$ rpki-client -vvf rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft File: J3d5rGk2otMhSl8XQCE_25JWxqM.mft (raw, json) Hash identifier: emwIdXzZPGFS5JhLePnIgMogq93iguff1wIRhyKv4ZU= Subject key identifier: 58:F2:57:9A:59:0F:41:0C:8F:DC:C8:B9:76:C1:77:32:A8:1F:48:79 Authority key identifier: 27:77:79:AC:69:36:A2:D3:21:4A:5F:17:40:21:3F:DB:92:56:C6:A3 Certificate issuer: /CN=A91770B7/serialNumber=277779AC6936A2D3214A5F1740213FDB9256C6A3 Certificate serial: 029E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft Manifest number: 0299 Signing time: Mon 21 Jul 2025 01:52:45 +0000 Manifest this update: Mon 21 Jul 2025 01:52:44 +0000 Manifest next update: Mon 28 Jul 2025 01:52:44 +0000 Files and hashes: 1: J3d5rGk2otMhSl8XQCE_25JWxqM.crl (hash: +DBcFlIeugYPL3rFbGsWIk32RxVBLt0CZh86RJpOj6w=) 2: 2841A0CE0BE111ED9E3AA135C4F9AE02.roa (hash: hJkxXQfC6FPhKQvUl8F7nqWwJZPrWQsil7QshGWSWw0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.crl rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:52:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 670 (0x29e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91770B7, serialNumber=277779AC6936A2D3214A5F1740213FDB9256C6A3 Validity Not Before: Jul 21 01:52:44 2025 GMT Not After : Jul 28 01:52:44 2025 GMT Subject: CN=687d9d6c-846b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d3:4d:61:c3:52:bf:29:bb:a6:53:dd:92:6b: 4e:a1:93:c7:28:8b:2f:cd:c5:d0:10:6e:0a:a6:ba: 47:f2:0a:ca:c4:d7:f7:f0:67:49:d1:73:76:fc:a5: d2:06:20:9b:b9:cf:41:aa:8a:c8:de:ba:48:7e:20: 7d:d0:6e:21:d2:73:3e:57:c8:0e:79:aa:91:26:78: a9:20:d5:69:86:00:13:10:43:36:90:d1:f5:c0:37: b4:17:97:29:74:81:53:95:db:9c:51:45:09:ef:c9: 48:5d:52:67:5b:7d:d4:51:87:a8:09:45:24:31:44: 29:e8:11:e1:af:3b:8c:5c:42:8a:e7:e6:0d:ff:5e: 93:9d:b4:17:e9:f3:4f:fb:5c:ed:64:b9:d3:63:9b: 32:16:f9:da:68:2d:ad:05:a6:05:68:3e:d7:12:1c: 11:b5:bd:aa:88:4d:ca:50:4c:5d:f2:a9:a6:3d:c9: a5:03:97:a9:e3:ba:33:ab:64:ec:79:8d:2e:d7:a2: ca:84:44:b4:10:81:49:41:38:ed:42:c2:7e:80:64: 44:72:34:2e:24:06:21:b3:f1:21:57:8e:36:39:04: d0:23:18:03:98:3f:c7:af:00:92:4f:b5:b0:57:bf: 79:91:cc:7c:cc:f2:c7:68:4e:d0:c3:cb:ab:a9:49: 04:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F2:57:9A:59:0F:41:0C:8F:DC:C8:B9:76:C1:77:32:A8:1F:48:79 X509v3 Authority Key Identifier: keyid:27:77:79:AC:69:36:A2:D3:21:4A:5F:17:40:21:3F:DB:92:56:C6:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:93:c0:b8:c4:d4:75:d4:32:c6:6b:7a:7b:d7:13:45:02:2e: dc:10:ef:c7:4e:09:56:d2:a8:94:e1:e5:a4:f6:e5:58:2a:62: 73:de:d3:b9:40:3c:24:77:73:4f:03:7f:4b:0d:70:ea:f1:b6: 5f:e3:e1:6e:c1:94:4f:f4:13:05:d9:2d:45:fa:3d:68:3b:f2: 13:a4:8c:9a:b9:c9:4d:da:f5:d8:2d:4d:59:ee:ee:87:0d:15: 8a:88:c2:25:1b:3a:f4:0c:b4:a9:67:19:44:e8:89:44:52:23: ea:08:21:f7:80:34:6a:52:6a:63:9e:03:9f:b2:e5:65:f7:64: 70:c7:e9:f3:b8:33:db:62:b5:c3:25:93:8e:ea:d8:e8:c7:0b: 4e:ac:bc:4c:d7:6b:87:65:e8:97:77:47:8d:68:c7:94:29:ff: 88:72:0c:df:90:48:ad:fb:00:d7:d3:12:73:41:86:c3:b7:0e: ee:fe:0f:70:8a:83:e6:0d:46:f8:c6:92:01:91:07:44:88:a2: c3:84:60:ea:9b:b1:72:2e:63:5d:5d:0b:ce:31:b1:dd:5a:c2: 07:e8:cd:e4:80:fe:11:35:69:d5:f3:7f:c7:16:39:18:1d:51: 30:da:93:2e:c2:f9:d3:ea:43:f4:ab:ea:41:be:24:27:4d:69: 0f:42:36:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcwQjcxMTAvBgNVBAUTKDI3Nzc3OUFDNjkzNkEyRDMyMTRBNUYxNzQwMjEzRkRC OTI1NkM2QTMwHhcNMjUwNzIxMDE1MjQ0WhcNMjUwNzI4MDE1MjQ0WjAYMRYwFAYD VQQDEw02ODdkOWQ2Yy04NDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqNNNYcNSvym7plPdkmtOoZPHKIsvzcXQEG4KprpH8grKxNf38GdJ0XN2/KXS BiCbuc9BqorI3rpIfiB90G4h0nM+V8gOeaqRJnipINVphgATEEM2kNH1wDe0F5cp dIFTlducUUUJ78lIXVJnW33UUYeoCUUkMUQp6BHhrzuMXEKK5+YN/16TnbQX6fNP +1ztZLnTY5syFvnaaC2tBaYFaD7XEhwRtb2qiE3KUExd8qmmPcmlA5ep47ozq2Ts eY0u16LKhES0EIFJQTjtQsJ+gGREcjQuJAYhs/EhV442OQTQIxgDmD/HrwCST7Ww V795kcx8zPLHaE7Qw8urqUkE9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFjyV5pZ D0EMj9zIuXbBdzKoH0h5MB8GA1UdIwQYMBaAFCd3eaxpNqLTIUpfF0AhP9uSVsaj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzBCNy9BNTI2NEVFMDBC REQxMUVEOUFCOUVDMkJDNEY5QUUwMi9KM2Q1ckdrMm90TWhTbDhYUUNFXzI1Sld4 cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ozZDVyR2syb3RNaFNsOFhRQ0VfMjVKV3hxTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzBCNy9BNTI2NEVFMDBCREQxMUVEOUFCOUVDMkJDNEY5QUUwMi9KM2Q1ckdrMm90 TWhTbDhYUUNFXzI1Sld4cU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdk8C4xNR11DLGa3p71xNFAi7cEO/HTglW0qiU4eWk9uVYKmJz3tO5 QDwkd3NPA39LDXDq8bZf4+FuwZRP9BMF2S1F+j1oO/ITpIyauclN2vXYLU1Z7u6H DRWKiMIlGzr0DLSpZxlE6IlEUiPqCCH3gDRqUmpjngOfsuVl92Rwx+nzuDPbYrXD JZOO6tjoxwtOrLxM12uHZeiXd0eNaMeUKf+IcgzfkEit+wDX0xJzQYbDtw7u/g9w ioPmDUb4xpIBkQdEiKLDhGDqm7FyLmNdXQvOMbHdWsIH6M3kgP4RNWnV83/HFjkY HVEw2pMuwvnT6kP0q+pBviQnTWkPQjYk -----END CERTIFICATE-----Generated at Mon Jul 21 07:09:55 2025 by rpki-client