$ rpki-client -vvf rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.mft File: C0io-y5r59-P7QejyRmyPKQL3so.mft (raw, json) Hash identifier: f1YJ/6Ho4wC6XI/y5ftpx8BCAQNCzXwOJEhgpNDbiCc= Subject key identifier: E7:05:DA:33:5B:F2:63:4E:D2:22:2B:E2:EE:1B:3A:3A:A3:17:58:ED Authority key identifier: 0B:48:A8:FB:2E:6B:E7:DF:8F:ED:07:A3:C9:19:B2:3C:A4:0B:DE:CA Certificate issuer: /CN=A91442B0/serialNumber=0B48A8FB2E6BE7DF8FED07A3C919B23CA40BDECA Certificate serial: 0AE3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C0io-y5r59-P7QejyRmyPKQL3so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.mft Manifest number: 0AD3 Signing time: Sun 20 Jul 2025 19:35:58 +0000 Manifest this update: Sun 20 Jul 2025 19:35:58 +0000 Manifest next update: Sun 27 Jul 2025 19:35:58 +0000 Files and hashes: 1: C0io-y5r59-P7QejyRmyPKQL3so.crl (hash: EOxq0J6HPupCILTefhbb5SzNRsBU/eq7mRMaWBvPz1I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.crl rsync://rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C0io-y5r59-P7QejyRmyPKQL3so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:35:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2787 (0xae3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91442B0, serialNumber=0B48A8FB2E6BE7DF8FED07A3C919B23CA40BDECA Validity Not Before: Jul 20 19:35:58 2025 GMT Not After : Jul 27 19:35:58 2025 GMT Subject: CN=687d451e-2c17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6e:93:4b:fa:ab:84:36:6e:c9:22:2b:49:bf: 25:3a:72:fe:3c:c7:e4:87:e5:b5:82:2a:e2:ae:8e: b7:3f:cf:b1:a0:97:25:16:18:2c:4c:d8:cc:11:3c: 0c:06:f5:f7:1e:f3:76:c6:73:82:9d:08:57:27:07: f6:4d:44:2c:ac:54:63:c0:4a:5f:bd:e0:5d:d3:04: 05:78:db:7e:3a:e4:96:ec:c0:dc:f6:fe:23:34:37: e5:a5:21:5f:ff:53:82:6b:4a:58:6d:e8:a3:7d:1e: 77:e7:00:d9:b0:30:ac:ae:41:99:a4:c6:0d:99:e6: ba:fb:7a:f8:5a:e0:87:64:14:9a:b5:f3:1c:1f:30: 02:77:04:f4:c9:58:01:cf:48:4a:60:9a:1a:21:82: 17:2f:fd:9d:ae:1c:02:82:3e:b2:e2:40:9f:6e:86: b1:4a:4c:ea:d2:d2:a4:dd:a8:4d:74:eb:35:e7:12: 28:41:8e:cb:83:0c:6c:3c:e0:03:83:49:32:45:c6: b1:61:1c:a4:f0:bb:f9:41:de:e1:20:3c:ae:86:13: df:ff:89:e9:9f:92:ed:ab:7f:a1:f6:20:f3:5e:51: 1a:14:2b:a3:73:93:a6:80:6c:bb:7a:16:0c:85:4e: f9:22:16:e7:e5:9d:5f:e4:d7:71:cd:86:cf:f5:fb: 47:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:05:DA:33:5B:F2:63:4E:D2:22:2B:E2:EE:1B:3A:3A:A3:17:58:ED X509v3 Authority Key Identifier: keyid:0B:48:A8:FB:2E:6B:E7:DF:8F:ED:07:A3:C9:19:B2:3C:A4:0B:DE:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C0io-y5r59-P7QejyRmyPKQL3so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91442B0/66E0CAD656ED11EAA747C237C4F9AE02/C0io-y5r59-P7QejyRmyPKQL3so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:f3:82:14:eb:ae:2c:3f:c4:cd:62:a4:d7:61:70:ef:9b:f0: 8c:d3:ce:30:50:4f:2a:58:ca:71:45:45:50:b8:50:be:55:50: 72:dd:24:8d:e5:cf:55:7b:80:6b:57:7a:71:32:47:24:4b:89: 62:4c:98:d6:f1:9e:d2:01:3a:d3:0f:fa:e7:e4:ee:81:15:1a: fa:7e:71:13:25:d8:32:38:7a:51:67:47:b9:44:f3:06:b1:0b: 4e:58:ae:5c:39:10:6c:f8:1a:f6:4f:7e:aa:28:d9:d9:90:a3: bf:41:4b:2c:f2:90:dd:d6:d5:e1:5a:13:27:1a:07:4d:45:5b: d7:39:a5:29:47:ff:cc:a5:fd:1f:49:87:ea:de:f8:fe:d2:b8: a1:43:7b:52:19:68:4e:a3:1d:48:cf:06:f7:54:72:54:2b:30: 63:79:02:02:e0:20:63:0a:98:91:a3:12:17:32:4d:18:d5:c3: bf:40:fe:98:9f:f9:45:ab:a5:49:0c:d2:92:96:aa:cc:7a:93: 42:ae:e2:d1:7d:7f:9c:ce:6c:ad:d9:c9:04:ff:68:c6:f9:56: 58:61:25:64:7b:1d:bc:a9:ab:93:9a:d2:b0:26:59:c9:e1:7b: f3:aa:1e:ef:4d:c0:41:cd:f8:02:63:30:6d:e1:ad:94:a8:76: 09:ce:90:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCuMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDQyQjAxMTAvBgNVBAUTKDBCNDhBOEZCMkU2QkU3REY4RkVEMDdBM0M5MTlCMjND QTQwQkRFQ0EwHhcNMjUwNzIwMTkzNTU4WhcNMjUwNzI3MTkzNTU4WjAYMRYwFAYD VQQDEw02ODdkNDUxZS0yYzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzG6TS/qrhDZuySIrSb8lOnL+PMfkh+W1giriro63P8+xoJclFhgsTNjMETwM BvX3HvN2xnOCnQhXJwf2TUQsrFRjwEpfveBd0wQFeNt+OuSW7MDc9v4jNDflpSFf /1OCa0pYbeijfR535wDZsDCsrkGZpMYNmea6+3r4WuCHZBSatfMcHzACdwT0yVgB z0hKYJoaIYIXL/2drhwCgj6y4kCfboaxSkzq0tKk3ahNdOs15xIoQY7LgwxsPOAD g0kyRcaxYRyk8Lv5Qd7hIDyuhhPf/4npn5Ltq3+h9iDzXlEaFCujc5OmgGy7ehYM hU75Ihbn5Z1f5NdxzYbP9ftH5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOcF2jNb 8mNO0iIr4u4bOjqjF1jtMB8GA1UdIwQYMBaAFAtIqPsua+ffj+0Ho8kZsjykC97K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDJCMC82NkUwQ0FENjU2 RUQxMUVBQTc0N0MyMzdDNEY5QUUwMi9DMGlvLXk1cjU5LVA3UWVqeVJteVBLUUwz c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MwaW8teTVyNTktUDdRZWp5Um15UEtRTDNzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NDJCMC82NkUwQ0FENjU2RUQxMUVBQTc0N0MyMzdDNEY5QUUwMi9DMGlvLXk1cjU5 LVA3UWVqeVJteVBLUUwzc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCt84IU664sP8TNYqTXYXDvm/CM084wUE8qWMpxRUVQuFC+VVBy3SSN 5c9Ve4BrV3pxMkckS4liTJjW8Z7SATrTD/rn5O6BFRr6fnETJdgyOHpRZ0e5RPMG sQtOWK5cORBs+Br2T36qKNnZkKO/QUss8pDd1tXhWhMnGgdNRVvXOaUpR//Mpf0f SYfq3vj+0rihQ3tSGWhOox1Izwb3VHJUKzBjeQIC4CBjCpiRoxIXMk0Y1cO/QP6Y n/lFq6VJDNKSlqrMepNCruLRfX+czmyt2ckE/2jG+VZYYSVkex28qauTmtKwJlnJ 4Xvzqh7vTcBBzfgCYzBt4a2UqHYJzpDH -----END CERTIFICATE-----Generated at Tue Jul 22 05:10:13 2025 by rpki-client