$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft File: 8eArOUb---b0ZPQ0jvIVX2HQehs.mft (raw, json) Hash identifier: YSCCTYDtjUaYNt7S/5hBA5+9lPxpWX9qPKFj+6a4JtQ= Subject key identifier: FF:A6:C7:DE:C1:FC:47:77:9B:00:9C:96:65:7A:80:07:52:BD:74:0F Authority key identifier: F1:E0:2B:39:46:FE:FB:E6:F4:64:F4:34:8E:F2:15:5F:61:D0:7A:1B Certificate issuer: /CN=A91FF4FC/serialNumber=F1E02B3946FEFBE6F464F4348EF2155F61D07A1B Certificate serial: 0DF1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft Manifest number: 0DEB Signing time: Mon 30 Jun 2025 18:05:02 +0000 Manifest this update: Mon 30 Jun 2025 18:05:01 +0000 Manifest next update: Mon 07 Jul 2025 18:05:01 +0000 Files and hashes: 1: 8eArOUb---b0ZPQ0jvIVX2HQehs.crl (hash: 30C0DFyqe9A7mE7K8V5ehHdNs6FfcnGki1cBU1gy7pI=) 2: A280C1FCA06D11EB92FB3739C4F9AE02.roa (hash: 0IBVwDZ7i+J4nVvUTeF7Wzqm6YjeaulpyuMa4quZjWo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.crl rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 18:05:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3569 (0xdf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF4FC, serialNumber=F1E02B3946FEFBE6F464F4348EF2155F61D07A1B Validity Not Before: Jun 30 18:05:01 2025 GMT Not After : Jul 7 18:05:01 2025 GMT Subject: CN=6862d1cd-0e86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f1:94:ef:7c:ec:19:b0:c8:65:38:37:15:8c: 89:43:69:49:aa:fc:45:cd:cb:dc:4b:37:de:37:36: fe:4b:e3:db:1c:21:40:fc:69:83:ae:53:88:f5:17: 04:e5:c2:36:ea:68:d3:a4:87:cd:5b:3a:09:90:d1: 62:b1:5f:a3:6e:10:87:a6:a6:89:46:da:b8:b8:e3: 24:66:64:ef:ec:fa:44:84:04:a9:1b:33:de:cc:87: 75:0b:d7:42:bd:d5:7d:ca:ff:1f:99:04:2e:7d:65: 3b:96:72:bf:49:40:35:00:b1:e2:b6:9d:a7:f8:93: 10:6f:0e:88:0b:03:ce:ce:55:3d:62:72:92:c8:c5: 10:2b:a4:d6:03:0e:c1:a9:d1:3e:5e:ad:13:01:9d: 6a:ee:0c:cc:f2:4b:13:d2:e9:96:d2:1e:59:45:0b: 2b:be:c9:f0:64:2e:4b:6a:f8:31:06:26:5f:5e:0b: 8a:34:8d:52:8c:8e:f1:f1:25:97:c7:25:48:c5:a3: dc:90:62:ae:c7:d4:01:11:0c:54:b9:ff:21:bb:9c: f2:6c:44:4b:5c:78:96:9c:61:60:69:d7:a1:d9:51: 73:62:76:10:0d:5a:13:09:f1:19:15:e4:8b:c4:08: d1:26:63:b4:b3:b6:47:b0:fc:0d:19:ac:fd:5e:79: 78:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:A6:C7:DE:C1:FC:47:77:9B:00:9C:96:65:7A:80:07:52:BD:74:0F X509v3 Authority Key Identifier: keyid:F1:E0:2B:39:46:FE:FB:E6:F4:64:F4:34:8E:F2:15:5F:61:D0:7A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:ff:2b:f9:b9:26:cc:1c:6e:4f:aa:dc:ea:ed:0a:ec:2e:fb: 8c:48:16:29:04:ab:b8:25:c7:f8:e8:f8:23:df:7c:1f:9e:4c: 73:18:1f:13:1c:b0:2b:f9:91:f2:d5:31:44:9d:04:08:c6:22: 6e:ef:cc:70:90:c4:49:d4:39:e4:4a:81:51:0c:b4:8e:40:6e: a9:18:8f:0f:13:a5:5a:f8:c2:6b:ab:75:fa:f5:4c:60:6a:b8: bc:6d:85:ee:41:8b:09:de:84:70:ea:dd:f1:be:10:59:c3:23: aa:3f:d3:50:52:25:4a:db:b0:7e:f3:7c:a1:57:c1:58:03:9c: 12:a3:c3:fa:72:56:10:16:2b:47:ea:d1:10:4f:a8:d4:4a:3b: 49:15:fd:ea:89:7e:24:9b:f9:17:f4:cb:d7:da:33:21:c4:e7: 2d:f7:2f:8f:e0:d9:08:9a:1a:42:59:d4:df:47:a7:c2:a1:f8: 71:cb:99:58:8d:fc:cc:c5:bb:3d:b4:e0:db:e2:7b:5c:f9:e2: bf:67:e8:c4:46:8a:92:d3:f0:a0:78:2a:1b:6b:44:70:48:d4: 56:4a:e1:a8:f1:37:ec:28:8c:96:25:10:e8:57:13:70:85:41: 59:71:82:8b:e0:76:a5:28:f1:e3:6c:2f:16:e2:d5:43:5f:63: b4:a5:8e:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY0RkMxMTAvBgNVBAUTKEYxRTAyQjM5NDZGRUZCRTZGNDY0RjQzNDhFRjIxNTVG NjFEMDdBMUIwHhcNMjUwNjMwMTgwNTAxWhcNMjUwNzA3MTgwNTAxWjAYMRYwFAYD VQQDEw02ODYyZDFjZC0wZTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArvGU73zsGbDIZTg3FYyJQ2lJqvxFzcvcSzfeNzb+S+PbHCFA/GmDrlOI9RcE 5cI26mjTpIfNWzoJkNFisV+jbhCHpqaJRtq4uOMkZmTv7PpEhASpGzPezId1C9dC vdV9yv8fmQQufWU7lnK/SUA1ALHitp2n+JMQbw6ICwPOzlU9YnKSyMUQK6TWAw7B qdE+Xq0TAZ1q7gzM8ksT0umW0h5ZRQsrvsnwZC5LavgxBiZfXguKNI1SjI7x8SWX xyVIxaPckGKux9QBEQxUuf8hu5zybERLXHiWnGFgadeh2VFzYnYQDVoTCfEZFeSL xAjRJmO0s7ZHsPwNGaz9Xnl4CQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP+mx97B /Ed3mwCclmV6gAdSvXQPMB8GA1UdIwQYMBaAFPHgKzlG/vvm9GT0NI7yFV9h0Hob MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjRGQy8zQjYzNEJCRUI0 NDQxMUU5ODY3MTNEMURDNEY5QUUwMi84ZUFyT1ViLS0tYjBaUFEwanZJVlgySFFl aHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhlQXJPVWItLS1iMFpQUTBqdklWWDJIUWVocy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjRGQy8zQjYzNEJCRUI0NDQxMUU5ODY3MTNEMURDNEY5QUUwMi84ZUFyT1ViLS0t YjBaUFEwanZJVlgySFFlaHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDN/yv5uSbMHG5Pqtzq7QrsLvuMSBYpBKu4Jcf46Pgj33wfnkxzGB8T HLAr+ZHy1TFEnQQIxiJu78xwkMRJ1DnkSoFRDLSOQG6pGI8PE6Va+MJrq3X69Uxg ari8bYXuQYsJ3oRw6t3xvhBZwyOqP9NQUiVK27B+83yhV8FYA5wSo8P6clYQFitH 6tEQT6jUSjtJFf3qiX4km/kX9MvX2jMhxOct9y+P4NkImhpCWdTfR6fCofhxy5lY jfzMxbs9tODb4ntc+eK/Z+jERoqS0/CgeCoba0RwSNRWSuGo8TfsKIyWJRDoVxNw hUFZcYKL4HalKPHjbC8W4tVDX2O0pY6i -----END CERTIFICATE-----Generated at Wed Jul 2 14:45:24 2025 by rpki-client