$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft File: z3rG54U-SVgocAZDAHZYRlfgyVA.mft (raw, json) Hash identifier: Q0bMrjTBfIdmoki3mZYab4dMC9bjctu/RSb/B6e6XgU= Subject key identifier: 03:DE:7B:28:E7:DD:FF:57:05:F1:B7:C8:4B:A7:6C:65:CB:36:18:E9 Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 Certificate issuer: /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Certificate serial: 24B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft Manifest number: 249B Signing time: Wed 02 Jul 2025 15:53:36 +0000 Manifest this update: Wed 02 Jul 2025 15:53:36 +0000 Manifest next update: Wed 09 Jul 2025 15:53:36 +0000 Files and hashes: 1: z3rG54U-SVgocAZDAHZYRlfgyVA.crl (hash: 08g2uF71l9LPqEtQaG5NdLPxCFDI/MHZWJD/rWa1g/0=) 2: 93957C3A25B211ECB5356475C4F9AE02.roa (hash: BdOiTbzqh5XSdUEde1pJSh9jcSbYou4UnLUcs5Z11Mw=) 3: 54040CE414F111F08814732CC4F9AE02.roa (hash: uhWwpX7EH4SHxyPNQgHJ8g+4j0iOnCO5ph2jjf0SUwo=) 4: 81C0C29CB0F311E5AB30F151C4F9AE02.roa (hash: OW7j0FFz0XfQbm3/I5GoSRUOzPWQeOb92johNE2e0dM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:53:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9397 (0x24b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Validity Not Before: Jul 2 15:53:36 2025 GMT Not After : Jul 9 15:53:36 2025 GMT Subject: CN=68655600-fd39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:75:3d:81:46:36:f4:e4:77:93:fb:93:82:da: 13:a2:eb:7f:dc:e7:ac:e3:e4:93:aa:00:44:92:ac: b3:e8:6d:3a:48:67:89:98:05:db:48:7b:6d:1c:2b: 95:ef:8a:e3:a2:9a:8a:bf:10:4e:e5:81:26:a9:2f: fa:bd:34:d9:69:65:67:7f:69:77:68:75:e4:02:22: 7f:92:76:77:52:71:15:40:9b:71:98:43:90:43:f8: 95:7a:b6:97:60:69:6f:d0:f9:5a:2a:f2:a6:ea:fb: 1f:4d:61:58:9b:60:3e:fa:a7:6a:81:ab:99:a9:70: 34:d2:70:02:3d:33:4a:58:19:93:28:72:8a:30:ae: ab:31:00:7b:a7:32:0b:df:d2:60:e5:5c:55:79:c9: 91:c5:f1:81:37:56:37:47:f7:fa:35:86:59:ce:88: 0f:66:17:fa:b9:17:a2:01:4f:42:be:32:2e:a6:83: a9:39:bf:a6:98:41:9b:0a:1f:c9:46:97:75:63:63: f4:f8:6f:ad:d1:37:b2:13:04:d6:77:54:10:ba:e2: 75:8c:a4:b1:50:50:d8:58:56:14:2f:21:ba:cd:e2: a0:65:f7:b6:87:ca:68:9c:8f:c0:c9:4a:52:84:51: 69:2c:2b:b5:1c:53:ef:2f:94:6c:22:3c:c0:87:4d: 6f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:DE:7B:28:E7:DD:FF:57:05:F1:B7:C8:4B:A7:6C:65:CB:36:18:E9 X509v3 Authority Key Identifier: keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:71:dc:de:20:7c:86:4b:53:82:9b:ae:cb:57:99:ec:3c:7a: c8:80:12:f4:e8:9e:91:da:fd:a5:eb:71:f5:6b:59:0d:d7:7d: aa:25:f9:d6:b2:73:11:20:37:b2:96:6f:ea:32:97:0c:93:ad: 8c:db:2d:11:78:a0:79:21:1c:be:01:0c:3b:94:b0:f4:00:93: da:df:94:21:68:ed:24:16:ed:fd:d4:ce:db:a4:26:8b:56:6e: 85:01:79:93:2c:de:5e:13:4a:a7:02:68:ca:45:aa:a7:67:27: 03:ab:da:77:0d:42:d7:1d:5c:c4:f6:8b:79:ad:7b:15:3e:ec: 4e:99:42:70:ce:8f:a6:cf:50:81:ab:81:83:26:75:78:23:f7: cb:df:49:fd:d7:17:d4:29:48:ba:33:17:73:cf:38:02:8a:98: f7:f8:17:91:45:17:01:2d:05:a0:84:13:fe:f1:8d:2d:78:0d: a9:fc:90:e1:76:92:5b:ba:9f:98:92:ac:fc:e4:41:82:e5:ea: 60:5c:a7:90:ff:b5:44:6e:9f:82:57:0d:a6:cb:93:18:77:f5: 48:16:2c:1b:83:3a:17:f2:96:8f:86:a8:6d:a2:70:80:ab:ef: 83:53:db:52:04:4c:42:ab:47:95:59:77:e5:62:da:aa:a7:7e: 16:7a:1f:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2 NTdFMEM5NTAwHhcNMjUwNzAyMTU1MzM2WhcNMjUwNzA5MTU1MzM2WjAYMRYwFAYD VQQDEw02ODY1NTYwMC1mZDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxHU9gUY29OR3k/uTgtoTout/3Oes4+STqgBEkqyz6G06SGeJmAXbSHttHCuV 74rjopqKvxBO5YEmqS/6vTTZaWVnf2l3aHXkAiJ/knZ3UnEVQJtxmEOQQ/iVeraX YGlv0PlaKvKm6vsfTWFYm2A++qdqgauZqXA00nACPTNKWBmTKHKKMK6rMQB7pzIL 39Jg5VxVecmRxfGBN1Y3R/f6NYZZzogPZhf6uReiAU9CvjIupoOpOb+mmEGbCh/J Rpd1Y2P0+G+t0TeyEwTWd1QQuuJ1jKSxUFDYWFYULyG6zeKgZfe2h8ponI/AyUpS hFFpLCu1HFPvL5RsIjzAh01voQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAPeeyjn 3f9XBfG3yEunbGXLNhjpMB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1 OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5 VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTE2QS8xRDdBRDBCQTQ1OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNW Z29jQVpEQUhaWVJsZmd5VkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5cdzeIHyGS1OCm67LV5nsPHrIgBL06J6R2v2l63H1a1kN132qJfnW snMRIDeylm/qMpcMk62M2y0ReKB5IRy+AQw7lLD0AJPa35QhaO0kFu391M7bpCaL Vm6FAXmTLN5eE0qnAmjKRaqnZycDq9p3DULXHVzE9ot5rXsVPuxOmUJwzo+mz1CB q4GDJnV4I/fL30n91xfUKUi6MxdzzzgCipj3+BeRRRcBLQWghBP+8Y0teA2p/JDh dpJbup+Ykqz85EGC5epgXKeQ/7VEbp+CVw2my5MYd/VIFiwbgzoX8paPhqhtonCA q++DU9tSBExCq0eVWXflYtqqp34Weh+X -----END CERTIFICATE-----Generated at Thu Jul 3 06:09:27 2025 by rpki-client