$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft File: v3H1vxFop4QFduAAbzu8ZfxINAs.mft (raw, json) Hash identifier: gAihu5jk4/OnibjGiWFCcV1Q1lnvlOZgR1o96B5CTQA= Subject key identifier: 9D:84:06:96:5F:37:0B:C3:C9:F5:19:89:83:09:5D:6F:53:74:AE:64 Authority key identifier: BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B Certificate issuer: /CN=A91ED596/serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Certificate serial: A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft Manifest number: A5 Signing time: Thu 03 Jul 2025 06:19:39 +0000 Manifest this update: Thu 03 Jul 2025 06:19:39 +0000 Manifest next update: Thu 10 Jul 2025 06:19:39 +0000 Files and hashes: 1: v3H1vxFop4QFduAAbzu8ZfxINAs.crl (hash: /u5BazP1gym4o+Wk1sClfrL+49QSSL8f8h37Ims/EEg=) 2: 8580DC705AE311EF86351430C4F9AE02.roa (hash: tNd1A1Pa4JpDSAJTUxSzKVvWvdR5TDXaWTiFNabeiYY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Validity Not Before: Jul 3 06:19:39 2025 GMT Not After : Jul 10 06:19:39 2025 GMT Subject: CN=686620fb-3e6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9c:35:b2:7c:cb:9a:29:4b:67:0d:d5:de:90: bb:ed:7c:91:92:b5:12:06:01:da:5c:fb:34:88:8c: b1:3a:a1:23:f7:90:58:40:dc:e9:e5:2b:a1:43:c2: a5:76:03:6c:12:ff:07:3e:ce:d8:aa:d9:91:2f:df: dc:03:4f:f2:ed:41:66:88:53:cd:62:bd:9d:50:af: 5d:df:12:20:54:ad:93:c6:ef:06:7c:07:4c:f3:75: 1c:ca:b0:2e:72:d0:e7:fd:b4:af:9c:3c:f4:a5:1e: d7:0e:84:2a:fd:08:74:a0:04:ef:d9:10:83:33:b6: 55:98:63:27:39:64:c5:ce:f7:20:c9:29:df:d5:3e: 1e:9d:f7:5f:7d:66:6e:cb:a0:d2:3e:aa:2e:c7:29: 11:a6:4a:12:61:a2:c4:a8:83:8b:af:1f:5c:65:dc: 1a:1f:7c:f4:98:c7:17:94:1a:00:62:c2:d8:b5:ea: 22:c7:7c:bc:d2:48:71:9d:8f:e1:13:ab:3c:03:3a: be:8b:30:15:3d:0c:19:a0:32:55:0c:22:72:66:e4: 10:25:f8:1b:6d:38:93:b2:3f:bb:8d:ab:6a:78:dc: c1:6d:e9:6e:bf:b0:d5:f7:b0:78:c0:0a:e6:7c:59: b9:f8:66:4f:2a:b8:6c:dd:23:c8:ef:06:49:29:00: 95:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:84:06:96:5F:37:0B:C3:C9:F5:19:89:83:09:5D:6F:53:74:AE:64 X509v3 Authority Key Identifier: keyid:BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:ad:20:03:4e:16:fe:60:a3:52:cf:b6:89:3f:32:4c:73:5a: f2:bb:2a:8e:d5:f2:73:0b:e5:0a:31:0e:13:5c:5e:98:3b:28: e8:49:4c:21:7d:d6:bf:c9:62:6d:ce:70:e9:e3:e1:04:af:8b: f4:d1:04:8a:ce:bd:44:a8:7e:9e:f9:b3:ad:2b:1d:1c:ef:c9: a8:be:4b:46:a9:ac:10:3b:b5:0d:74:91:1c:67:b1:50:4b:8c: 7a:da:2f:3e:dc:60:3b:86:fe:3c:5e:36:8b:bb:60:a6:b7:ea: 7c:bf:bf:12:39:78:7c:f8:05:e5:46:16:7a:ee:28:a9:6b:0a: c3:1c:22:19:bf:66:32:f7:50:c1:92:ea:84:b6:ea:10:00:27: 55:54:6f:a5:eb:2c:b4:f3:db:a1:f4:22:4e:aa:99:46:d0:8d: fa:59:60:e8:fa:2a:7b:c7:4c:a2:ae:87:75:29:8f:52:54:4d: 0a:e7:f7:f2:b2:e4:62:3c:35:83:a1:52:3d:b3:dd:ae:5c:bd: fb:bb:f3:9c:ce:f4:cd:5b:3d:fb:02:03:db:96:62:17:17:81: 38:31:55:35:2e:10:66:4b:6c:e3:12:8b:50:32:b6:5e:dd:f3: 16:16:e8:c6:ef:9a:c0:36:dd:5c:4d:ed:3a:e8:24:16:85:d0: 73:d8:1c:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKEJGNzFGNUJGMTE2OEE3ODQwNTc2RTAwMDZGM0JCQzY1 RkM0ODM0MEIwHhcNMjUwNzAzMDYxOTM5WhcNMjUwNzEwMDYxOTM5WjAYMRYwFAYD VQQDEw02ODY2MjBmYi0zZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyJw1snzLmilLZw3V3pC77XyRkrUSBgHaXPs0iIyxOqEj95BYQNzp5SuhQ8Kl dgNsEv8HPs7YqtmRL9/cA0/y7UFmiFPNYr2dUK9d3xIgVK2Txu8GfAdM83UcyrAu ctDn/bSvnDz0pR7XDoQq/Qh0oATv2RCDM7ZVmGMnOWTFzvcgySnf1T4enfdffWZu y6DSPqouxykRpkoSYaLEqIOLrx9cZdwaH3z0mMcXlBoAYsLYteoix3y80khxnY/h E6s8Azq+izAVPQwZoDJVDCJyZuQQJfgbbTiTsj+7jatqeNzBbeluv7DV97B4wArm fFm5+GZPKrhs3SPI7wZJKQCVwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ2EBpZf NwvDyfUZiYMJXW9TdK5kMB8GA1UdIwQYMBaAFL9x9b8RaKeEBXbgAG87vGX8SDQL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wNTcyREQ4QTVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi92M0gxdnhGb3A0UUZkdUFBYnp1OFpmeElO QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3YzSDF2eEZvcDRRRmR1QUFienU4WmZ4SU5Bcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wNTcyREQ4QTVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi92M0gxdnhGb3A0 UUZkdUFBYnp1OFpmeElOQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBErSADThb+YKNSz7aJPzJMc1ryuyqO1fJzC+UKMQ4TXF6YOyjoSUwh fda/yWJtznDp4+EEr4v00QSKzr1EqH6e+bOtKx0c78movktGqawQO7UNdJEcZ7FQ S4x62i8+3GA7hv48XjaLu2Cmt+p8v78SOXh8+AXlRhZ67iipawrDHCIZv2Yy91DB kuqEtuoQACdVVG+l6yy089uh9CJOqplG0I36WWDo+ip7x0yirod1KY9SVE0K5/fy suRiPDWDoVI9s92uXL37u/OczvTNWz37AgPblmIXF4E4MVU1LhBmS2zjEotQMrZe 3fMWFujG75rANt1cTe066CQWhdBz2BwJ -----END CERTIFICATE-----Generated at Thu Jul 3 23:05:51 2025 by rpki-client