$ rpki-client -vvf rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft File: tnwkXksr7q0jwfBd0w_5B32HuOY.mft (raw, json) Hash identifier: ojFvnkEgaFoWwunWnq16SV//olfqC6LsIJaa09NvIsI= Subject key identifier: 9A:74:E1:E9:E3:FD:F3:B9:B6:97:D5:C3:05:AC:D7:9C:F8:D8:B5:41 Authority key identifier: B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6 Certificate issuer: /CN=A91116C7/serialNumber=B67C245E4B2BEEAD23C1F05DD30FF9077D87B8E6 Certificate serial: 12B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft Manifest number: 12AC Signing time: Sun 20 Jul 2025 17:05:54 +0000 Manifest this update: Sun 20 Jul 2025 17:05:54 +0000 Manifest next update: Sun 27 Jul 2025 17:05:54 +0000 Files and hashes: 1: tnwkXksr7q0jwfBd0w_5B32HuOY.crl (hash: WjPM2rTW+xzBHKhjUtkdWAGqdFfTZmOpEONyi/sBvtg=) 2: 0CAF01A6C6C811E8AECD6165C4F9AE02.roa (hash: n2FBgQHuh988fwkOcnAooQ/jXQmiLgbdWeucP9Cz7sg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.crl rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:05:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4787 (0x12b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91116C7, serialNumber=B67C245E4B2BEEAD23C1F05DD30FF9077D87B8E6 Validity Not Before: Jul 20 17:05:54 2025 GMT Not After : Jul 27 17:05:54 2025 GMT Subject: CN=687d21f2-b015 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:32:b4:c9:57:de:c4:71:88:63:52:e8:18:d9: 2e:5c:c1:9f:30:f6:18:b7:5c:65:cc:11:d6:be:d7: 60:51:2c:77:1f:99:7a:9a:6d:4b:1d:f6:f9:da:c3: 71:7b:aa:50:55:0e:e7:49:16:37:75:f8:7e:64:8b: 3d:2d:7a:86:90:23:e8:c1:93:34:d9:91:40:c7:a6: f9:6b:d9:3c:11:ad:d6:57:dc:09:aa:a5:f1:3a:73: a7:a1:1e:f4:9f:57:55:c7:13:fb:04:3f:42:b1:89: b9:bc:62:ce:c1:e4:3b:c7:09:e0:c1:fa:eb:33:0a: 5a:76:3e:0a:45:0f:c3:3d:55:c3:bd:dd:ed:ba:8f: 53:f0:84:d3:47:12:72:99:a3:33:61:93:28:5e:93: 0a:8f:9a:44:07:16:92:05:f9:10:a4:ca:ec:7c:32: c2:46:cc:7c:81:16:8e:51:c0:3a:27:18:7a:f4:e3: 79:5d:f0:f2:32:52:74:94:13:6e:2e:d3:05:3c:72: 73:16:86:99:cd:b6:1c:21:0f:36:e9:69:d6:65:28: f1:87:05:20:eb:0b:6f:6c:3a:c1:3f:e7:a6:e3:93: 0d:61:d0:6b:3b:94:39:dd:7d:22:74:0b:93:00:41: 1b:65:bc:69:29:38:25:38:bc:ba:40:78:d9:a1:64: 6d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:74:E1:E9:E3:FD:F3:B9:B6:97:D5:C3:05:AC:D7:9C:F8:D8:B5:41 X509v3 Authority Key Identifier: keyid:B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:90:78:10:d2:f8:7e:0a:39:17:b7:aa:97:e0:f1:21:80:4a: 21:4c:46:3f:9e:b7:16:df:58:a4:4b:75:cf:68:97:21:35:33: f9:19:c3:bd:b4:f7:3c:f4:87:65:a2:31:8d:e0:58:f5:58:74: 73:cd:14:ff:82:d3:c9:60:ac:d0:3e:df:4b:83:60:38:0c:b6: ce:8c:d9:35:25:46:e2:68:f6:a6:76:ec:71:bc:df:64:6f:74: b0:cb:38:b9:fc:9b:84:ee:7a:7c:11:27:d7:8b:d4:b5:09:d6: e9:ee:58:2b:29:f5:67:64:00:e8:5f:87:4c:df:28:d9:97:d8: 01:37:21:e3:5b:98:f2:df:90:1f:cc:25:15:f6:c8:84:6e:92: 3f:55:f9:22:0f:57:da:b8:11:ed:72:2d:5f:d2:5c:bd:b9:72: 13:12:88:88:f5:39:51:cf:56:a5:6a:d1:17:11:13:ad:36:4d: bd:a1:d3:49:db:7b:b9:8e:be:1f:e1:42:b9:55:a9:91:d9:1f: 27:ba:d2:2b:a1:87:8b:59:3f:56:76:c7:d8:8a:28:c9:7b:f0: 22:03:1f:2d:70:cd:b6:5a:5a:83:69:50:80:63:43:83:d9:8d: 0a:7f:cc:86:83:37:f3:75:d1:18:27:98:08:08:23:3b:19:8c: c3:19:05:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICErMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTE2QzcxMTAvBgNVBAUTKEI2N0MyNDVFNEIyQkVFQUQyM0MxRjA1REQzMEZGOTA3 N0Q4N0I4RTYwHhcNMjUwNzIwMTcwNTU0WhcNMjUwNzI3MTcwNTU0WjAYMRYwFAYD VQQDEw02ODdkMjFmMi1iMDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvDK0yVfexHGIY1LoGNkuXMGfMPYYt1xlzBHWvtdgUSx3H5l6mm1LHfb52sNx e6pQVQ7nSRY3dfh+ZIs9LXqGkCPowZM02ZFAx6b5a9k8Ea3WV9wJqqXxOnOnoR70 n1dVxxP7BD9CsYm5vGLOweQ7xwngwfrrMwpadj4KRQ/DPVXDvd3tuo9T8ITTRxJy maMzYZMoXpMKj5pEBxaSBfkQpMrsfDLCRsx8gRaOUcA6Jxh69ON5XfDyMlJ0lBNu LtMFPHJzFoaZzbYcIQ826WnWZSjxhwUg6wtvbDrBP+em45MNYdBrO5Q53X0idAuT AEEbZbxpKTglOLy6QHjZoWRtDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJp04enj /fO5tpfVwwWs15z42LVBMB8GA1UdIwQYMBaAFLZ8JF5LK+6tI8HwXdMP+Qd9h7jm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTZDNy9DODU2RDZDNEM2 QzYxMUU4ODJBNDEyNjBDNEY5QUUwMi90bndrWGtzcjdxMGp3ZkJkMHdfNUIzMkh1 T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Rud2tYa3NyN3EwandmQmQwd181QjMySHVPWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MTZDNy9DODU2RDZDNEM2QzYxMUU4ODJBNDEyNjBDNEY5QUUwMi90bndrWGtzcjdx MGp3ZkJkMHdfNUIzMkh1T1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADkHgQ0vh+CjkXt6qX4PEhgEohTEY/nrcW31ikS3XPaJchNTP5GcO9 tPc89IdlojGN4Fj1WHRzzRT/gtPJYKzQPt9Lg2A4DLbOjNk1JUbiaPamduxxvN9k b3Swyzi5/JuE7np8ESfXi9S1Cdbp7lgrKfVnZADoX4dM3yjZl9gBNyHjW5jy35Af zCUV9siEbpI/VfkiD1fauBHtci1f0ly9uXITEoiI9TlRz1alatEXEROtNk29odNJ 23u5jr4f4UK5VamR2R8nutIroYeLWT9WdsfYiijJe/AiAx8tcM22WlqDaVCAY0OD 2Y0Kf8yGgzfzddEYJ5gICCM7GYzDGQVE -----END CERTIFICATE-----Generated at Sun Jul 20 21:21:06 2025 by rpki-client