$ rpki-client -vvf rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft File: MZdALMHUBvlwfS4iBDY7wNE8Apk.mft (raw, json) Hash identifier: t1la3tziraNhJJT/U4mwQThJR6CwX1KJsplYdhBvvsk= Subject key identifier: 21:98:81:5C:00:22:5F:5E:A9:75:DB:2C:2F:4A:47:3B:A0:D8:85:1F Authority key identifier: 31:97:40:2C:C1:D4:06:F9:70:7D:2E:22:04:36:3B:C0:D1:3C:02:99 Certificate issuer: /CN=A91F479C/serialNumber=3197402CC1D406F9707D2E2204363BC0D13C0299 Certificate serial: 03B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft Manifest number: 03B1 Signing time: Thu 03 Jul 2025 01:03:09 +0000 Manifest this update: Thu 03 Jul 2025 01:03:08 +0000 Manifest next update: Thu 10 Jul 2025 01:03:08 +0000 Files and hashes: 1: MZdALMHUBvlwfS4iBDY7wNE8Apk.crl (hash: RdyjdQH8E3qnKMZ2ooc1ZPpCfKkNN0Ysuw47LbabQoY=) 2: 751D2C1A98E611EC849D155FC4F9AE02.roa (hash: CkImo8IsUmsaya0jHXM103+CNWFzYVltZI4TafvBrlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.crl rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 949 (0x3b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F479C, serialNumber=3197402CC1D406F9707D2E2204363BC0D13C0299 Validity Not Before: Jul 3 01:03:08 2025 GMT Not After : Jul 10 01:03:08 2025 GMT Subject: CN=6865d6cc-c2d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1c:9e:8a:b4:f5:f4:6f:3a:6c:4c:de:c7:d3: 05:aa:a6:a9:60:26:a8:89:29:a4:df:b5:b4:13:17: 15:cd:ef:33:1a:c5:96:ed:46:7e:97:82:c0:50:2d: 89:76:96:96:8d:86:44:8b:30:9d:fd:5c:c1:74:09: 9e:e8:61:f7:e5:a6:a0:97:05:6b:79:a1:e5:a3:51: ce:f5:d4:3b:e0:fe:3d:e8:af:8e:e8:62:f2:52:eb: 6c:6f:2f:fe:3b:f0:82:28:ee:0b:f5:a6:b5:96:fb: 15:fd:81:7a:21:24:01:40:fc:17:76:79:ab:32:d7: 3c:e3:e0:c5:44:76:ac:9d:ae:28:e8:f5:25:52:4c: cd:a4:10:4e:2d:11:7b:64:ba:8d:0e:66:fc:cc:9e: 84:a1:3d:54:44:f8:9e:33:9f:7d:e1:18:40:05:5c: e4:ea:fd:4b:5b:70:c0:21:ed:f2:3d:a0:9d:c7:27: ef:e9:72:a3:db:bd:92:dc:0f:cf:14:16:cc:6d:46: 59:60:4a:a0:3f:75:c6:17:7f:c5:db:3c:a0:57:3f: 4b:80:29:6b:c5:5b:2c:3b:95:58:92:0c:cb:0e:42: 24:1d:76:c7:eb:51:37:7f:11:d1:d5:fa:58:c3:90: c4:dd:eb:5d:d3:4a:ff:7f:c2:40:e0:5e:10:cf:b6: 01:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:98:81:5C:00:22:5F:5E:A9:75:DB:2C:2F:4A:47:3B:A0:D8:85:1F X509v3 Authority Key Identifier: keyid:31:97:40:2C:C1:D4:06:F9:70:7D:2E:22:04:36:3B:C0:D1:3C:02:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MZdALMHUBvlwfS4iBDY7wNE8Apk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F479C/32BF850E98E411EC937D615CC4F9AE02/MZdALMHUBvlwfS4iBDY7wNE8Apk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:eb:af:b4:35:0b:93:76:06:55:6f:69:02:8f:70:4d:0d:b4: 64:5e:e5:22:5e:1f:1b:f4:1a:e7:00:7d:01:29:25:1f:dc:0e: cb:e3:1e:23:83:58:e0:89:29:81:95:ba:c2:8e:65:8d:d6:25: 2b:1a:ed:31:d3:7f:0d:a3:28:06:be:0b:f5:70:f3:7c:0a:51: 21:11:d6:17:98:bd:38:6d:45:6d:09:e2:51:40:d3:5f:a7:d2: f5:45:19:91:1e:83:9e:94:33:fa:55:4f:18:db:d0:93:79:a1: d7:4f:2d:45:a7:47:88:3d:ca:ee:35:d1:e2:40:32:14:da:72: 82:c3:15:42:c1:e5:a7:93:c0:06:a5:a6:23:3c:36:89:7d:a3: b8:62:ff:d4:8e:03:62:46:12:6e:4a:0e:45:2b:04:b1:91:61: 35:02:e2:60:49:9f:f1:a1:9a:87:81:6d:f8:25:2b:94:1a:e0: 12:73:4a:57:18:4e:72:89:96:af:da:e8:f2:53:73:dc:6f:54: 46:22:92:9d:35:80:35:b6:4f:13:f8:34:91:69:2d:60:c3:d0: df:80:b8:7f:e0:7a:87:78:66:4e:d4:32:a8:90:5d:26:79:d1: 27:de:a1:f2:1b:8f:61:e0:8d:8b:fc:a8:03:43:63:2e:97:2d: e8:a7:88:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQ3OUMxMTAvBgNVBAUTKDMxOTc0MDJDQzFENDA2Rjk3MDdEMkUyMjA0MzYzQkMw RDEzQzAyOTkwHhcNMjUwNzAzMDEwMzA4WhcNMjUwNzEwMDEwMzA4WjAYMRYwFAYD VQQDEw02ODY1ZDZjYy1jMmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwByeirT19G86bEzex9MFqqapYCaoiSmk37W0ExcVze8zGsWW7UZ+l4LAUC2J dpaWjYZEizCd/VzBdAme6GH35aaglwVreaHlo1HO9dQ74P496K+O6GLyUutsby/+ O/CCKO4L9aa1lvsV/YF6ISQBQPwXdnmrMtc84+DFRHasna4o6PUlUkzNpBBOLRF7 ZLqNDmb8zJ6EoT1URPieM5994RhABVzk6v1LW3DAIe3yPaCdxyfv6XKj272S3A/P FBbMbUZZYEqgP3XGF3/F2zygVz9LgClrxVssO5VYkgzLDkIkHXbH61E3fxHR1fpY w5DE3etd00r/f8JA4F4Qz7YB/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCGYgVwA Il9eqXXbLC9KRzug2IUfMB8GA1UdIwQYMBaAFDGXQCzB1Ab5cH0uIgQ2O8DRPAKZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDc5Qy8zMkJGODUwRTk4 RTQxMUVDOTM3RDYxNUNDNEY5QUUwMi9NWmRBTE1IVUJ2bHdmUzRpQkRZN3dORThB cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01aZEFMTUhVQnZsd2ZTNGlCRFk3d05FOEFway5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDc5Qy8zMkJGODUwRTk4RTQxMUVDOTM3RDYxNUNDNEY5QUUwMi9NWmRBTE1IVUJ2 bHdmUzRpQkRZN3dORThBcGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAz66+0NQuTdgZVb2kCj3BNDbRkXuUiXh8b9BrnAH0BKSUf3A7L4x4j g1jgiSmBlbrCjmWN1iUrGu0x038NoygGvgv1cPN8ClEhEdYXmL04bUVtCeJRQNNf p9L1RRmRHoOelDP6VU8Y29CTeaHXTy1Fp0eIPcruNdHiQDIU2nKCwxVCweWnk8AG paYjPDaJfaO4Yv/UjgNiRhJuSg5FKwSxkWE1AuJgSZ/xoZqHgW34JSuUGuASc0pX GE5yiZav2ujyU3Pcb1RGIpKdNYA1tk8T+DSRaS1gw9DfgLh/4HqHeGZO1DKokF0m edEn3qHyG49h4I2L/KgDQ2Muly3op4gp -----END CERTIFICATE-----Generated at Thu Jul 3 10:50:02 2025 by rpki-client