$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft File: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft (raw, json) Hash identifier: TCwFm2HB0Z2yfmWh2uwi1gZmfcT9mlRNdiL0XWVvhTo= Subject key identifier: 79:F9:FD:E6:90:79:F7:A3:EE:11:9A:8D:00:CB:EE:B1:45:BF:A9:A7 Authority key identifier: D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A Certificate issuer: /CN=A91F0AF0/serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Certificate serial: 0C7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft Manifest number: 1D9F Signing time: Sat 28 Jun 2025 17:06:13 +0000 Manifest this update: Sat 28 Jun 2025 17:06:12 +0000 Manifest next update: Sat 05 Jul 2025 17:06:12 +0000 Files and hashes: 1: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl (hash: d86HpeANbRd+IcVqgu9d/gN0sbBv2Q0LNxc8XZGjsOQ=) 2: CE3C7EF66FEB11EB91967864C4F9AE02.roa (hash: Ecj4wTVjyUbe05JmkTHE3iJeDcHJFhB138/thNFleyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 17:06:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3195 (0xc7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0AF0, serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Validity Not Before: Jun 28 17:06:12 2025 GMT Not After : Jul 5 17:06:12 2025 GMT Subject: CN=68602105-521e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:99:66:2a:23:ec:25:0c:10:4a:3a:bc:7d:d9: 2b:f2:c6:18:54:50:74:1f:76:5e:b3:4f:e2:64:9b: 98:d6:5e:bd:9f:45:b5:22:39:e0:98:f7:2f:ee:53: 52:f5:13:9c:65:bc:c1:ed:53:88:2f:37:a2:e3:7b: 6c:cd:b5:d3:2e:84:71:0c:ba:23:04:92:7b:c1:c4: 2c:75:48:2b:8c:55:ab:a7:f6:46:aa:1a:82:0e:b5: 76:98:37:55:df:f0:e0:c7:1f:0d:ad:ca:ee:cb:09: d4:7f:d2:70:9d:df:cc:ce:5b:29:94:a9:cb:4d:76: 64:91:b1:4e:d4:b6:b6:91:a0:19:ee:6f:41:be:5d: 7b:b9:39:14:c2:85:a5:25:cd:ae:d3:e7:d3:96:8e: be:1c:60:15:59:aa:a0:45:d4:8b:d7:d7:27:14:bc: c3:0e:eb:11:f0:e2:d7:d3:27:9f:b4:fd:6f:e0:b5: f7:74:3c:b4:37:8e:e4:7c:21:d3:4e:65:f9:ab:ad: ee:af:6f:fa:0b:b7:58:ed:3b:d0:ce:ac:23:85:a2: 1b:36:f3:ae:82:0d:b8:6b:3f:b7:5a:21:b0:aa:b4: 0e:78:c7:24:16:c8:0f:0b:54:6e:b7:76:a8:fe:cc: 17:c5:ba:20:11:b8:71:6d:18:24:e2:6a:47:95:8f: e0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:F9:FD:E6:90:79:F7:A3:EE:11:9A:8D:00:CB:EE:B1:45:BF:A9:A7 X509v3 Authority Key Identifier: keyid:D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:30:ff:f2:67:4b:28:0d:82:b3:37:4e:fa:14:83:54:14:97: 7f:fe:1b:80:07:f5:d2:67:1c:9d:e9:25:f3:f3:28:86:56:00: c7:09:d2:02:28:f6:fe:d7:e7:01:72:33:29:39:c8:35:12:e4: 1c:40:6b:98:1d:64:2d:dc:29:c2:30:67:1c:99:3a:29:ba:e5: 81:6b:f1:30:ff:34:9e:34:86:80:2b:c5:b1:f2:c2:a9:54:4f: 5e:f4:86:1d:ce:c9:b2:53:1d:5b:1a:c4:54:8d:a2:de:60:30: 11:26:e2:f2:6e:6c:cb:bb:4b:43:d1:57:23:23:94:30:91:e2: 0b:98:92:54:6f:e2:5b:f9:1a:ac:8a:d6:0f:f9:20:84:07:9f: 73:d3:fd:66:d2:5f:23:2b:b3:45:d6:90:2c:a4:4e:0a:a9:90: 6e:8a:1a:1b:70:02:2f:2e:89:3a:5c:86:37:c0:21:49:2b:9b: fa:1b:68:a6:64:e9:b1:73:f1:12:3e:b7:3d:d8:c2:00:a7:62: e0:35:b5:93:18:84:8b:99:f5:d0:1f:78:01:27:cf:8b:05:4c: a5:fa:99:45:db:be:70:f8:79:57:70:92:15:1d:94:2c:27:b3: 3b:e4:ea:f0:be:f9:55:2e:83:62:e4:da:c1:a4:31:ef:9e:ee: 60:95:a8:fd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBBRjAxMTAvBgNVBAUTKEQ5QkQ3MEU3NzdGODYxQUU1NDM4NTcxNDhFNjMzNTJG REE4NEMwN0EwHhcNMjUwNjI4MTcwNjEyWhcNMjUwNzA1MTcwNjEyWjAYMRYwFAYD VQQDEw02ODYwMjEwNS01MjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoZlmKiPsJQwQSjq8fdkr8sYYVFB0H3Zes0/iZJuY1l69n0W1IjngmPcv7lNS 9ROcZbzB7VOILzei43tszbXTLoRxDLojBJJ7wcQsdUgrjFWrp/ZGqhqCDrV2mDdV 3/Dgxx8NrcruywnUf9Jwnd/MzlsplKnLTXZkkbFO1La2kaAZ7m9Bvl17uTkUwoWl Jc2u0+fTlo6+HGAVWaqgRdSL19cnFLzDDusR8OLX0yeftP1v4LX3dDy0N47kfCHT TmX5q63ur2/6C7dY7TvQzqwjhaIbNvOugg24az+3WiGwqrQOeMckFsgPC1Rut3ao /swXxbogEbhxbRgk4mpHlY/ghwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHn5/eaQ efej7hGajQDL7rFFv6mnMB8GA1UdIwQYMBaAFNm9cOd3+GGuVDhXFI5jNS/ahMB6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEFGMC9FMzc2Mjk1MDBG RkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlhNVVPRmNVam1NMUw5cUV3 SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJiMXc1M2Y0WWE1VU9GY1VqbU0xTDlxRXdIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEFGMC9FMzc2Mjk1MDBGRkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlh NVVPRmNVam1NMUw5cUV3SG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXMP/yZ0soDYKzN076FINUFJd//huAB/XSZxyd6SXz8yiGVgDHCdIC KPb+1+cBcjMpOcg1EuQcQGuYHWQt3CnCMGccmTopuuWBa/Ew/zSeNIaAK8Wx8sKp VE9e9IYdzsmyUx1bGsRUjaLeYDARJuLybmzLu0tD0VcjI5QwkeILmJJUb+Jb+Rqs itYP+SCEB59z0/1m0l8jK7NF1pAspE4KqZBuihobcAIvLok6XIY3wCFJK5v6G2im ZOmxc/ESPrc92MIAp2LgNbWTGISLmfXQH3gBJ8+LBUyl+plF275w+HlXcJIVHZQs J7M75OrwvvlVLoNi5NrBpDHvnu5glaj9 -----END CERTIFICATE-----Generated at Mon Jun 30 17:20:36 2025 by rpki-client