$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: KSEXMrbqwT6SfqYcsjmfisPtnS+9FLIvtQkdq6JFsz0= Subject key identifier: 97:37:B1:9D:5B:22:F9:73:62:13:B7:44:99:26:EA:D7:BB:64:3D:3E Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 34B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 34A7 Signing time: Fri 18 Jul 2025 15:10:15 +0000 Manifest this update: Fri 18 Jul 2025 15:10:15 +0000 Manifest next update: Fri 25 Jul 2025 15:10:15 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: DOPXQdfbUl8gvwuw4IwOKn5AJhImVNb7TzDgRdCwuXY=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 15:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13490 (0x34b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Jul 18 15:10:15 2025 GMT Not After : Jul 25 15:10:15 2025 GMT Subject: CN=687a63d7-d9cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d8:1d:fb:65:a2:ea:9f:31:6e:b7:3f:71:db: a8:a5:8d:f5:6e:ca:f3:22:49:b1:a8:21:b1:9c:fd: 67:58:81:4b:c1:f8:1c:3e:69:d9:6c:de:5d:34:21: bf:e3:2f:68:f8:59:9d:2c:4c:34:9d:ae:74:c9:14: 49:05:86:89:11:da:49:7a:02:3a:ad:bb:16:8e:82: b7:8c:92:e5:ad:44:0c:43:bf:28:60:65:87:05:64: 31:33:cd:59:8d:0e:01:3e:03:95:40:57:27:a6:eb: dc:7f:c2:75:9f:52:2b:59:da:da:bd:19:a5:e3:96: c9:aa:ae:03:ba:0d:03:2c:82:d0:eb:19:73:53:07: 4b:d7:94:1c:45:71:23:7b:71:f7:2c:41:91:81:13: 49:ba:66:71:dd:02:94:62:3a:fb:72:01:ae:6d:f0: f3:63:ac:20:cc:91:9a:ee:d2:24:02:81:53:e4:79: fe:a4:36:b7:ae:ef:bb:17:39:a5:a3:4c:65:fb:37: cf:9c:82:6c:bd:e5:e2:63:c4:7f:d1:91:af:9e:16: 09:4e:f3:90:dd:d2:10:60:b2:6f:ca:0e:91:24:81: 01:27:9b:d7:fd:b5:92:76:5e:dc:11:1c:c7:a6:e7: 8e:5e:fa:d4:b5:fd:9d:ff:7c:cb:70:dd:e3:78:59: f7:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:37:B1:9D:5B:22:F9:73:62:13:B7:44:99:26:EA:D7:BB:64:3D:3E X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:4d:62:99:1c:24:4b:13:98:d8:27:05:d6:32:e6:05:f0:2a: 9e:13:0e:e4:cc:4e:3d:0b:c9:e6:26:c4:d5:2f:6a:b3:67:a3: 4c:6c:97:44:bb:b6:b0:8f:fb:63:44:69:2c:46:7d:83:77:ee: 7f:d2:cd:c1:b8:17:c6:59:8c:9c:5a:88:bb:63:35:b1:b5:40: 45:3f:63:9d:e2:b9:aa:23:9e:bc:eb:62:59:6d:71:a5:b9:11: 1f:ff:1b:fb:3d:15:90:7a:2c:54:f3:c5:7a:7e:05:a2:1a:a8: 6a:c7:79:05:b2:a3:e2:44:1e:22:26:8b:bc:a3:1b:fc:fb:35: 0f:bd:b5:40:7d:6e:39:75:7a:e7:94:ca:d3:32:7a:eb:fc:8e: 35:39:91:74:71:2c:e9:97:15:8d:84:8a:8c:f5:4f:41:19:85: 38:92:f3:9e:3a:b8:77:df:fb:3b:e0:f2:ad:f0:2c:43:e8:bd: 00:2f:78:02:8f:ce:de:d4:52:0e:ca:20:0f:92:0e:71:a7:e5: 10:6f:64:6e:02:b3:52:06:0e:ed:73:32:d7:54:88:b0:73:d7: cd:cb:c8:83:5d:02:4b:6e:aa:bd:46:d4:a7:91:4d:f3:ff:cd: e0:58:fb:7c:06:29:99:91:15:15:c4:3a:b4:27:80:1c:4e:7f: d8:0c:c2:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwNzE4MTUxMDE1WhcNMjUwNzI1MTUxMDE1WjAYMRYwFAYD VQQDEw02ODdhNjNkNy1kOWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz9gd+2Wi6p8xbrc/cduopY31bsrzIkmxqCGxnP1nWIFLwfgcPmnZbN5dNCG/ 4y9o+FmdLEw0na50yRRJBYaJEdpJegI6rbsWjoK3jJLlrUQMQ78oYGWHBWQxM81Z jQ4BPgOVQFcnpuvcf8J1n1IrWdravRml45bJqq4Dug0DLILQ6xlzUwdL15QcRXEj e3H3LEGRgRNJumZx3QKUYjr7cgGubfDzY6wgzJGa7tIkAoFT5Hn+pDa3ru+7Fzml o0xl+zfPnIJsveXiY8R/0ZGvnhYJTvOQ3dIQYLJvyg6RJIEBJ5vX/bWSdl7cERzH pueOXvrUtf2d/3zLcN3jeFn3MQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJc3sZ1b IvlzYhO3RJkm6te7ZD0+MB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByTWKZHCRLE5jYJwXWMuYF8CqeEw7kzE49C8nmJsTVL2qzZ6NMbJdE u7awj/tjRGksRn2Dd+5/0s3BuBfGWYycWoi7YzWxtUBFP2Od4rmqI56862JZbXGl uREf/xv7PRWQeixU88V6fgWiGqhqx3kFsqPiRB4iJou8oxv8+zUPvbVAfW45dXrn lMrTMnrr/I41OZF0cSzplxWNhIqM9U9BGYU4kvOeOrh33/s74PKt8CxD6L0AL3gC j87e1FIOyiAPkg5xp+UQb2RuArNSBg7tczLXVIiwc9fNy8iDXQJLbqq9RtSnkU3z /83gWPt8BimZkRUVxDq0J4AcTn/YDMK0 -----END CERTIFICATE-----Generated at Sun Jul 20 06:23:20 2025 by rpki-client