$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: ospHzo3NebM7QgriMNS+O3VFv3ElQsTwULJkhNcAzwo= Subject key identifier: AA:F0:A1:8D:DE:52:C3:A6:DE:EC:1B:FE:72:95:D8:86:94:55:7C:7F Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 7F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 7D Signing time: Thu 03 Jul 2025 06:57:11 +0000 Manifest this update: Thu 03 Jul 2025 06:57:10 +0000 Manifest next update: Thu 10 Jul 2025 06:57:10 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: MHuJ8X3OTR6EGk9cU6P9m1Chk7zVWHXam4mxR3Id5Rw=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 127 (0x7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Jul 3 06:57:10 2025 GMT Not After : Jul 10 06:57:10 2025 GMT Subject: CN=686629c7-c8e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3c:b5:54:a3:01:92:99:80:5b:bf:ac:fb:21: 46:b2:4c:5e:bd:72:ba:14:3a:c2:d4:c8:17:ad:73: f6:37:82:d0:9f:f9:9a:47:d6:53:80:55:ab:a5:75: ba:b0:a6:a4:0e:a8:74:fd:40:1b:8a:a9:c4:70:ab: 84:69:57:9e:8e:4f:49:1c:d2:1e:e1:d0:36:99:f0: 15:81:cc:e6:31:6a:3e:e1:4e:50:2a:59:f1:9a:11: 77:95:72:9f:3b:06:dd:95:4d:a3:3b:4a:69:5c:dd: 68:8d:fe:39:0c:da:0c:69:92:81:3d:27:47:39:c0: 5f:44:9d:7e:96:ea:4a:58:95:63:23:e5:64:17:a3: a9:46:c9:1d:ad:d1:fa:17:ac:a2:6b:df:44:49:c2: 47:98:97:30:9d:93:5d:1e:9d:a0:ab:8a:1d:93:82: 53:1a:ed:11:57:8d:c9:22:20:6a:16:90:db:21:03: ee:0c:cc:13:ee:e0:6f:29:0e:e9:bc:19:c0:44:93: 99:a6:b6:80:8d:ea:64:bd:41:8d:e9:05:76:86:54: ce:a9:a6:e7:12:ef:2b:e1:7a:4a:d8:d2:e0:6e:aa: 1d:56:7c:83:2b:c9:9b:72:09:75:66:f5:29:b3:b9: 44:3a:f7:37:38:2b:bd:8e:0a:4e:b2:77:2e:c1:de: 03:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:F0:A1:8D:DE:52:C3:A6:DE:EC:1B:FE:72:95:D8:86:94:55:7C:7F X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:64:46:97:f5:fb:0b:22:a3:43:1b:c7:7c:e8:30:28:eb:93: 19:79:b0:bf:3a:34:5b:89:40:8a:5f:e2:c8:5f:b8:ff:83:28: e5:a2:14:d6:71:cc:f4:b7:91:8e:0c:b4:bb:47:10:56:dc:f2: dd:23:d4:41:e1:d5:84:e5:24:52:17:dd:84:bc:f9:5d:f1:94: b4:80:c6:70:be:35:b9:91:95:29:0b:51:31:a9:cf:f7:49:98: 8f:c4:ed:7e:d9:fe:39:28:85:99:ee:d0:1a:96:72:70:5d:77: 68:1c:26:ab:b5:20:62:cd:43:83:3c:b9:44:fd:fc:ca:ec:b0: 4c:fa:0d:31:65:06:09:5f:68:29:16:e4:d8:84:9c:2b:62:8b: 21:eb:16:f1:8c:06:2b:73:c3:55:d6:32:77:b6:cd:48:ad:14: 09:0e:5d:9c:57:c6:87:39:9e:d0:33:b9:dc:ac:de:84:43:cd: eb:d0:d7:31:5a:cb:56:9e:8e:50:0f:87:18:40:ae:60:37:9d: f0:0c:2e:e7:d0:f0:b6:2f:cf:72:e7:8c:64:73:d3:96:01:7b: 0c:1a:ee:ec:d5:fd:59:5a:c3:ac:f7:23:80:86:05:4a:fe:2c: bd:1e:95:cf:65:5a:72:99:c2:5a:15:7f:40:39:6f:bd:4e:f7: 1d:7a:1d:93 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA3MDMwNjU3MTBaFw0yNTA3MTAwNjU3MTBaMBgxFjAUBgNV BAMTDTY4NjYyOWM3LWM4ZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgPLVUowGSmYBbv6z7IUayTF69croUOsLUyBetc/Y3gtCf+ZpH1lOAVauldbqw pqQOqHT9QBuKqcRwq4RpV56OT0kc0h7h0DaZ8BWBzOYxaj7hTlAqWfGaEXeVcp87 Bt2VTaM7Smlc3WiN/jkM2gxpkoE9J0c5wF9EnX6W6kpYlWMj5WQXo6lGyR2t0foX rKJr30RJwkeYlzCdk10enaCrih2TglMa7RFXjckiIGoWkNshA+4MzBPu4G8pDum8 GcBEk5mmtoCN6mS9QY3pBXaGVM6ppucS7yvhekrY0uBuqh1WfIMryZtyCXVm9Smz uUQ69zc4K72OCk6ydy7B3gNrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUqvChjd5S w6be7Bv+cpXYhpRVfH8wHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD1kRpf1+wsio0Mbx3zoMCjrkxl5sL86NFuJQIpf4shfuP+DKOWiFNZx zPS3kY4MtLtHEFbc8t0j1EHh1YTlJFIX3YS8+V3xlLSAxnC+NbmRlSkLUTGpz/dJ mI/E7X7Z/jkohZnu0BqWcnBdd2gcJqu1IGLNQ4M8uUT9/MrssEz6DTFlBglfaCkW 5NiEnCtiiyHrFvGMBitzw1XWMne2zUitFAkOXZxXxoc5ntAzudys3oRDzevQ1zFa y1aejlAPhxhArmA3nfAMLufQ8LYvz3LnjGRz05YBewwa7uzV/Vlaw6z3I4CGBUr+ LL0elc9lWnKZwloVf0A5b71O9x16HZM= -----END CERTIFICATE-----Generated at Thu Jul 3 23:21:32 2025 by rpki-client