$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft File: rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json) Hash identifier: Hu8Da76fw8aryY4VXyT0XnLS0OC6S78Mx3TGcxAidfc= Subject key identifier: DF:7E:BA:2A:60:01:A8:4D:5D:66:3C:79:31:D4:FF:AF:CD:F3:EB:B6 Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 Certificate issuer: /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Certificate serial: 020A Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft Manifest number: 0205 Signing time: Thu 03 Jul 2025 00:45:10 +0000 Manifest this update: Thu 03 Jul 2025 00:45:09 +0000 Manifest next update: Thu 10 Jul 2025 00:45:09 +0000 Files and hashes: 1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: FHGLeAOn3ml01GPA9fTYh+mbmGtpctcngMTKLN1LPkA=) 2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:45:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 522 (0x20a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Validity Not Before: Jul 3 00:45:09 2025 GMT Not After : Jul 10 00:45:09 2025 GMT Subject: CN=6865d295-2e42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:eb:c8:aa:3c:9d:90:68:87:5e:c2:16:85:1a: a4:ec:86:0b:24:47:f6:11:f8:bf:ce:5c:3c:2d:fc: 7e:88:e1:34:25:73:94:8e:31:66:59:c5:25:bb:79: 78:26:b4:bf:fa:d6:00:49:6d:2b:62:2f:69:ef:07: 6e:f5:ac:c9:32:92:5a:f9:9c:45:b3:9a:42:c2:69: 3f:72:49:3c:0f:49:34:a4:cd:54:a7:4d:b2:c5:fd: 07:19:8e:33:a6:d2:d7:b4:db:fb:3b:f9:eb:85:01: f3:30:04:4a:b0:1d:a9:df:db:44:a5:d0:97:8b:e1: 6d:82:9a:9d:ca:1d:3e:cc:56:a5:99:c3:14:6d:4e: 1f:a3:9d:1d:29:58:e1:e6:87:9a:70:65:68:19:58: 4a:7a:ee:f0:7e:a9:82:de:f5:1e:7d:14:95:39:25: 42:fb:82:bd:23:a8:76:7c:e0:ff:aa:52:c5:74:77: f2:d4:19:34:5a:c3:1c:b7:38:c5:66:9d:eb:2c:76: f1:3c:f7:65:67:83:25:4f:05:f3:63:09:e2:91:ca: 75:93:ec:4d:9d:e9:5e:2b:8e:48:e0:6d:c8:ed:10: 66:79:32:c3:18:8f:ab:cf:e9:e0:7a:1f:47:44:ca: 04:ae:a8:f4:d8:fd:f8:46:5f:56:be:af:a0:d4:79: ad:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:7E:BA:2A:60:01:A8:4D:5D:66:3C:79:31:D4:FF:AF:CD:F3:EB:B6 X509v3 Authority Key Identifier: keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:67:29:77:f7:df:2e:52:42:3b:9f:e5:9d:1f:f5:1d:e2:57: 9a:62:67:a8:d2:c9:70:de:f5:23:f9:e0:81:f3:7b:73:2a:da: 3f:b7:d6:e3:23:e8:2d:03:54:1d:8b:5d:f6:7a:a3:09:9d:01: b4:57:7e:1b:50:d3:6e:fb:87:e7:8c:c1:4e:6e:c4:86:cd:56: ff:93:e3:b7:4e:0a:1f:de:8c:bc:19:d2:de:86:d4:6f:c4:64: ad:b9:1e:47:5d:25:d9:4c:7c:58:1b:9f:27:09:be:fd:78:71: 17:62:99:df:38:24:23:bf:79:92:77:e9:17:3e:c9:45:2e:78: 99:d7:c0:e3:e6:c1:aa:e3:50:8f:dc:bc:ff:e6:e0:44:43:63: 63:bc:06:7b:66:a7:ae:c5:e9:4e:4a:9c:0c:20:a8:ff:f2:e1: 92:eb:2f:3b:82:bc:f6:ee:ec:8e:fa:c1:07:9b:d7:af:37:05: 81:ac:86:69:d5:dc:dd:5d:24:f2:72:25:f7:61:e7:8b:9f:f8: 05:00:50:a9:27:3d:0f:a4:81:b0:8e:1d:fb:b3:3a:b8:ab:90: ae:12:a0:7c:df:51:c2:1e:5c:b8:9f:fa:e9:ec:3e:a1:06:bb: dc:0c:27:8a:59:06:11:d3:8d:9d:85:ff:cd:b4:55:f7:9a:3c: e9:83:8b:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4 N0U2NzM2ODgwHhcNMjUwNzAzMDA0NTA5WhcNMjUwNzEwMDA0NTA5WjAYMRYwFAYD VQQDEw02ODY1ZDI5NS0yZTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuOvIqjydkGiHXsIWhRqk7IYLJEf2Efi/zlw8Lfx+iOE0JXOUjjFmWcUlu3l4 JrS/+tYASW0rYi9p7wdu9azJMpJa+ZxFs5pCwmk/ckk8D0k0pM1Up02yxf0HGY4z ptLXtNv7O/nrhQHzMARKsB2p39tEpdCXi+Ftgpqdyh0+zFalmcMUbU4fo50dKVjh 5oeacGVoGVhKeu7wfqmC3vUefRSVOSVC+4K9I6h2fOD/qlLFdHfy1Bk0WsMctzjF Zp3rLHbxPPdlZ4MlTwXzYwnikcp1k+xNneleK45I4G3I7RBmeTLDGI+rz+ngeh9H RMoErqj02P34Rl9Wvq+g1HmtmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN9+uipg AahNXWY8eTHU/6/N8+u2MB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXZyl3998uUkI7n+WdH/Ud4leaYmeo0slw3vUj+eCB83tzKto/t9bj I+gtA1Qdi132eqMJnQG0V34bUNNu+4fnjMFObsSGzVb/k+O3Tgof3oy8GdLehtRv xGStuR5HXSXZTHxYG58nCb79eHEXYpnfOCQjv3mSd+kXPslFLniZ18Dj5sGq41CP 3Lz/5uBEQ2NjvAZ7ZqeuxelOSpwMIKj/8uGS6y87grz27uyO+sEHm9evNwWBrIZp 1dzdXSTyciX3YeeLn/gFAFCpJz0PpIGwjh37szq4q5CuEqB831HCHly4n/rp7D6h BrvcDCeKWQYR042dhf/NtFX3mjzpg4su -----END CERTIFICATE-----Generated at Thu Jul 3 23:27:54 2025 by rpki-client