$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft File: iOe1QfQimNbptRZdllJGzBzB9aI.mft (raw, json) Hash identifier: sVm2TW/rmX+peBT4pfXudyMeMHD5qBQNxQPmYMjC1Sw= Subject key identifier: 3C:3C:E5:A0:41:82:4A:99:91:2C:35:4C:42:CE:19:D7:19:0F:63:80 Authority key identifier: 88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 Certificate issuer: /CN=A91A9D0F/serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Certificate serial: 0F7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft Manifest number: 0F3F Signing time: Fri 18 Jul 2025 17:48:05 +0000 Manifest this update: Fri 18 Jul 2025 17:48:05 +0000 Manifest next update: Fri 25 Jul 2025 17:48:05 +0000 Files and hashes: 1: iOe1QfQimNbptRZdllJGzBzB9aI.crl (hash: iMsSytuDkNG2dETwGVyrVbBTgBMLTSd/DjfaWlma3ps=) 2: 13C1EDA8767911EE9A957930C4F9AE02.roa (hash: rMgdKojSnMQn5zP9ArOeE344pCaixcohoQsewhOoy54=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 17:48:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9D0F, serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Validity Not Before: Jul 18 17:48:05 2025 GMT Not After : Jul 25 17:48:05 2025 GMT Subject: CN=687a88d5-eb71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ee:9a:bb:04:8d:e3:52:7e:11:a1:79:ee:b9: 41:f1:2d:ee:bf:97:42:dc:d1:43:b8:86:75:12:0d: 02:6b:fe:33:74:7e:9f:e6:fa:18:22:29:59:bd:dc: 2a:ad:49:c7:08:41:93:54:9a:90:31:ba:3a:b6:82: ca:20:87:04:37:47:f3:96:c5:35:62:3b:43:1c:05: c9:0a:a0:42:1a:98:b9:12:d2:c7:f9:1b:89:e1:8a: 2e:3a:6d:54:f6:3f:f1:90:79:b8:cc:9d:f8:35:19: 3a:7e:33:ba:27:88:43:8e:75:bf:ea:03:6d:18:ee: 16:e3:b4:1b:8c:91:17:22:04:0f:30:dc:fb:f8:c5: 2e:91:58:26:81:3e:93:f5:39:9f:7e:fb:f9:6b:15: 87:84:66:51:4f:5c:b8:65:1c:40:26:e5:28:72:06: 64:f3:0d:05:70:66:ba:13:a8:34:6a:8e:0e:0f:79: ff:57:61:02:bc:74:ef:71:4d:19:9c:6e:1a:ab:89: da:34:79:1c:73:e3:ba:20:85:18:18:69:3f:3e:16: aa:c7:bf:72:ff:e2:19:ca:eb:51:88:04:9f:fa:79: 15:e7:13:9b:4f:be:9e:00:7c:72:96:ab:83:4e:b2: e3:b0:dd:ca:ca:8c:de:70:e5:02:79:c2:45:9e:8b: 94:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:3C:E5:A0:41:82:4A:99:91:2C:35:4C:42:CE:19:D7:19:0F:63:80 X509v3 Authority Key Identifier: keyid:88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:f9:98:c0:71:4d:7a:b9:e8:3b:ea:38:ab:c5:f3:6f:de:38: 3f:59:33:fa:8f:bc:c9:fa:c6:58:6b:29:6c:5d:7c:3e:e0:91: ec:e0:a3:7e:7d:2d:61:9b:9e:af:56:91:67:01:99:eb:54:3a: e8:ee:42:76:d4:2b:29:fd:f7:44:8a:95:be:85:5e:ac:68:93: bb:ca:4a:a6:42:78:2f:d7:d3:3c:80:d9:3e:c0:fa:4f:af:e4: a1:2a:75:32:cc:a4:05:d2:cd:b7:aa:ba:96:8a:9c:e6:4c:69: b7:81:65:d6:c0:f2:53:1e:67:4a:6a:6b:9a:2e:6f:d8:25:89: ae:b9:74:51:ea:b0:0b:dd:46:39:d1:9f:5e:d3:87:79:23:4b: e9:85:9c:df:d9:e2:4b:b1:61:ef:64:fc:46:51:74:72:69:d5: 2c:85:89:fb:43:fc:fb:b2:10:ef:e4:d8:d6:b7:89:8f:e6:af: 7e:d2:07:3a:d6:1f:ed:15:e0:a4:f9:54:c8:84:da:50:b0:a5: a4:5a:bc:94:6a:2c:50:a3:43:e4:44:a7:7b:4b:32:36:84:bb: 5f:a6:1b:31:00:d3:7b:59:7c:5e:b8:94:8a:b2:88:2e:4c:6d: 5d:1b:08:d6:3c:80:62:76:0d:69:70:9d:bc:31:47:d8:5d:61: f3:53:f5:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlEMEYxMTAvBgNVBAUTKDg4RTdCNTQxRjQyMjk4RDZFOUI1MTY1RDk2NTI0NkND MUNDMUY1QTIwHhcNMjUwNzE4MTc0ODA1WhcNMjUwNzI1MTc0ODA1WjAYMRYwFAYD VQQDEw02ODdhODhkNS1lYjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5O6auwSN41J+EaF57rlB8S3uv5dC3NFDuIZ1Eg0Ca/4zdH6f5voYIilZvdwq rUnHCEGTVJqQMbo6toLKIIcEN0fzlsU1YjtDHAXJCqBCGpi5EtLH+RuJ4YouOm1U 9j/xkHm4zJ34NRk6fjO6J4hDjnW/6gNtGO4W47QbjJEXIgQPMNz7+MUukVgmgT6T 9Tmffvv5axWHhGZRT1y4ZRxAJuUocgZk8w0FcGa6E6g0ao4OD3n/V2ECvHTvcU0Z nG4aq4naNHkcc+O6IIUYGGk/Phaqx79y/+IZyutRiASf+nkV5xObT76eAHxylquD TrLjsN3KyozecOUCecJFnouUGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDw85aBB gkqZkSw1TELOGdcZD2OAMB8GA1UdIwQYMBaAFIjntUH0IpjW6bUWXZZSRswcwfWi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUQwRi83NEJFMzhENjgw Q0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1OYnB0UlpkbGxKR3pCekI5 YUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lPZTFRZlFpbU5icHRSWmRsbEpHekJ6QjlhSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUQwRi83NEJFMzhENjgwQ0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1O YnB0UlpkbGxKR3pCekI5YUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCx+ZjAcU16ueg76jirxfNv3jg/WTP6j7zJ+sZYaylsXXw+4JHs4KN+ fS1hm56vVpFnAZnrVDro7kJ21Csp/fdEipW+hV6saJO7ykqmQngv19M8gNk+wPpP r+ShKnUyzKQF0s23qrqWipzmTGm3gWXWwPJTHmdKamuaLm/YJYmuuXRR6rAL3UY5 0Z9e04d5I0vphZzf2eJLsWHvZPxGUXRyadUshYn7Q/z7shDv5NjWt4mP5q9+0gc6 1h/tFeCk+VTIhNpQsKWkWryUaixQo0PkRKd7SzI2hLtfphsxANN7WXxeuJSKsogu TG1dGwjWPIBidg1pcJ28MUfYXWHzU/U4 -----END CERTIFICATE-----Generated at Sun Jul 20 07:41:44 2025 by rpki-client