$ rpki-client -vvf rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft File: D0a9vHSQTl34KfAVlbUcqqIBuds.mft (raw, json) Hash identifier: KZ/W/hvorDpo+Apb7KwDxI8wmsGsZ25l5onbrjdNYeU= Subject key identifier: 1A:EA:13:1C:2F:A7:D0:9E:17:CD:26:E1:FD:7B:70:2E:B3:17:67:C0 Authority key identifier: 0F:46:BD:BC:74:90:4E:5D:F8:29:F0:15:95:B5:1C:AA:A2:01:B9:DB Certificate issuer: /CN=A91449E2/serialNumber=0F46BDBC74904E5DF829F01595B51CAAA201B9DB Certificate serial: 019E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft Manifest number: 019B Signing time: Sat 19 Jul 2025 03:33:40 +0000 Manifest this update: Sat 19 Jul 2025 03:33:39 +0000 Manifest next update: Sat 26 Jul 2025 03:33:39 +0000 Files and hashes: 1: D0a9vHSQTl34KfAVlbUcqqIBuds.crl (hash: HAb3FppMIFOd2i3gCXzLRSFPAbuJ31Lqq7d2TmkGmf4=) 2: 568D8AACF00511ED9239BC6EC4F9AE02.roa (hash: INPCDc0DcqgC408Ka6XEyt5LGDqlBDYRzaUMMyrzKIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.crl rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 03:33:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 414 (0x19e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91449E2, serialNumber=0F46BDBC74904E5DF829F01595B51CAAA201B9DB Validity Not Before: Jul 19 03:33:39 2025 GMT Not After : Jul 26 03:33:39 2025 GMT Subject: CN=687b1213-53c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:25:53:76:b5:de:fc:79:62:14:6b:de:d2:55: ca:00:7f:d0:2d:57:bf:03:8e:b4:80:87:2d:8c:eb: 80:ba:9a:22:37:fe:f3:f1:52:06:02:47:ec:85:c1: 41:35:5e:14:6b:25:5b:18:4e:c1:ce:73:84:02:8d: 7f:92:06:5a:c8:df:5d:da:91:90:62:29:2c:8c:01: 88:a5:72:68:f0:f9:64:38:e0:fa:dd:2b:d8:65:28: 7a:3d:75:a1:a9:1e:13:cb:e3:00:b6:d6:01:7e:b0: f7:5d:84:be:f8:fe:55:38:d4:22:6e:c0:95:55:7f: 97:48:9f:53:83:7d:eb:2e:75:6a:47:ac:6d:ab:0e: 6f:68:07:07:ee:b2:21:43:37:9e:c0:1e:6f:30:dd: d9:79:d2:ef:99:30:84:b1:cf:5e:1c:7d:eb:50:72: 8a:3c:38:49:28:e0:6e:40:9d:ca:45:1e:6f:cf:2a: 65:8a:0a:e6:6f:f9:83:df:82:28:f1:ab:43:bf:07: dc:ba:4c:93:68:cb:fb:bf:7e:d2:a9:06:6b:df:04: aa:a7:9f:57:7b:89:48:8b:a2:05:78:d1:c5:6d:a7: 0c:c3:e1:bb:cc:c2:11:57:c9:71:f4:1a:05:0f:13: dd:51:f4:be:d7:dd:68:82:44:2f:5e:ff:ed:e0:05: 70:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:EA:13:1C:2F:A7:D0:9E:17:CD:26:E1:FD:7B:70:2E:B3:17:67:C0 X509v3 Authority Key Identifier: keyid:0F:46:BD:BC:74:90:4E:5D:F8:29:F0:15:95:B5:1C:AA:A2:01:B9:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:e1:a5:b4:ba:f1:6f:31:ea:2f:02:6c:75:54:8a:5a:9a:64: 72:8f:00:00:2b:56:78:f6:be:e5:3b:98:7c:d0:2b:a2:14:90: 06:fd:2a:bf:b9:8f:26:8f:84:43:bb:f4:66:6f:64:9c:ef:39: f3:77:aa:a2:f7:80:08:2c:72:d8:8a:32:27:bc:65:68:7e:ad: 62:c9:ab:a9:5d:36:41:1f:43:77:d0:25:0e:71:02:22:1b:36: 84:d5:c5:c3:1a:4e:79:4c:fd:16:e3:01:bf:89:e5:20:c1:c9: 8d:c5:93:5e:a2:18:53:e4:d3:31:6e:40:f0:79:bb:62:10:95: 91:c4:4a:91:f6:3f:6a:f5:d7:8b:65:db:0f:4d:fa:8b:3f:37: 24:ff:fe:f6:1b:b7:7a:00:48:69:6c:ad:1b:b9:b6:2a:e1:b7: 31:7e:06:39:b4:cc:6c:d3:0c:90:6d:3f:fa:0a:9a:25:a2:87: ec:c6:ad:90:f8:e2:b7:05:72:94:64:25:21:33:fa:2b:39:58: fe:00:10:0e:4f:bf:59:69:99:b6:86:34:a2:99:bf:a7:e2:0c: 86:08:3a:fb:65:a9:00:28:93:cd:c3:13:b7:f4:4d:c8:f7:f8: 1b:89:2b:dc:b9:46:fa:76:e5:dd:fd:db:ba:b7:39:ab:81:b5: e5:1a:52:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDQ5RTIxMTAvBgNVBAUTKDBGNDZCREJDNzQ5MDRFNURGODI5RjAxNTk1QjUxQ0FB QTIwMUI5REIwHhcNMjUwNzE5MDMzMzM5WhcNMjUwNzI2MDMzMzM5WjAYMRYwFAYD VQQDEw02ODdiMTIxMy01M2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwyVTdrXe/HliFGve0lXKAH/QLVe/A460gIctjOuAupoiN/7z8VIGAkfshcFB NV4UayVbGE7BznOEAo1/kgZayN9d2pGQYiksjAGIpXJo8PlkOOD63SvYZSh6PXWh qR4Ty+MAttYBfrD3XYS++P5VONQibsCVVX+XSJ9Tg33rLnVqR6xtqw5vaAcH7rIh QzeewB5vMN3ZedLvmTCEsc9eHH3rUHKKPDhJKOBuQJ3KRR5vzypligrmb/mD34Io 8atDvwfcukyTaMv7v37SqQZr3wSqp59Xe4lIi6IFeNHFbacMw+G7zMIRV8lx9BoF DxPdUfS+191ogkQvXv/t4AVwzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBrqExwv p9CeF80m4f17cC6zF2fAMB8GA1UdIwQYMBaAFA9Gvbx0kE5d+CnwFZW1HKqiAbnb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDlFMi9CNjQ0MzM4NEVG RkYxMUVEODU1NkVFNTRDNEY5QUUwMi9EMGE5dkhTUVRsMzRLZkFWbGJVY3FxSUJ1 ZHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QwYTl2SFNRVGwzNEtmQVZsYlVjcXFJQnVkcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NDlFMi9CNjQ0MzM4NEVGRkYxMUVEODU1NkVFNTRDNEY5QUUwMi9EMGE5dkhTUVRs MzRLZkFWbGJVY3FxSUJ1ZHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAs4aW0uvFvMeovAmx1VIpammRyjwAAK1Z49r7lO5h80CuiFJAG/Sq/ uY8mj4RDu/Rmb2Sc7znzd6qi94AILHLYijInvGVofq1iyaupXTZBH0N30CUOcQIi GzaE1cXDGk55TP0W4wG/ieUgwcmNxZNeohhT5NMxbkDwebtiEJWRxEqR9j9q9deL ZdsPTfqLPzck//72G7d6AEhpbK0bubYq4bcxfgY5tMxs0wyQbT/6Cpoloofsxq2Q +OK3BXKUZCUhM/orOVj+ABAOT79ZaZm2hjSimb+n4gyGCDr7ZakAKJPNwxO39E3I 9/gbiSvcuUb6duXd/du6tzmrgbXlGlKo -----END CERTIFICATE-----Generated at Sun Jul 20 07:37:23 2025 by rpki-client