$ rpki-client -vvf rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft File: fT3bIK_-cUyPNUllHB7oD1VgEbg.mft (raw, json) Hash identifier: 0l9S3BVHxFxSVrH4Z5CYH9EPDeEsh7i6pWNOZvEHq2U= Subject key identifier: 4A:CC:AE:06:BE:24:5C:93:E6:62:31:BC:A1:82:0F:92:FA:F5:77:05 Authority key identifier: 7D:3D:DB:20:AF:FE:71:4C:8F:35:49:65:1C:1E:E8:0F:55:60:11:B8 Certificate issuer: /CN=A91319EA/serialNumber=7D3DDB20AFFE714C8F3549651C1EE80F556011B8 Certificate serial: 02C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft Manifest number: 02C4 Signing time: Mon 21 Jul 2025 01:41:44 +0000 Manifest this update: Mon 21 Jul 2025 01:41:43 +0000 Manifest next update: Mon 28 Jul 2025 01:41:43 +0000 Files and hashes: 1: fT3bIK_-cUyPNUllHB7oD1VgEbg.crl (hash: UUd6WEjxv1qf0Ztvms2CPb6RXqiA84pX1Z+aaWZYKNQ=) 2: BFD5E8EAF8EB11EC9C39C677C4F9AE02.roa (hash: 81tZME9FAwzO2UIk/WDugs2sSYBMwRpnwSHq/X3xc/Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.crl rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:41:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 711 (0x2c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91319EA, serialNumber=7D3DDB20AFFE714C8F3549651C1EE80F556011B8 Validity Not Before: Jul 21 01:41:43 2025 GMT Not After : Jul 28 01:41:43 2025 GMT Subject: CN=687d9ad8-6e40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:db:f8:b3:c4:38:6f:b9:f9:ef:42:5a:a0:34: 58:28:47:3d:6f:25:1b:97:77:3f:e4:61:94:dd:b1: 05:a2:52:48:a6:11:7f:ac:a0:2a:82:6c:b0:a9:30: d0:03:e4:c0:18:08:9a:97:52:1f:41:da:ce:88:90: ee:aa:de:dd:72:9f:75:1b:b2:c6:c2:f8:8c:1b:bf: e9:f6:6e:61:f4:cc:c5:28:b5:74:2b:d4:76:83:71: d4:70:81:39:58:5a:c9:86:f8:17:22:4d:bc:9e:1c: 36:d4:15:bd:18:ae:c6:f4:b8:ac:a0:1d:cc:32:db: 5b:1f:cd:8c:17:90:f0:81:b3:15:83:cf:4a:c0:8e: e4:ce:1e:e5:f0:2a:c0:ef:d1:8f:37:42:4f:30:a0: 73:ca:e8:69:3d:b2:b9:aa:ea:76:44:62:55:90:9a: bc:3a:bf:1f:54:36:5f:e6:5e:af:d0:76:bb:f1:8d: df:e2:bb:1f:4a:86:54:94:58:8c:09:e0:77:d8:cb: 48:bf:44:81:9c:30:ad:b7:86:c5:bc:90:7c:95:4f: 8d:71:47:13:8d:26:64:d9:e4:f9:e3:5a:84:c7:a8: 49:26:35:ca:a1:24:52:65:7a:60:34:03:3e:a2:16: 6f:d0:e3:eb:64:d4:6e:e6:b6:d8:34:d0:10:ed:b3: 20:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:CC:AE:06:BE:24:5C:93:E6:62:31:BC:A1:82:0F:92:FA:F5:77:05 X509v3 Authority Key Identifier: keyid:7D:3D:DB:20:AF:FE:71:4C:8F:35:49:65:1C:1E:E8:0F:55:60:11:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:8b:cc:16:59:bd:db:a5:6d:f5:b3:91:ca:90:eb:83:57:d7: 6f:2b:42:b9:53:ba:2d:39:0a:cd:af:da:c1:c9:a2:94:e4:53: 40:ce:a3:e7:16:d1:6b:de:f2:19:1f:db:4b:6e:4e:28:b7:fe: d6:c1:39:46:a6:f7:d1:3c:eb:9a:98:a4:40:cd:ba:e8:c7:2d: c8:14:d1:29:04:0b:0c:05:1f:1c:5a:61:23:7e:1a:ab:7e:1d: 06:1f:c2:61:cc:cf:48:c0:31:c6:90:98:0b:72:e9:0d:5a:29: 17:9d:ec:b9:c1:a6:03:2d:94:5f:d1:05:b7:a7:06:0d:4e:20: dd:07:8f:63:3f:d3:76:18:2c:6c:85:75:46:7f:64:c1:5e:75: c8:4b:cb:54:6f:49:e3:97:c7:29:f2:00:d7:f3:dc:cd:8b:f5: 7b:d4:f2:55:0b:ab:c6:06:60:85:b3:3b:e9:fe:45:bf:2c:99: 74:48:fc:7c:45:4b:9e:e5:66:55:fb:15:89:7b:f4:7d:ed:0d: fd:59:04:b3:9b:b8:c3:35:ae:20:e6:48:40:1e:16:8f:cd:59: 5b:2b:6c:a9:f6:c2:ac:09:2a:b8:1e:db:c7:9d:3c:e1:6c:36: c8:81:0b:f3:e7:e5:cf:b7:ab:38:59:19:49:6d:31:7b:4b:92: 80:31:bf:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE5RUExMTAvBgNVBAUTKDdEM0REQjIwQUZGRTcxNEM4RjM1NDk2NTFDMUVFODBG NTU2MDExQjgwHhcNMjUwNzIxMDE0MTQzWhcNMjUwNzI4MDE0MTQzWjAYMRYwFAYD VQQDEw02ODdkOWFkOC02ZTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9v4s8Q4b7n570JaoDRYKEc9byUbl3c/5GGU3bEFolJIphF/rKAqgmywqTDQ A+TAGAial1IfQdrOiJDuqt7dcp91G7LGwviMG7/p9m5h9MzFKLV0K9R2g3HUcIE5 WFrJhvgXIk28nhw21BW9GK7G9LisoB3MMttbH82MF5DwgbMVg89KwI7kzh7l8CrA 79GPN0JPMKBzyuhpPbK5qup2RGJVkJq8Or8fVDZf5l6v0Ha78Y3f4rsfSoZUlFiM CeB32MtIv0SBnDCtt4bFvJB8lU+NcUcTjSZk2eT541qEx6hJJjXKoSRSZXpgNAM+ ohZv0OPrZNRu5rbYNNAQ7bMglQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFErMrga+ JFyT5mIxvKGCD5L69XcFMB8GA1UdIwQYMBaAFH092yCv/nFMjzVJZRwe6A9VYBG4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTlFQS9EMjZDNDEyOEY4 RTgxMUVDOEI1NzcyNzFDNEY5QUUwMi9mVDNiSUtfLWNVeVBOVWxsSEI3b0QxVmdF YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZUM2JJS18tY1V5UE5VbGxIQjdvRDFWZ0ViZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTlFQS9EMjZDNDEyOEY4RTgxMUVDOEI1NzcyNzFDNEY5QUUwMi9mVDNiSUtfLWNV eVBOVWxsSEI3b0QxVmdFYmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMi8wWWb3bpW31s5HKkOuDV9dvK0K5U7otOQrNr9rByaKU5FNAzqPn FtFr3vIZH9tLbk4ot/7WwTlGpvfRPOuamKRAzbroxy3IFNEpBAsMBR8cWmEjfhqr fh0GH8JhzM9IwDHGkJgLcukNWikXney5waYDLZRf0QW3pwYNTiDdB49jP9N2GCxs hXVGf2TBXnXIS8tUb0njl8cp8gDX89zNi/V71PJVC6vGBmCFszvp/kW/LJl0SPx8 RUue5WZV+xWJe/R97Q39WQSzm7jDNa4g5khAHhaPzVlbK2yp9sKsCSq4HtvHnTzh bDbIgQvz5+XPt6s4WRlJbTF7S5KAMb/+ -----END CERTIFICATE-----Generated at Mon Jul 21 13:27:14 2025 by rpki-client