$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft File: z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft (raw, json) Hash identifier: K3fu52/DLD1x16ElWly0ZWnXNfGQSjUGfxFERNxcloY= Subject key identifier: 5D:52:54:03:DF:15:42:5E:E3:09:24:58:C4:67:EE:50:84:02:86:54 Authority key identifier: CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF Certificate issuer: /CN=A91F8F9B/serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft Manifest number: A3 Signing time: Thu 03 Jul 2025 06:22:41 +0000 Manifest this update: Thu 03 Jul 2025 06:22:40 +0000 Manifest next update: Thu 10 Jul 2025 06:22:40 +0000 Files and hashes: 1: z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl (hash: Pb5qn7EBrL+RvbvkmYjO4+hB/n+FqzCa4mdofeFggZ8=) 2: 7143C5B85DBF11EFB8714857C4F9AE02.roa (hash: ap2qykakUMtuugznllb9ElqWzxnqoH122Li4BLMbH9U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8F9B, serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF Validity Not Before: Jul 3 06:22:40 2025 GMT Not After : Jul 10 06:22:40 2025 GMT Subject: CN=686621b0-d55b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d2:92:3d:14:47:b1:5c:f7:af:16:2d:8a:fd: 71:3b:99:61:54:3f:d6:7a:33:98:16:20:c3:55:51: 6b:0c:65:e8:45:58:bc:12:5f:3a:a4:03:aa:dd:aa: 38:be:85:1d:9e:61:ae:12:47:26:15:b1:e6:f6:15: ef:56:62:b2:e1:3e:59:78:10:2d:b3:42:04:ed:36: 1d:7d:6b:af:cf:62:2e:c7:98:62:8a:9a:a4:d0:20: e7:42:16:c1:8b:d9:4b:5f:11:94:48:cf:de:3e:c8: 9d:b0:29:aa:45:59:d8:a6:be:ee:fd:8b:3f:75:18: 59:9a:90:0b:8b:6d:be:d7:91:8e:37:b9:d3:43:8a: 3e:36:f0:89:38:03:be:ff:fc:0a:65:74:97:a4:10: 7c:4d:48:e3:6c:e6:61:b9:ce:4f:e8:88:e4:ad:a3: 3b:0b:fc:81:97:06:6e:37:ca:5a:ba:e0:52:8d:9f: 41:81:22:5d:e6:23:22:7f:88:15:34:fe:a7:1c:93: 33:6f:2a:81:31:5d:47:85:66:e7:4d:1e:7f:44:e5: a5:e7:85:3b:a6:d9:69:64:f0:39:2e:fb:4d:a6:f1: cd:78:93:5f:ef:50:3f:56:1d:28:47:a6:d1:6b:9a: f8:f4:f9:4e:6c:80:08:fa:58:e0:b3:45:57:9c:16: af:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:52:54:03:DF:15:42:5E:E3:09:24:58:C4:67:EE:50:84:02:86:54 X509v3 Authority Key Identifier: keyid:CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:bf:d4:5b:45:f3:fe:4f:aa:63:aa:31:82:17:57:33:6a:0c: a5:c3:66:b2:c8:3c:5d:1c:9a:40:ff:fe:3a:0e:47:40:55:1d: 68:eb:66:c0:f8:a0:ea:80:b0:d1:26:94:62:ea:3e:0b:4e:e6: 09:41:94:9d:05:9d:40:56:30:59:49:aa:eb:d7:ff:98:b0:25: 15:7e:1a:44:67:34:81:7e:91:49:83:b5:5b:de:a8:80:6f:88: ef:54:7f:c3:b4:b2:f8:b9:bc:11:0b:99:41:fd:a5:55:84:de: c6:55:a1:4e:5a:dc:10:7a:f8:2a:30:2f:02:cc:49:22:6f:29: 44:0b:ac:1b:45:1b:82:a0:6f:62:1c:23:7e:31:33:11:32:52: ef:5e:e2:fc:a0:0f:26:f1:8a:ab:5e:df:a4:03:49:dd:11:ad: 64:00:f0:4d:30:f2:7b:46:21:32:d4:ba:ba:c9:fd:f7:42:3b: 62:a2:39:f5:b3:5e:e1:d6:21:35:7a:ba:be:28:5d:2e:2a:8a: 4b:75:83:52:3c:77:da:04:f5:88:24:0e:75:3c:95:63:51:88: 5a:c8:51:97:d4:7b:ce:29:a0:15:f9:51:42:b9:e0:62:40:00: d8:c3:bd:ef:54:f8:1e:a2:89:d4:13:1a:dc:c1:41:5f:e6:bf: cb:54:48:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhGOUIxMTAvBgNVBAUTKENGQkIwMzhGREI4Mzg2NTQyMDQ5NjI5ODBBRDIyMUM5 NDE1RDVDRkYwHhcNMjUwNzAzMDYyMjQwWhcNMjUwNzEwMDYyMjQwWjAYMRYwFAYD VQQDEw02ODY2MjFiMC1kNTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9KSPRRHsVz3rxYtiv1xO5lhVD/WejOYFiDDVVFrDGXoRVi8El86pAOq3ao4 voUdnmGuEkcmFbHm9hXvVmKy4T5ZeBAts0IE7TYdfWuvz2Iux5hiipqk0CDnQhbB i9lLXxGUSM/ePsidsCmqRVnYpr7u/Ys/dRhZmpALi22+15GON7nTQ4o+NvCJOAO+ //wKZXSXpBB8TUjjbOZhuc5P6IjkraM7C/yBlwZuN8pauuBSjZ9BgSJd5iMif4gV NP6nHJMzbyqBMV1HhWbnTR5/ROWl54U7ptlpZPA5LvtNpvHNeJNf71A/Vh0oR6bR a5r49PlObIAI+ljgs0VXnBav9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF1SVAPf FUJe4wkkWMRn7lCEAoZUMB8GA1UdIwQYMBaAFM+7A4/bg4ZUIElimArSIclBXVz/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEY5Qi9GOTAyRTUzMDVE QkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhsUWdTV0tZQ3RJaHlVRmRY UDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3o3c0RqOXVEaGxRZ1NXS1lDdEloeVVGZFhQOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OEY5Qi9GOTAyRTUzMDVEQkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhs UWdTV0tZQ3RJaHlVRmRYUDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBsv9RbRfP+T6pjqjGCF1czagylw2ayyDxdHJpA//46DkdAVR1o62bA +KDqgLDRJpRi6j4LTuYJQZSdBZ1AVjBZSarr1/+YsCUVfhpEZzSBfpFJg7Vb3qiA b4jvVH/DtLL4ubwRC5lB/aVVhN7GVaFOWtwQevgqMC8CzEkibylEC6wbRRuCoG9i HCN+MTMRMlLvXuL8oA8m8YqrXt+kA0ndEa1kAPBNMPJ7RiEy1Lq6yf33Qjtiojn1 s17h1iE1erq+KF0uKopLdYNSPHfaBPWIJA51PJVjUYhayFGX1HvOKaAV+VFCueBi QADYw73vVPgeoonUExrcwUFf5r/LVEh8 -----END CERTIFICATE-----Generated at Thu Jul 3 23:46:02 2025 by rpki-client