$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft File: iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft (raw, json) Hash identifier: Ydsa/slsS2tWvv+CEkU+PiinvmPyfVRlkhjwWDSjc6Q= Subject key identifier: 99:51:BD:2A:12:60:D3:CB:47:BB:27:46:08:FC:2E:22:32:9A:15:68 Authority key identifier: 89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 Certificate issuer: /CN=A91ECE62/serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Certificate serial: 016C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft Manifest number: 0168 Signing time: Thu 03 Jul 2025 04:01:36 +0000 Manifest this update: Thu 03 Jul 2025 04:01:36 +0000 Manifest next update: Thu 10 Jul 2025 04:01:36 +0000 Files and hashes: 1: iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl (hash: pf2SfHKGCBRJsrhSQjGeIOQLeo98W0IgVb7GGV/QJLM=) 2: 047E1E9C341C11EE84F4D52CC4F9AE02.roa (hash: rbEk2KoFtT0uaq48+jo8FPtXO3/HKOrBaUxyg4fgBYU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 364 (0x16c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ECE62, serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Validity Not Before: Jul 3 04:01:36 2025 GMT Not After : Jul 10 04:01:36 2025 GMT Subject: CN=686600a0-9e25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:8b:38:90:37:04:7a:93:f2:72:77:90:19:9d: fa:e7:5d:c8:5f:d0:8e:6d:39:7a:cd:92:84:52:2c: 92:25:2b:a3:5d:e8:a3:7b:eb:3f:8f:f1:93:63:a9: aa:98:c8:ab:42:37:74:c3:5b:1e:56:d0:57:0e:cf: a1:fd:97:e2:b4:81:9b:f5:28:cb:24:11:9b:6b:a5: dc:6f:80:39:eb:49:cd:2a:a2:d3:b9:f8:5d:a9:f1: 67:4e:2b:ae:c6:09:a6:6c:46:9f:96:ae:19:0b:9f: a4:b9:b2:39:d0:8e:1b:3f:1f:f1:16:34:c8:66:b9: 11:0c:2c:c8:ff:53:38:0f:d5:2e:81:43:48:9b:ec: 5f:1e:6d:3c:32:aa:14:a2:cf:d0:46:85:13:02:6d: 37:f7:e1:de:de:d7:53:70:38:0b:bf:d7:f8:36:e1: d3:27:93:52:74:59:27:b7:e8:60:fe:ef:a1:a2:7c: a7:41:b6:5b:8e:a8:67:4e:3a:ae:8f:76:65:d2:eb: 7b:3a:66:ba:e0:79:d0:2f:8f:c5:8d:9e:47:01:e8: 21:0a:83:f2:13:58:93:4c:bc:d3:99:61:08:3a:54: 55:fc:02:2f:e2:4c:ee:8f:88:df:c3:a1:ae:28:d9: ad:b2:fe:f1:a9:58:97:b8:de:31:9c:a3:1c:29:26: 7c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:51:BD:2A:12:60:D3:CB:47:BB:27:46:08:FC:2E:22:32:9A:15:68 X509v3 Authority Key Identifier: keyid:89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:e3:c0:95:49:0e:b4:14:bd:b0:8a:4b:ac:de:24:99:12:43: fe:dd:2c:a7:62:11:a6:fb:07:eb:2b:d1:c0:1c:f6:ee:4f:b1: 11:4e:33:92:da:5e:fc:25:30:37:0d:44:8a:54:28:42:52:e5: cf:cc:1c:64:9f:66:22:ff:47:a1:df:56:cf:96:22:ee:ea:cc: 49:1c:22:50:89:f3:7c:49:14:2f:d9:fe:71:e7:87:54:31:0d: 06:77:e0:ef:59:2b:26:8f:eb:48:6a:6b:05:61:9a:ac:45:44: ca:79:7f:2c:c1:3d:58:9f:2c:97:f4:80:24:77:fe:e8:b0:58: 67:7b:9f:34:a3:d5:1f:b5:b7:f1:1f:e0:1a:7a:2b:82:e4:88: 3e:33:be:b2:75:d4:a8:dc:7f:e6:e8:6d:41:0a:66:7b:0a:28: a3:2d:ea:77:b3:a2:9e:a0:93:06:a1:66:a4:2f:fc:61:8f:91: 75:a5:72:67:09:1a:a7:f0:6c:2f:88:95:ff:75:09:85:b0:83: a5:3f:d8:16:c7:b8:c0:0c:32:f5:bf:24:d4:97:d5:b9:a3:8c: 50:3d:7b:9b:97:e0:1e:cd:39:0a:31:3f:0b:9e:75:4a:86:9a: ef:23:e4:71:5d:4b:7f:db:92:f8:2a:85:4b:a8:3e:d7:44:ad: 54:08:f5:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUNFNjIxMTAvBgNVBAUTKDg5MDI3ODkwMDMzRDVENjIzQkQ0RTQzOTg2RTg4MEY2 QUIxMzg0OTQwHhcNMjUwNzAzMDQwMTM2WhcNMjUwNzEwMDQwMTM2WjAYMRYwFAYD VQQDEw02ODY2MDBhMC05ZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz4s4kDcEepPycneQGZ36513IX9CObTl6zZKEUiySJSujXeije+s/j/GTY6mq mMirQjd0w1seVtBXDs+h/ZfitIGb9SjLJBGba6Xcb4A560nNKqLTufhdqfFnTiuu xgmmbEaflq4ZC5+kubI50I4bPx/xFjTIZrkRDCzI/1M4D9UugUNIm+xfHm08MqoU os/QRoUTAm039+He3tdTcDgLv9f4NuHTJ5NSdFknt+hg/u+honynQbZbjqhnTjqu j3Zl0ut7Oma64HnQL4/FjZ5HAeghCoPyE1iTTLzTmWEIOlRV/AIv4kzuj4jfw6Gu KNmtsv7xqViXuN4xnKMcKSZ8jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJlRvSoS YNPLR7snRgj8LiIymhVoMB8GA1UdIwQYMBaAFIkCeJADPV1iO9TkOYbogParE4SU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0U2Mi8yMUQ1Q0NERTM0 MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhXSTcxT1E1aHVpQTlxc1Ro SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lRSjRrQU05WFdJNzFPUTVodWlBOXFzVGhKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Q0U2Mi8yMUQ1Q0NERTM0MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhX STcxT1E1aHVpQTlxc1RoSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCp48CVSQ60FL2wikus3iSZEkP+3SynYhGm+wfrK9HAHPbuT7ERTjOS 2l78JTA3DUSKVChCUuXPzBxkn2Yi/0eh31bPliLu6sxJHCJQifN8SRQv2f5x54dU MQ0Gd+DvWSsmj+tIamsFYZqsRUTKeX8swT1YnyyX9IAkd/7osFhne580o9Uftbfx H+AaeiuC5Ig+M76yddSo3H/m6G1BCmZ7CiijLep3s6KeoJMGoWakL/xhj5F1pXJn CRqn8GwviJX/dQmFsIOlP9gWx7jADDL1vyTUl9W5o4xQPXubl+AezTkKMT8LnnVK hprvI+RxXUt/25L4KoVLqD7XRK1UCPV8 -----END CERTIFICATE-----Generated at Thu Jul 3 13:36:07 2025 by rpki-client