$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.mft File: cri4zRAwexYyTYeYJ98ypKqNaqE.mft (raw, json) Hash identifier: qfb7OGVghhP46OD8O5HdtLDEl2Wa4+44itY6MSr49a0= Subject key identifier: B5:D8:83:A3:47:CB:A3:EC:49:54:0B:A4:38:8E:FB:0A:EA:57:13:51 Authority key identifier: 72:B8:B8:CD:10:30:7B:16:32:4D:87:98:27:DF:32:A4:AA:8D:6A:A1 Certificate issuer: /CN=A91FF19B/serialNumber=72B8B8CD10307B16324D879827DF32A4AA8D6AA1 Certificate serial: 0443 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cri4zRAwexYyTYeYJ98ypKqNaqE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.mft Manifest number: 0439 Signing time: Tue 01 Jul 2025 00:53:29 +0000 Manifest this update: Tue 01 Jul 2025 00:53:29 +0000 Manifest next update: Tue 08 Jul 2025 00:53:29 +0000 Files and hashes: 1: cri4zRAwexYyTYeYJ98ypKqNaqE.crl (hash: wxFaD6Aa0fSSLt82ay9kf7NtkwDN7SYJy3Z0tE1/a70=) 2: 0C023160C4C911EE9278E261C4F9AE02.roa (hash: IyhV9MGtQ1VyJp3y60dauCI+itu5hIIH24D+SkqtwwY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.crl rsync://rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cri4zRAwexYyTYeYJ98ypKqNaqE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:53:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1091 (0x443) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF19B, serialNumber=72B8B8CD10307B16324D879827DF32A4AA8D6AA1 Validity Not Before: Jul 1 00:53:29 2025 GMT Not After : Jul 8 00:53:29 2025 GMT Subject: CN=68633189-a069 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7b:49:4e:d1:70:61:20:ba:1b:32:b7:77:05: d3:6d:79:2d:3b:e9:73:08:4e:d0:53:97:45:8a:bd: 7a:13:91:e0:d4:48:64:e2:04:41:94:88:10:29:f1: 71:bb:66:81:42:74:3d:fe:99:b0:8e:d3:92:e0:3b: bc:c6:58:97:62:97:07:01:d9:46:fa:69:7b:5e:1b: b5:74:f3:a2:6e:45:70:2b:bd:d4:1c:ec:08:4d:5b: ab:1c:32:00:79:ed:29:93:e5:98:0e:a8:6d:54:c1: 79:93:29:12:14:82:36:f5:72:01:a3:fb:61:79:09: fe:39:fc:ca:1d:03:85:c1:04:f5:b7:06:da:1a:7d: 7f:b8:eb:b3:3c:f5:f9:ae:d4:b6:3d:50:d0:20:ba: 6b:43:da:22:eb:8b:23:3b:ef:e1:23:31:2b:19:16: 13:e7:0f:53:68:55:0b:f3:d0:99:c5:c6:e6:fe:0f: f9:29:9a:99:fd:01:e9:51:19:20:87:a3:5e:2b:b8: 3f:44:3b:52:55:df:85:e9:5d:f7:8a:62:c0:d3:d4: 1d:6d:0e:23:07:16:50:68:ca:3b:88:8e:64:d0:2f: 4b:a3:cf:ff:10:2d:c3:31:21:58:ca:a8:71:5f:81: 85:67:66:ab:bc:aa:4b:20:a1:f8:65:b0:a7:c7:17: ce:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:D8:83:A3:47:CB:A3:EC:49:54:0B:A4:38:8E:FB:0A:EA:57:13:51 X509v3 Authority Key Identifier: keyid:72:B8:B8:CD:10:30:7B:16:32:4D:87:98:27:DF:32:A4:AA:8D:6A:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cri4zRAwexYyTYeYJ98ypKqNaqE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF19B/36488D80665B11EC8885A480C4F9AE02/cri4zRAwexYyTYeYJ98ypKqNaqE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:cd:a4:f3:e1:7a:2c:ec:fb:71:c1:f4:41:45:a9:87:fc:4e: 88:1e:2a:15:1a:ce:e0:09:c0:19:53:e5:a6:44:ea:f1:fa:30: 7e:6d:5b:97:24:70:69:3b:d0:cb:1d:af:ea:84:60:fc:21:18: b6:a1:0f:2a:e8:ca:77:9c:cf:c8:af:d4:c4:d7:d5:6a:75:91: ff:72:29:39:fd:c8:95:cd:4f:18:fd:3f:c0:42:80:79:0d:26: de:c6:1f:f2:4c:58:1d:42:dd:bf:d7:c3:5a:0f:57:d7:5c:b3: d6:bd:41:f8:d6:2f:11:9c:60:7e:46:84:fc:c7:91:a0:65:70: aa:22:85:c3:1c:cf:7f:a0:1b:bc:73:a0:c1:1f:d2:8d:cb:79: e9:1d:32:43:a1:05:18:30:5b:bc:53:15:9f:84:a0:c9:d6:22: db:9c:0b:31:97:69:12:b4:c1:da:c3:1b:c0:98:13:8a:e8:55: 17:42:54:74:b9:51:36:57:32:be:b2:87:6c:87:09:fa:86:06: 30:43:9f:56:7b:21:19:94:d9:6e:0f:43:c5:49:ef:fc:26:24: dd:56:03:9e:9e:f0:a4:be:f9:26:a5:ad:c5:51:57:89:7e:d6: 77:0f:9d:c1:50:99:0c:3d:81:85:44:cf:d0:53:24:0f:5f:bf: 65:13:03:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkYxOUIxMTAvBgNVBAUTKDcyQjhCOENEMTAzMDdCMTYzMjREODc5ODI3REYzMkE0 QUE4RDZBQTEwHhcNMjUwNzAxMDA1MzI5WhcNMjUwNzA4MDA1MzI5WjAYMRYwFAYD VQQDEw02ODYzMzE4OS1hMDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXtJTtFwYSC6GzK3dwXTbXktO+lzCE7QU5dFir16E5Hg1Ehk4gRBlIgQKfFx u2aBQnQ9/pmwjtOS4Du8xliXYpcHAdlG+ml7Xhu1dPOibkVwK73UHOwITVurHDIA ee0pk+WYDqhtVMF5kykSFII29XIBo/theQn+OfzKHQOFwQT1twbaGn1/uOuzPPX5 rtS2PVDQILprQ9oi64sjO+/hIzErGRYT5w9TaFUL89CZxcbm/g/5KZqZ/QHpURkg h6NeK7g/RDtSVd+F6V33imLA09QdbQ4jBxZQaMo7iI5k0C9Lo8//EC3DMSFYyqhx X4GFZ2arvKpLIKH4ZbCnxxfOxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLXYg6NH y6PsSVQLpDiO+wrqVxNRMB8GA1UdIwQYMBaAFHK4uM0QMHsWMk2HmCffMqSqjWqh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjE5Qi8zNjQ4OEQ4MDY2 NUIxMUVDODg4NUE0ODBDNEY5QUUwMi9jcmk0elJBd2V4WXlUWWVZSjk4eXBLcU5h cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NyaTR6UkF3ZXhZeVRZZVlKOTh5cEtxTmFxRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjE5Qi8zNjQ4OEQ4MDY2NUIxMUVDODg4NUE0ODBDNEY5QUUwMi9jcmk0elJBd2V4 WXlUWWVZSjk4eXBLcU5hcUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFzaTz4Xos7PtxwfRBRamH/E6IHioVGs7gCcAZU+WmROrx+jB+bVuX JHBpO9DLHa/qhGD8IRi2oQ8q6Mp3nM/Ir9TE19VqdZH/cik5/ciVzU8Y/T/AQoB5 DSbexh/yTFgdQt2/18NaD1fXXLPWvUH41i8RnGB+RoT8x5GgZXCqIoXDHM9/oBu8 c6DBH9KNy3npHTJDoQUYMFu8UxWfhKDJ1iLbnAsxl2kStMHawxvAmBOK6FUXQlR0 uVE2VzK+sodshwn6hgYwQ59WeyEZlNluD0PFSe/8JiTdVgOenvCkvvkmpa3FUVeJ ftZ3D53BUJkMPYGFRM/QUyQPX79lEwOP -----END CERTIFICATE-----Generated at Tue Jul 1 20:49:52 2025 by rpki-client