$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft File: ciYIDnxlJSNDlihmsxOfAjhyxAI.mft (raw, json) Hash identifier: 1iWRvkjJIi1lYmQyDq1s+eepLLjjA/hXr44cNE+M3gk= Subject key identifier: 0F:2F:84:7B:9E:E4:E4:17:2F:FF:D2:C6:81:15:17:5E:08:D6:68:A9 Authority key identifier: 72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 Certificate issuer: /CN=A91ED596/serialNumber=7226080E7C65252343962866B3139F023872C402 Certificate serial: A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft Manifest number: A4 Signing time: Tue 01 Jul 2025 06:50:07 +0000 Manifest this update: Tue 01 Jul 2025 06:50:06 +0000 Manifest next update: Tue 08 Jul 2025 06:50:06 +0000 Files and hashes: 1: ciYIDnxlJSNDlihmsxOfAjhyxAI.crl (hash: 2rg7f4Yk0qUzVlL2Lg28Q+HhxUY8BP49u4bNPfxqGds=) 2: C0C401905AE311EF90924C30C4F9AE02.roa (hash: 7P9QGIuS2YxmoaQtTvokUjWFQu4qLuQF/pm4P1jB/wE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 06:50:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165 (0xa5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=7226080E7C65252343962866B3139F023872C402 Validity Not Before: Jul 1 06:50:06 2025 GMT Not After : Jul 8 06:50:06 2025 GMT Subject: CN=6863851e-9fbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1d:cd:16:19:64:8e:f6:51:75:80:73:66:2e: 47:6e:ee:c5:d2:af:71:a4:6f:d1:c6:27:4d:8a:7b: ec:53:cf:0a:ae:92:86:b7:5d:2e:bc:7e:5e:a3:72: bc:84:fe:1d:c9:18:60:98:b1:13:70:0c:e4:23:52: a7:76:2c:01:98:42:4e:26:29:3d:f6:18:27:91:b2: f1:c6:2e:f9:f0:c8:4c:80:8e:f8:db:03:ff:85:94: de:27:bd:58:14:f8:7e:79:86:c9:54:2c:b5:9d:6c: 8e:79:ba:ce:ec:be:ce:1b:27:f3:06:5f:6e:1b:5b: 35:3d:a8:8e:e1:0a:a4:2a:7e:38:98:70:69:15:bc: ca:eb:12:1f:92:2e:c8:ee:eb:b8:45:19:9f:d1:e1: c1:92:08:0d:c1:48:a3:ee:13:47:eb:ba:c7:6d:20: 02:1b:05:6e:06:de:07:6b:27:6e:b4:81:2d:7f:1c: 08:ea:8e:81:db:d0:b1:1c:44:e4:fc:02:7d:55:11: 4b:dc:a6:f1:28:94:e6:88:f0:f0:d1:07:28:0c:65: a0:89:7c:cb:6c:a0:b6:68:3e:bf:11:6f:24:b1:65: 47:75:26:8d:85:2c:7a:47:be:c6:d1:6f:a5:60:bd: 42:3b:bd:32:60:8f:c8:d3:da:e6:02:67:e4:c2:24: e0:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:2F:84:7B:9E:E4:E4:17:2F:FF:D2:C6:81:15:17:5E:08:D6:68:A9 X509v3 Authority Key Identifier: keyid:72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:a8:a7:e4:a0:c9:c9:45:66:77:16:1b:3e:69:eb:0d:18:d4: ef:2d:31:0c:0d:b4:1d:a2:70:25:7d:bc:d4:fa:a2:d1:67:68: 5c:b9:9e:b8:f0:fb:85:e6:c9:3c:7c:96:44:6f:1c:87:34:44: 0f:67:c4:66:a6:04:d7:db:8c:cc:ab:26:9b:0f:d1:c8:22:1f: 27:65:6c:b3:7c:2c:bb:d7:32:2f:75:6a:3d:ad:f2:cc:e8:e0: c6:ca:f7:f6:01:83:1c:ec:2c:cc:c9:00:dc:ab:d1:cf:38:e2: 73:4f:f8:90:ed:c4:59:94:d1:74:b0:16:5a:d9:65:cd:87:87: 52:53:4d:18:3a:de:e5:fc:76:73:ee:31:dd:de:4b:5f:19:69: 05:13:a5:92:a0:58:c0:da:84:d3:b4:c3:c0:0e:9c:2d:bd:ce: a8:6d:1b:a1:93:6d:f6:7f:3d:77:12:5d:46:9a:41:7a:2e:0e: e4:e2:46:c9:4d:c4:c2:3d:31:b7:90:71:11:c6:1a:df:3d:d4: 8f:69:0e:be:db:ba:02:5a:f0:2d:04:d2:f1:b6:d4:5d:50:84: db:15:89:ed:f9:c9:ea:61:5c:90:b0:d3:b3:3c:ad:64:19:bd: 3c:b5:85:6d:c3:64:5a:9b:bc:b6:ac:cf:b8:b1:c9:7d:5b:13: 80:cc:f2:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKDcyMjYwODBFN0M2NTI1MjM0Mzk2Mjg2NkIzMTM5RjAy Mzg3MkM0MDIwHhcNMjUwNzAxMDY1MDA2WhcNMjUwNzA4MDY1MDA2WjAYMRYwFAYD VQQDEw02ODYzODUxZS05ZmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnR3NFhlkjvZRdYBzZi5Hbu7F0q9xpG/RxidNinvsU88KrpKGt10uvH5eo3K8 hP4dyRhgmLETcAzkI1KndiwBmEJOJik99hgnkbLxxi758MhMgI742wP/hZTeJ71Y FPh+eYbJVCy1nWyOebrO7L7OGyfzBl9uG1s1PaiO4QqkKn44mHBpFbzK6xIfki7I 7uu4RRmf0eHBkggNwUij7hNH67rHbSACGwVuBt4HaydutIEtfxwI6o6B29CxHETk /AJ9VRFL3KbxKJTmiPDw0QcoDGWgiXzLbKC2aD6/EW8ksWVHdSaNhSx6R77G0W+l YL1CO70yYI/I09rmAmfkwiTgtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA8vhHue 5OQXL//SxoEVF14I1mipMB8GA1UdIwQYMBaAFHImCA58ZSUjQ5YoZrMTnwI4csQC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wREUyM0UxNjVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpTTkRsaWhtc3hPZkFqaHl4 QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NpWUlEbnhsSlNORGxpaG1zeE9mQWpoeXhBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wREUyM0UxNjVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpT TkRsaWhtc3hPZkFqaHl4QUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWqKfkoMnJRWZ3Fhs+aesNGNTvLTEMDbQdonAlfbzU+qLRZ2hcuZ64 8PuF5sk8fJZEbxyHNEQPZ8RmpgTX24zMqyabD9HIIh8nZWyzfCy71zIvdWo9rfLM 6ODGyvf2AYMc7CzMyQDcq9HPOOJzT/iQ7cRZlNF0sBZa2WXNh4dSU00YOt7l/HZz 7jHd3ktfGWkFE6WSoFjA2oTTtMPADpwtvc6obRuhk232fz13El1GmkF6Lg7k4kbJ TcTCPTG3kHERxhrfPdSPaQ6+27oCWvAtBNLxttRdUITbFYnt+cnqYVyQsNOzPK1k Gb08tYVtw2Ram7y2rM+4scl9WxOAzPJx -----END CERTIFICATE-----Generated at Tue Jul 1 18:31:46 2025 by rpki-client