$ rpki-client -vvf rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.mft File: Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.mft (raw, json) Hash identifier: QHi6m1ee0KLmnJD1gaRJ+cck20I96K3YFir2mBzWYSQ= Subject key identifier: 6B:A6:0D:30:D7:04:B9:98:CB:60:FF:0B:13:83:A8:17:F5:D1:98:7D Authority key identifier: 33:3E:C5:03:01:4D:06:74:AF:16:74:19:94:10:F9:B0:91:B8:FB:94 Certificate issuer: /CN=A9171A59/serialNumber=333EC503014D0674AF1674199410F9B091B8FB94 Certificate serial: 04CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.mft Manifest number: 04C5 Signing time: Sat 19 Jul 2025 00:14:01 +0000 Manifest this update: Sat 19 Jul 2025 00:14:00 +0000 Manifest next update: Sat 26 Jul 2025 00:14:00 +0000 Files and hashes: 1: Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.crl (hash: ZDybtdmav26YRK5uvNj/rZYpGwLmvOvU4r60+9OfQFA=) 2: ABD9CB4630C711ECA2491515C4F9AE02.roa (hash: CoT7676o1FhYn/hTok256b21HFRTMynmtKsMLIXyZyA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.crl rsync://rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1226 (0x4ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171A59, serialNumber=333EC503014D0674AF1674199410F9B091B8FB94 Validity Not Before: Jul 19 00:14:00 2025 GMT Not After : Jul 26 00:14:00 2025 GMT Subject: CN=687ae348-6b28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cc:a7:53:76:28:65:c2:34:da:d6:ab:44:72: 22:e8:e6:08:93:de:bc:a5:a5:de:94:34:3e:67:a9: 41:d1:a1:bf:7b:c6:e5:f9:a9:63:e1:91:a1:d5:aa: 9b:67:3c:4d:a7:55:d7:ec:f6:4a:f8:67:d2:c9:58: 6d:41:05:2b:a5:0c:2d:6c:c9:4a:ff:33:67:14:f5: ff:cf:b1:54:89:fe:83:05:f6:07:17:50:3e:e1:10: 51:54:11:86:03:52:8d:32:0c:bf:f2:15:9f:42:8c: 0f:eb:cf:13:17:65:29:2d:2d:df:4a:c8:55:c0:ed: 4f:60:b6:5c:80:25:6a:35:21:5a:e1:03:7e:ef:7a: 61:42:3f:17:e5:f1:6a:f4:bd:ae:aa:9f:6f:0a:2b: eb:3c:ee:88:f0:65:80:f6:a6:ea:e9:44:bc:23:f1: 52:31:74:f8:9d:de:d4:39:75:53:19:f6:bd:6a:ad: 15:55:3a:5e:cb:39:b6:be:86:c6:43:ae:f3:cb:ee: 28:77:09:35:6c:30:43:74:ea:31:c2:36:65:14:9f: ff:da:cc:5b:9b:e7:d7:f5:eb:e5:37:25:33:45:f7: 81:c9:c8:d2:9d:fa:42:4f:59:d6:da:26:01:40:be: 26:95:ce:24:62:dd:4d:ad:82:32:52:11:b9:49:37: b8:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:A6:0D:30:D7:04:B9:98:CB:60:FF:0B:13:83:A8:17:F5:D1:98:7D X509v3 Authority Key Identifier: keyid:33:3E:C5:03:01:4D:06:74:AF:16:74:19:94:10:F9:B0:91:B8:FB:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171A59/8AB933EA30C511EC8A67AA7CC4F9AE02/Mz7FAwFNBnSvFnQZlBD5sJG4-5Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:ec:88:42:69:2f:7f:56:6e:df:0a:3d:91:0c:ae:5e:2b:83: 33:78:40:b0:33:2a:35:5a:6e:df:88:f8:62:0e:4e:8a:51:e9: 63:c2:8e:a6:83:40:05:8a:f0:46:fb:3f:d2:bf:c8:08:ea:b5: bb:05:4d:2b:6c:ee:51:78:73:04:fd:23:bf:c0:8e:71:18:73: e6:2b:8b:c7:33:48:09:14:16:72:aa:6b:32:5d:42:10:1f:bd: cc:43:a9:6c:8d:27:3d:e7:08:5a:87:1a:3f:ce:72:27:a6:2b: f3:8e:c2:3f:6b:41:da:86:1a:de:cc:22:8a:82:eb:74:3f:b4: 7d:be:93:53:53:21:08:dc:4d:13:c3:05:be:17:37:d4:4a:7b: 4e:41:1d:fe:b7:00:e1:a7:d1:31:64:07:9d:33:a7:53:f7:5f: 63:29:6a:8c:44:1c:8f:3f:71:58:4d:57:0a:4e:63:94:14:09: 4a:54:6b:f5:ba:76:4a:e5:fc:3f:16:92:5a:f3:1e:cc:8c:54: 69:24:66:af:94:c7:40:37:cd:91:92:b1:40:e8:af:b7:96:52: 9c:4c:7e:fb:a9:92:0f:d6:e1:d1:82:a9:02:83:28:66:ff:25: 6d:b9:f8:66:b4:7c:94:60:4c:c3:f9:37:f8:48:e1:4f:dd:68: 4e:0f:7b:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBNTkxMTAvBgNVBAUTKDMzM0VDNTAzMDE0RDA2NzRBRjE2NzQxOTk0MTBGOUIw OTFCOEZCOTQwHhcNMjUwNzE5MDAxNDAwWhcNMjUwNzI2MDAxNDAwWjAYMRYwFAYD VQQDEw02ODdhZTM0OC02YjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy8ynU3YoZcI02tarRHIi6OYIk968paXelDQ+Z6lB0aG/e8bl+alj4ZGh1aqb ZzxNp1XX7PZK+GfSyVhtQQUrpQwtbMlK/zNnFPX/z7FUif6DBfYHF1A+4RBRVBGG A1KNMgy/8hWfQowP688TF2UpLS3fSshVwO1PYLZcgCVqNSFa4QN+73phQj8X5fFq 9L2uqp9vCivrPO6I8GWA9qbq6US8I/FSMXT4nd7UOXVTGfa9aq0VVTpeyzm2vobG Q67zy+4odwk1bDBDdOoxwjZlFJ//2sxbm+fX9evlNyUzRfeBycjSnfpCT1nW2iYB QL4mlc4kYt1NrYIyUhG5STe4GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGumDTDX BLmYy2D/CxODqBf10Zh9MB8GA1UdIwQYMBaAFDM+xQMBTQZ0rxZ0GZQQ+bCRuPuU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUE1OS84QUI5MzNFQTMw QzUxMUVDOEE2N0FBN0NDNEY5QUUwMi9NejdGQXdGTkJuU3ZGblFabEJENXNKRzQt NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL016N0ZBd0ZOQm5TdkZuUVpsQkQ1c0pHNC01US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUE1OS84QUI5MzNFQTMwQzUxMUVDOEE2N0FBN0NDNEY5QUUwMi9NejdGQXdGTkJu U3ZGblFabEJENXNKRzQtNVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAE7IhCaS9/Vm7fCj2RDK5eK4MzeECwMyo1Wm7fiPhiDk6KUeljwo6m g0AFivBG+z/Sv8gI6rW7BU0rbO5ReHME/SO/wI5xGHPmK4vHM0gJFBZyqmsyXUIQ H73MQ6lsjSc95whahxo/znInpivzjsI/a0HahhrezCKKgut0P7R9vpNTUyEI3E0T wwW+FzfUSntOQR3+twDhp9ExZAedM6dT919jKWqMRByPP3FYTVcKTmOUFAlKVGv1 unZK5fw/FpJa8x7MjFRpJGavlMdAN82RkrFA6K+3llKcTH77qZIP1uHRgqkCgyhm /yVtufhmtHyUYEzD+Tf4SOFP3WhOD3tH -----END CERTIFICATE-----Generated at Sun Jul 20 12:15:49 2025 by rpki-client