$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft File: nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft (raw, json) Hash identifier: Tlr5Pr83XPNA8BatvSDUh5sK+DaBqkbII4AipUlblFY= Subject key identifier: 17:68:BD:0D:AD:76:EC:7C:BD:E8:00:62:C1:EF:7C:7D:78:A7:1E:99 Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A Certificate issuer: /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Certificate serial: 2A1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft Manifest number: 2A10 Signing time: Wed 02 Jul 2025 14:23:34 +0000 Manifest this update: Wed 02 Jul 2025 14:23:34 +0000 Manifest next update: Wed 09 Jul 2025 14:23:34 +0000 Files and hashes: 1: nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl (hash: IA8kdTHTNhCilUm+tXLw8hMBeks+/nXhT9Spm2edgyI=) 2: F9722F8255C411E9A0FEF781C4F9AE02.roa (hash: symelOI4KiPwqS+zxOG2abXkQkOu/9Ecrvxkqaxc9Us=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 14:23:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10779 (0x2a1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF19E, serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Validity Not Before: Jul 2 14:23:34 2025 GMT Not After : Jul 9 14:23:34 2025 GMT Subject: CN=686540e6-f3c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:78:92:19:c7:b6:00:45:fc:b4:f2:b9:e3:5f: 3e:d3:df:0c:60:e1:d4:0b:04:65:c0:16:b6:26:fb: 84:ef:c5:a0:b7:72:a3:6d:5e:08:b6:46:8f:d6:2a: 46:7d:d0:53:dc:3e:38:72:86:2f:0b:86:16:5e:82: 10:73:63:bb:86:c2:d5:f2:9d:70:bf:03:2e:24:b7: e1:3a:68:8f:b0:6d:49:68:d1:1c:98:a2:3e:45:9c: 91:fd:3f:e3:e1:9d:11:ae:f5:5e:7c:72:81:11:be: 14:b5:66:56:a5:93:6a:cb:b3:54:34:80:a7:de:38: 3f:39:1d:b3:51:13:9d:d7:aa:e6:a1:b7:b0:e7:84: c3:9c:35:36:29:dd:4c:c2:29:20:91:81:0b:e2:fb: 34:e6:19:06:3a:a1:a8:2d:44:5f:ca:01:28:5a:d0: 68:29:2c:e1:af:5c:36:ba:e5:2b:24:a2:2f:c1:62: 40:0b:d0:c5:8d:33:b1:44:31:c0:8e:b2:56:73:1c: 1b:57:a2:1b:c5:e8:77:c1:bf:7d:fc:4e:e4:d0:0f: 07:e0:57:bb:c3:23:fd:a5:a7:a5:fc:4a:28:93:e2: a4:71:d2:c6:8e:63:7b:04:31:88:78:b9:26:b2:98: 67:42:5a:66:33:05:e9:21:c4:67:37:76:36:4c:b3: 3c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:68:BD:0D:AD:76:EC:7C:BD:E8:00:62:C1:EF:7C:7D:78:A7:1E:99 X509v3 Authority Key Identifier: keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:1f:60:ce:a1:04:8a:c8:16:9f:40:c2:e2:0c:1d:4d:38:a9: 2d:c0:54:64:9a:85:8d:6a:82:b5:73:73:4e:21:c1:e8:56:5c: 2a:4a:5b:80:db:5d:9e:15:d5:5e:d0:ea:02:44:4c:0a:70:06: ae:cc:6d:da:2b:10:79:1e:02:bb:65:74:c8:09:a0:5d:fa:b8: 22:26:9f:c4:12:4f:89:09:67:1c:68:46:7e:8e:7b:38:59:e7: 88:9c:a8:74:ab:88:bd:3b:37:82:40:f4:76:2c:d7:1e:1d:e9: d8:74:98:f7:24:ff:e9:92:d4:1c:66:c7:43:be:63:cc:01:ea: 5f:46:92:f0:dd:f0:42:bd:00:fb:1a:2b:c6:7f:c7:40:b7:fe: 72:18:c3:70:03:fc:35:72:05:29:a7:da:86:70:2e:12:64:3a: 89:d9:be:35:2d:f1:5d:1d:18:db:52:69:93:1f:d1:e0:20:91: 37:2a:48:d4:70:7b:f4:9c:8c:3d:78:d1:a0:4c:1e:be:ba:3f: 2a:aa:e3:9c:51:86:79:58:92:ca:d9:8e:47:46:36:75:11:f1: 18:8a:97:7d:4e:79:85:f7:89:ae:27:90:d4:80:a9:d3:f4:36: 4c:c7:59:50:eb:89:51:70:ab:7c:9e:15:59:07:70:e1:fe:84: cc:46:76:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICKhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0 MzhFN0YwOEEwHhcNMjUwNzAyMTQyMzM0WhcNMjUwNzA5MTQyMzM0WjAYMRYwFAYD VQQDEw02ODY1NDBlNi1mM2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzniSGce2AEX8tPK5418+098MYOHUCwRlwBa2JvuE78Wgt3KjbV4ItkaP1ipG fdBT3D44coYvC4YWXoIQc2O7hsLV8p1wvwMuJLfhOmiPsG1JaNEcmKI+RZyR/T/j 4Z0RrvVefHKBEb4UtWZWpZNqy7NUNICn3jg/OR2zUROd16rmobew54TDnDU2Kd1M wikgkYEL4vs05hkGOqGoLURfygEoWtBoKSzhr1w2uuUrJKIvwWJAC9DFjTOxRDHA jrJWcxwbV6Ibxeh3wb99/E7k0A8H4Fe7wyP9pael/Eook+KkcdLGjmN7BDGIeLkm sphnQlpmMwXpIcRnN3Y2TLM8eQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBdovQ2t dux8vegAYsHvfH14px6ZMB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0 MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44 SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjE5RS9BOTNFOTkzRTM0MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4 N1NQdkx0cXhub1ZEam44SW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCH2DOoQSKyBafQMLiDB1NOKktwFRkmoWNaoK1c3NOIcHoVlwqSluA 212eFdVe0OoCREwKcAauzG3aKxB5HgK7ZXTICaBd+rgiJp/EEk+JCWccaEZ+jns4 WeeInKh0q4i9OzeCQPR2LNceHenYdJj3JP/pktQcZsdDvmPMAepfRpLw3fBCvQD7 GivGf8dAt/5yGMNwA/w1cgUpp9qGcC4SZDqJ2b41LfFdHRjbUmmTH9HgIJE3KkjU cHv0nIw9eNGgTB6+uj8qquOcUYZ5WJLK2Y5HRjZ1EfEYipd9TnmF94muJ5DUgKnT 9DZMx1lQ64lRcKt8nhVZB3Dh/oTMRnb1 -----END CERTIFICATE-----Generated at Thu Jul 3 08:08:48 2025 by rpki-client