:ce: f4:bc:bb:71:86:52:7f:a1:fc:23:bd:18:ee:8e:65:ee:e8:12: ed:df:1a:3b:49:63:f0:84:d5:6e:2b:d5:3e:90:56:86:5f:8c: c1:44:d0:29:a0:0d:8d:e4:0c:b4:00:4b:71:97:e7:34:95:24: ea:8d:1e:a1:61:ab:2d:15:96:ce:5d:7f:af:de:99:0f:6a:9b: a8:31:65:8e:2f:78:68:ac:5a:62:7e:f6:dd:05:62:23:7d:75: 9b:ae:b2:4a:d2:1f:ff:dd:ca:9f:70:f4:46:06:ef:6d:bf:9b: 41:54:fc:8d:6f:76:29:49:d4:51:e9:ce:a6:3a:0f:4a:13:1f: ff:d9:07:2d:d2:bd:c6:b7:27:65:bb:3e:d3:72:12:7b:1f:66: 6c:15:32:7b:b1:93:3d:ab:21:2f:f7:e8:37:ce:8a:66:74:25: 6f:ca:f5:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoRTRFNEMyNDI0Nzc4NUMzNDJGRjM1OTA3RjdFMTFDNEFC QjM5OEI4MzAeFw0yNTA3MDMwNzU1MDBaFw0yNTA3MTAwNzU1MDBaMBgxFjAUBgNV BAMTDTY4NjYzNzU0LTgyNmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDUjqc/vkLl3gCy/PXT4iMIHlRhz8IVWeJnyTmfHz7QkErMd0l1wVCZLT40VO1 2hvJeiTHMOMeljR+jb7trCw1HALpURG5f1TkSN09OI6Zyg8PwW+ZIVvEF6BCBSY3 kfs6x5hNX7KaYRhuOxxj8J+ohrJcla7lZMcbwPUKsL9fHcok4G0x2XlKkElx0AzH IFKMQhrZ6VjFDUZUf0AiqHnelLnRzkjPoOugJeQye+eDoWhMn08EuDV4o5hXShDf EyWU+7aKR8qief/jQI9veeEFMAx1oW7H4y3yqyNbNVu3jeXCzMvfEQVII4QWqM/W nzQ7PyYYqo6+QB9vQ6lPU3BlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2dCUZ9OM rFdK0KQSdYKbtLPpHIgwHwYDVR0jBBgwFoAU5OTCQkd4XDQv81kH9+EcSrs5i4Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzYyMjA2MzNDMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERRdjgxa0g5LUVjU3JzNWk0 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNU9UQ1FrZDRYRFF2ODFrSDktRWNTcnM1aTRNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzYyMjA2MzNDMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERR djgxa0g5LUVjU3JzNWk0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACrZ8flZZgyGo+v68DqLygkwNQB9xD6S7VE6XwAW5pBYR88X7zXb/K+T q4+AseSDCxFQEjCqXgeYB05iXZnPlSymywq6IFKVBdsg1SEK1V7RO2VbgP3E0pIA zvS8u3GGUn+h/CO9GO6OZe7oEu3fGjtJY/CE1W4r1T6QVoZfjMFE0CmgDY3kDLQA S3GX5zSVJOqNHqFhqy0Vls5df6/emQ9qm6gxZY4veGisWmJ+9t0FYiN9dZuuskrS H//dyp9w9EYG722/m0FU/I1vdilJ1FHpzqY6D0oTH//ZBy3Svca3J2W7PtNyEnsf ZmwVMnuxkz2rIS/36DfOimZ0JW/K9bI= -----END CERTIFICATE-----Generated at Fri Jul 4 07:46:19 2025 by rpki-client