$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: PgrQoadJREusqbGa3GwMu95YP+mR5uEih8g9Xg8gU8I= Subject key identifier: 05:9C:B7:04:E1:D4:A4:8A:2D:2B:79:5B:82:7A:50:82:51:A1:6B:E1 Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CA0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0C9A Signing time: Wed 02 Jul 2025 18:26:04 +0000 Manifest this update: Wed 02 Jul 2025 18:26:03 +0000 Manifest next update: Wed 09 Jul 2025 18:26:03 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: o9mg5bZXHCoqsRlIqiQF4zy17bMU7iX9Q2uqg+XVWwc=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:26:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Jul 2 18:26:03 2025 GMT Not After : Jul 9 18:26:03 2025 GMT Subject: CN=686579bb-28d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f0:be:c9:cb:7c:b7:f5:21:e3:c3:66:0d:77: bb:8e:65:17:7a:b8:eb:7c:ae:4f:3a:96:5b:e1:24: 25:e5:c3:51:b7:00:a9:80:37:9c:0f:14:e6:41:95: dc:bd:db:ab:a4:c1:64:3d:03:ba:e4:a7:a8:3e:85: cb:99:d6:d3:b1:ca:4b:5f:55:ac:d7:2b:85:04:a4: 49:41:6a:40:41:0c:b3:e1:5b:16:55:c8:e5:fd:fb: 08:d2:82:59:14:13:a9:17:43:e4:8f:17:39:fd:f6: 46:41:0d:3e:42:18:9f:34:b5:52:4a:d0:07:44:75: 79:a6:39:1f:1e:93:53:e9:63:57:37:6d:ab:be:a5: ea:b6:9a:e9:b3:3c:57:bb:9a:63:21:3b:d4:74:5e: d8:a5:6b:47:49:5b:9b:0a:86:96:90:c5:97:ff:c4: 37:5b:a1:cb:34:ec:7c:8a:85:c3:05:a5:7d:e8:a9: 59:b1:5c:e1:af:e9:db:51:43:94:e3:a1:4e:78:35: 2c:2c:e5:18:3f:7c:96:e1:a2:50:5d:f8:9a:f3:00: 80:c9:e4:be:63:45:64:6d:0a:1f:f6:fb:72:83:6c: d9:55:ec:0a:ab:56:a1:17:4e:f9:1a:93:99:40:cf: 7d:7c:ed:d0:19:4f:f3:50:ab:2b:fc:71:5c:33:93: 72:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:9C:B7:04:E1:D4:A4:8A:2D:2B:79:5B:82:7A:50:82:51:A1:6B:E1 X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:44:f7:0d:18:db:4f:a1:34:dc:87:c1:64:d3:c1:bc:b5:eb: 10:a3:b3:f9:d9:da:48:1d:73:a7:b2:ac:ab:73:32:e9:4b:27: 00:7f:e6:35:27:df:b2:e9:b7:74:7e:c7:f5:e0:de:a5:14:71: ba:c9:82:d5:16:00:a8:ec:6e:b5:7f:d5:7e:86:13:52:07:60: e5:34:2b:0d:b7:8e:d4:f1:3c:0d:06:08:b9:30:ab:18:a2:6a: 76:91:c3:80:58:40:c9:73:b7:f6:2d:c4:11:83:76:73:2d:3d: 2d:5a:a1:1f:bb:27:8d:0d:bd:9c:bd:25:db:82:18:06:ea:cf: c1:e5:21:fd:4f:e2:ae:d2:5e:5e:9f:41:49:76:bf:64:fb:3d: 02:31:39:73:59:77:db:04:59:ed:ea:b7:f6:f3:29:f8:0d:61: 48:9b:92:18:85:57:2a:03:7a:d6:2a:96:06:3e:d8:a8:cd:f9: 40:9b:ea:44:e7:1d:06:83:1b:62:ed:1c:ec:f7:ae:72:9e:63: 20:cc:54:c9:f0:7d:52:ef:26:f1:4a:d8:69:80:3f:d8:93:31: cb:f9:03:56:12:a4:b5:e6:cc:f7:02:60:f9:05:dc:f2:12:fd: f3:5c:8d:3a:63:9c:20:99:51:e3:1a:b2:c1:56:32:a8:1b:67: 47:94:3f:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUwNzAyMTgyNjAzWhcNMjUwNzA5MTgyNjAzWjAYMRYwFAYD VQQDEw02ODY1NzliYi0yOGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0PC+yct8t/Uh48NmDXe7jmUXerjrfK5POpZb4SQl5cNRtwCpgDecDxTmQZXc vdurpMFkPQO65KeoPoXLmdbTscpLX1Ws1yuFBKRJQWpAQQyz4VsWVcjl/fsI0oJZ FBOpF0Pkjxc5/fZGQQ0+QhifNLVSStAHRHV5pjkfHpNT6WNXN22rvqXqtprpszxX u5pjITvUdF7YpWtHSVubCoaWkMWX/8Q3W6HLNOx8ioXDBaV96KlZsVzhr+nbUUOU 46FOeDUsLOUYP3yW4aJQXfia8wCAyeS+Y0VkbQof9vtyg2zZVewKq1ahF075GpOZ QM99fO3QGU/zUKsr/HFcM5Ny3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAWctwTh 1KSKLSt5W4J6UIJRoWvhMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvRPcNGNtPoTTch8Fk08G8tesQo7P52dpIHXOnsqyrczLpSycAf+Y1 J9+y6bd0fsf14N6lFHG6yYLVFgCo7G61f9V+hhNSB2DlNCsNt47U8TwNBgi5MKsY omp2kcOAWEDJc7f2LcQRg3ZzLT0tWqEfuyeNDb2cvSXbghgG6s/B5SH9T+Ku0l5e n0FJdr9k+z0CMTlzWXfbBFnt6rf28yn4DWFIm5IYhVcqA3rWKpYGPtiozflAm+pE 5x0Ggxti7Rzs965ynmMgzFTJ8H1S7ybxSthpgD/YkzHL+QNWEqS15sz3AmD5Bdzy Ev3zXI06Y5wgmVHjGrLBVjKoG2dHlD8A -----END CERTIFICATE-----Generated at Thu Jul 3 22:49:39 2025 by rpki-client