$ rpki-client -vvf rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft File: 0NDWzWh3DDh4O764QbES0FYBdKI.mft (raw, json) Hash identifier: 9hHTrVsMNLAjMCxTUnw59YQhGexwEvgS6LmcmnZYnKs= Subject key identifier: 21:20:9B:20:AB:D2:19:71:A7:25:EB:2C:63:72:52:71:91:AF:53:3E Authority key identifier: D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2 Certificate issuer: /CN=A91998BE/serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2 Certificate serial: 08A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft Manifest number: 0872 Signing time: Tue 22 Jul 2025 20:56:49 +0000 Manifest this update: Tue 22 Jul 2025 20:56:49 +0000 Manifest next update: Tue 29 Jul 2025 20:56:49 +0000 Files and hashes: 1: 0NDWzWh3DDh4O764QbES0FYBdKI.crl (hash: zrTqmQPy2e9Jzb21X22vW/naQoSoWVFBlulz9uBNvCQ=) 2: 577FD5BE067C11ED882FC127C4F9AE02.roa (hash: FZgwTWzQksQtmk/Nfe/JqxwRHSDF1+BlazvC8MqkPtA=) 3: 4EF79184489411ED86987260C4F9AE02.roa (hash: a8Efs0GAW5Tg39h9an5o87GfSDA70jqZExOy2QFYQOc=) 4: 12FD08CAC88411ECAAB5BD09C4F9AE02.roa (hash: Rk9fezvR7MLf0U22xpSZ4jUyV+Jwv2bIeNDcvnRfGXA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:56:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2212 (0x8a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91998BE, serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2 Validity Not Before: Jul 22 20:56:49 2025 GMT Not After : Jul 29 20:56:49 2025 GMT Subject: CN=687ffb11-be37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cb:b7:19:d5:9c:fe:a1:ac:8c:b8:7b:9e:da: b9:2e:a5:3f:5e:fc:59:cd:f3:70:3c:cc:ce:a7:7e: 1a:5c:91:5c:8d:4a:79:62:ee:b7:90:a2:d2:96:2c: 97:c1:d8:0c:cb:6f:16:97:8e:a2:b5:a9:39:fa:11: bf:1d:a8:5e:f3:54:97:52:60:9e:63:6d:79:df:51: 92:4e:8a:6c:5a:33:a0:3a:67:26:78:39:fb:11:1c: 8f:8f:4c:45:e8:c9:12:bb:0e:57:5b:f7:41:97:ef: b5:9d:ed:82:38:26:d9:71:a6:a3:1a:25:38:1b:0f: 40:42:a8:a0:fa:7e:d1:bc:15:e3:ad:7f:11:65:6c: 3a:59:58:e5:3e:b7:5f:df:99:9e:29:dd:cd:61:6d: 11:8d:44:ed:dd:e7:64:6d:10:ec:3c:0d:0f:7f:1f: 2e:c1:f7:99:35:9f:23:59:af:f0:ac:0b:47:bc:22: 54:f8:02:df:f0:b5:55:aa:3a:e6:83:19:79:18:f6: 18:4b:9c:2f:de:c3:9c:9c:d7:64:2b:c3:b1:db:46: 80:80:41:1d:52:78:7c:7c:68:70:f6:8a:be:0a:72: c5:f6:b2:d7:74:9b:d6:27:4a:e4:39:98:a0:c2:81: 14:13:66:c7:37:88:4d:d3:1d:79:ba:7e:dd:94:88: 2c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:20:9B:20:AB:D2:19:71:A7:25:EB:2C:63:72:52:71:91:AF:53:3E X509v3 Authority Key Identifier: keyid:D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:96:25:20:a9:ae:65:da:c9:c0:03:0a:c9:7e:e5:9a:06:a8: 84:0a:ee:28:00:ab:01:7a:50:12:27:5e:d2:b3:ab:8b:d2:63: c5:b9:a1:3c:f3:c6:72:aa:b6:04:21:44:ec:51:8a:c1:00:27: ac:22:e0:70:b5:ff:45:42:7e:e4:09:d1:cb:f1:41:55:11:c5: 9f:0f:92:b8:61:24:d4:3f:e0:12:09:86:1c:1e:42:2d:d4:4c: 21:55:94:45:4f:ee:50:c1:6e:85:27:ca:ed:28:88:c9:11:d2: c9:da:3f:28:57:9a:84:ad:c4:6a:9f:29:03:2a:29:1d:b6:89: c2:55:d0:41:1c:59:b5:3c:ac:73:61:82:c7:e8:37:e7:37:0d: 7a:5f:63:07:5a:f4:9b:c7:9a:81:f9:28:be:9c:9b:af:49:ac: b1:78:3a:26:45:9b:4c:5b:78:08:5a:3d:bc:80:12:f2:9e:82: b1:ab:78:70:6a:db:37:30:c7:f5:48:5d:93:b6:55:af:75:d2: a8:2c:27:88:28:91:49:19:53:25:f6:2f:2e:63:20:41:79:4f: 63:6d:e1:db:3e:f0:7c:58:4a:f2:b0:ca:39:e2:0e:bd:ae:df: 4d:62:76:a0:67:14:50:ce:99:4a:26:46:d1:54:5f:4a:d0:d1: 7f:69:dd:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk4QkUxMTAvBgNVBAUTKEQwRDBENkNENjg3NzBDMzg3ODNCQkVCODQxQjExMkQw NTYwMTc0QTIwHhcNMjUwNzIyMjA1NjQ5WhcNMjUwNzI5MjA1NjQ5WjAYMRYwFAYD VQQDEw02ODdmZmIxMS1iZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxcu3GdWc/qGsjLh7ntq5LqU/XvxZzfNwPMzOp34aXJFcjUp5Yu63kKLSliyX wdgMy28Wl46itak5+hG/Hahe81SXUmCeY21531GSTopsWjOgOmcmeDn7ERyPj0xF 6MkSuw5XW/dBl++1ne2COCbZcaajGiU4Gw9AQqig+n7RvBXjrX8RZWw6WVjlPrdf 35meKd3NYW0RjUTt3edkbRDsPA0Pfx8uwfeZNZ8jWa/wrAtHvCJU+ALf8LVVqjrm gxl5GPYYS5wv3sOcnNdkK8Ox20aAgEEdUnh8fGhw9oq+CnLF9rLXdJvWJ0rkOZig woEUE2bHN4hN0x15un7dlIgsZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCEgmyCr 0hlxpyXrLGNyUnGRr1M+MB8GA1UdIwQYMBaAFNDQ1s1odww4eDu+uEGxEtBWAXSi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OThCRS8xNTBFNTdDNkNG NDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0REaDRPNzY0UWJFUzBGWUJk S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBORFd6V2gzRERoNE83NjRRYkVTMEZZQmRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OThCRS8xNTBFNTdDNkNGNDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0RE aDRPNzY0UWJFUzBGWUJkS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEliUgqa5l2snAAwrJfuWaBqiECu4oAKsBelASJ17Ss6uL0mPFuaE8 88ZyqrYEIUTsUYrBACesIuBwtf9FQn7kCdHL8UFVEcWfD5K4YSTUP+ASCYYcHkIt 1EwhVZRFT+5QwW6FJ8rtKIjJEdLJ2j8oV5qErcRqnykDKikdtonCVdBBHFm1PKxz YYLH6DfnNw16X2MHWvSbx5qB+Si+nJuvSayxeDomRZtMW3gIWj28gBLynoKxq3hw ats3MMf1SF2TtlWvddKoLCeIKJFJGVMl9i8uYyBBeU9jbeHbPvB8WErysMo54g69 rt9NYnagZxRQzplKJkbRVF9K0NF/ad2Y -----END CERTIFICATE-----Generated at Thu Jul 24 12:15:33 2025 by rpki-client