$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: CPvl+FMzueLVQZwCDFpenMigf5ZNXFLH9qta8l9gXFk= Subject key identifier: 70:15:03:9B:4C:C3:32:77:82:05:5D:B9:B5:8E:B7:91:74:82:95:01 Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0FC6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F90 Signing time: Mon 30 Jun 2025 17:45:25 +0000 Manifest this update: Mon 30 Jun 2025 17:45:25 +0000 Manifest next update: Mon 07 Jul 2025 17:45:25 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: WvenRjZdKiUaqog3lucG3nRKXavvVfovzIuZM2mMbpQ=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: QtpDimKOHqXsxnqa4q87zCBuPpMrfxyNN2d7cp4WlrA=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: 6uU1bRzcclFeMC/RnwQZxh3s9UKuJJHVwL7cdGjMFOc=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: XWm8GaGIPPLP9AKtaT6KRszth65jZeSEF8vfSa7oAA0=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: PNhMIJG2WqhTSsHQs6Q3B5W+HPqAu/8Af4Ot4nkDDLQ=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: t18G/jUeuq8lptvTyxkqs2wnq4jb4g41EOSptQznrUs=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: Jk6V50ct0NhfCUNeq2rSB6SPY6PZ86y8Zd5FDESJ7kI=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: WNk4We2Ht/Om3rf3IbH7SVRsK901hQ7kL7sR1ONDJ8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 17:45:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4038 (0xfc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: Jun 30 17:45:25 2025 GMT Not After : Jul 7 17:45:25 2025 GMT Subject: CN=6862cd35-2f6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a3:67:90:a3:7b:61:96:a0:f6:ca:fe:66:b3: f8:13:c9:e1:bc:93:85:6e:e0:dc:75:4b:6f:0d:cd: 14:c7:c4:4c:47:6a:9b:cb:a1:07:2f:c8:b0:73:98: 30:52:ca:55:30:34:af:2a:24:89:1a:fc:e8:82:8c: 70:bb:60:13:03:cc:fb:70:7d:68:48:55:eb:cd:25: 07:94:c8:cd:0f:1b:f6:98:73:86:26:0d:d2:11:db: 05:44:ac:f9:f5:fb:4a:d6:c4:5d:7d:69:05:50:67: f4:99:c4:0a:65:ec:cd:4d:c4:71:f2:54:fe:70:46: da:b5:05:c8:b7:46:d3:4c:68:2d:4c:21:4b:9c:a2: 62:91:de:fb:7f:29:85:d8:80:8f:74:2f:5a:a3:d5: f5:93:8c:8d:e4:c5:f7:25:d6:be:12:10:95:0b:8e: 4b:bf:c4:a1:ca:95:25:fe:58:c2:ae:97:c2:24:8c: 31:da:5f:b4:6a:77:7d:2d:d3:7c:4b:25:89:e9:fa: cc:bb:d7:28:23:78:cc:2c:37:64:fd:86:57:eb:2f: 54:63:5c:5e:d2:67:1e:51:58:bf:b0:b6:4c:89:21: dc:b0:4d:c5:cf:34:db:cd:60:cf:f3:45:68:b5:9e: 30:3e:11:b8:ff:d0:e0:68:84:3c:dc:56:b0:41:7c: 9c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:15:03:9B:4C:C3:32:77:82:05:5D:B9:B5:8E:B7:91:74:82:95:01 X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:f4:06:2d:08:23:93:9f:e6:1c:a5:f8:77:e7:04:ed:58:a9: c2:07:e1:64:72:17:6c:76:83:1a:79:d6:9e:2d:cb:b2:c8:3e: 62:92:99:8f:c3:d8:80:72:d9:d9:87:c8:75:cd:a1:46:a4:4c: be:0e:37:6a:9b:60:ba:7c:38:7d:51:2f:28:e5:aa:2d:1e:9f: f0:89:19:96:16:37:8e:4a:72:de:dd:f9:b9:82:42:1a:4c:f9: 69:e4:dd:53:bc:3a:17:12:bb:46:6b:26:ed:20:9c:82:6d:b6: 15:1d:3c:c2:60:37:5a:a3:9d:17:67:22:12:ac:4d:e9:92:9e: 1d:45:cd:97:48:91:6e:30:2f:61:68:2d:99:46:f6:84:25:9e: 61:37:46:ed:7c:70:47:d2:bb:f2:1e:cb:07:31:27:41:b2:5f: 1f:29:d4:4a:be:67:36:a5:7a:84:8a:2f:fd:06:be:cd:6c:02: 22:4c:02:2c:6e:ba:77:a7:54:f5:eb:8b:39:49:cc:12:60:fc: 41:59:27:be:f0:38:be:b8:99:1a:07:ab:fa:01:73:7f:fa:c8: 84:a5:f2:c7:08:d6:48:e8:80:b0:d7:c5:73:6c:c9:ab:2c:93: 28:b0:27:f6:79:07:f8:a3:c9:14:7e:47:db:7d:9b:8a:5b:df: 29:dd:57:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwNjMwMTc0NTI1WhcNMjUwNzA3MTc0NTI1WjAYMRYwFAYD VQQDEw02ODYyY2QzNS0yZjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0KNnkKN7YZag9sr+ZrP4E8nhvJOFbuDcdUtvDc0Ux8RMR2qby6EHL8iwc5gw UspVMDSvKiSJGvzogoxwu2ATA8z7cH1oSFXrzSUHlMjNDxv2mHOGJg3SEdsFRKz5 9ftK1sRdfWkFUGf0mcQKZezNTcRx8lT+cEbatQXIt0bTTGgtTCFLnKJikd77fymF 2ICPdC9ao9X1k4yN5MX3Jda+EhCVC45Lv8ShypUl/ljCrpfCJIwx2l+0and9LdN8 SyWJ6frMu9coI3jMLDdk/YZX6y9UY1xe0mceUVi/sLZMiSHcsE3FzzTbzWDP80Vo tZ4wPhG4/9DgaIQ83FawQXycywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHAVA5tM wzJ3ggVdubWOt5F0gpUBMB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAA9AYtCCOTn+Ycpfh35wTtWKnCB+FkchdsdoMaedaeLcuyyD5ikpmP w9iActnZh8h1zaFGpEy+Djdqm2C6fDh9US8o5aotHp/wiRmWFjeOSnLe3fm5gkIa TPlp5N1TvDoXErtGaybtIJyCbbYVHTzCYDdao50XZyISrE3pkp4dRc2XSJFuMC9h aC2ZRvaEJZ5hN0btfHBH0rvyHssHMSdBsl8fKdRKvmc2pXqEii/9Br7NbAIiTAIs brp3p1T164s5ScwSYPxBWSe+8Di+uJkaB6v6AXN/+siEpfLHCNZI6ICw18VzbMmr LJMosCf2eQf4o8kUfkfbfZuKW98p3VfU -----END CERTIFICATE-----Generated at Wed Jul 2 15:07:47 2025 by rpki-client