$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft File: 1RZ7lweHQQlX4l2fh1CFYPAFd24.mft (raw, json) Hash identifier: oKU7NVcSwWNSd8PYgsSHDpa3kI9OgKVXcHgbJ5WYUuY= Subject key identifier: 4A:69:05:31:CF:A6:14:72:DB:96:54:64:76:88:07:5A:60:09:03:7B Authority key identifier: D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E Certificate issuer: /CN=A91B9011/serialNumber=D5167B970787410957E25D9F87508560F005776E Certificate serial: 05D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft Manifest number: 05D0 Signing time: Tue 22 Jul 2025 23:24:30 +0000 Manifest this update: Tue 22 Jul 2025 23:24:30 +0000 Manifest next update: Tue 29 Jul 2025 23:24:30 +0000 Files and hashes: 1: 1RZ7lweHQQlX4l2fh1CFYPAFd24.crl (hash: l8Bd71TU04mm21mwivFt+/jHqVeHLvnSHyozezuexNQ=) 2: 438893AC55BE11EDBDE51983C4F9AE02.roa (hash: Y1Hqc3CucW1MGNfTEVOgwuu3xdmSB7zSj6HU8UBJr7c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 23:24:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1493 (0x5d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9011, serialNumber=D5167B970787410957E25D9F87508560F005776E Validity Not Before: Jul 22 23:24:30 2025 GMT Not After : Jul 29 23:24:30 2025 GMT Subject: CN=68801dae-8c5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:9b:21:32:cf:a4:bc:c6:f8:2d:98:c9:1e:6e: 58:a0:56:0f:96:86:ec:48:f5:9e:6c:ec:7a:6d:a0: 74:0a:4f:04:46:9d:72:a9:5a:79:49:4f:51:e6:91: f7:04:ce:ef:d7:7a:3c:66:bb:3c:64:e7:9b:d8:0f: b8:49:a6:16:09:ed:a8:bf:b1:d8:73:44:4f:ad:96: bc:6b:67:90:e5:3c:f0:37:e2:54:00:b9:87:c8:d2: f9:32:4f:ec:26:69:de:15:29:52:1f:bf:88:03:fe: be:0b:ab:5c:71:7d:11:d6:9c:c9:6b:0c:1b:af:12: dc:59:ec:2a:3e:70:5c:6b:2f:01:13:e8:78:1f:b2: 99:c6:a5:e4:57:bd:4a:dc:62:17:15:87:9f:53:f5: ae:90:c7:44:59:30:f8:aa:cf:53:20:f0:ec:7b:eb: 73:c4:a4:4f:06:68:e3:97:50:4b:a2:e4:ab:2d:ed: e9:f9:32:5b:6e:0d:56:e8:7e:63:6c:24:18:56:d7: 3c:49:4a:fc:1f:cb:0a:d5:e3:45:3c:0e:b6:29:51: 04:4d:92:05:2d:e0:3d:0d:e3:29:e0:3a:8c:29:d8: ef:d0:c9:7f:eb:70:ac:8c:03:3f:1f:28:d6:9b:8c: bb:06:0b:0d:d7:0f:38:30:2a:7a:37:73:9e:ea:50: f0:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:69:05:31:CF:A6:14:72:DB:96:54:64:76:88:07:5A:60:09:03:7B X509v3 Authority Key Identifier: keyid:D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:c1:64:96:88:21:bb:b0:50:a4:d6:a8:8d:3b:64:ab:e1:8e: c1:5e:5b:04:8e:e6:9c:f8:9a:fe:ca:2a:69:05:1a:34:98:2c: 79:59:ee:b5:3d:91:a6:09:97:1c:6f:69:c0:45:c3:44:c4:48: 80:2c:77:08:7d:a8:b3:c4:56:9b:a6:31:6a:64:47:a5:72:9d: b2:8a:23:3d:f1:b7:3f:e6:e7:ad:4f:c6:e0:19:f8:72:3d:6e: 0f:89:5a:fc:d1:ba:bf:78:0e:6e:78:6d:52:83:b2:c7:7c:80: 2e:65:f0:a1:15:56:47:d3:bd:7b:ea:3e:b2:18:9d:39:ea:a5: 61:21:c6:18:bd:d2:54:4c:7a:4d:fa:d9:9c:0b:e4:ee:c5:aa: bd:14:6b:91:04:c6:a5:83:d5:98:a5:81:40:f8:b8:84:94:7e: 01:fd:aa:ec:b9:c4:fb:82:ff:f6:24:73:cc:00:86:2c:b0:b4: fc:8e:15:7f:e2:93:68:fc:8c:48:7e:f3:23:87:0e:a5:f2:8e: 9b:c1:8c:b9:79:d3:f9:ac:64:13:fe:f8:46:ad:a6:2a:75:a8: 85:98:25:e4:05:ae:4d:1a:1f:56:19:fb:75:a3:97:91:73:91: 40:7e:8f:d9:44:53:10:f0:90:32:67:c7:01:c1:18:f8:8a:42: 30:04:69:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkwMTExMTAvBgNVBAUTKEQ1MTY3Qjk3MDc4NzQxMDk1N0UyNUQ5Rjg3NTA4NTYw RjAwNTc3NkUwHhcNMjUwNzIyMjMyNDMwWhcNMjUwNzI5MjMyNDMwWjAYMRYwFAYD VQQDEw02ODgwMWRhZS04YzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmpshMs+kvMb4LZjJHm5YoFYPlobsSPWebOx6baB0Ck8ERp1yqVp5SU9R5pH3 BM7v13o8Zrs8ZOeb2A+4SaYWCe2ov7HYc0RPrZa8a2eQ5TzwN+JUALmHyNL5Mk/s JmneFSlSH7+IA/6+C6tccX0R1pzJawwbrxLcWewqPnBcay8BE+h4H7KZxqXkV71K 3GIXFYefU/WukMdEWTD4qs9TIPDse+tzxKRPBmjjl1BLouSrLe3p+TJbbg1W6H5j bCQYVtc8SUr8H8sK1eNFPA62KVEETZIFLeA9DeMp4DqMKdjv0Ml/63CsjAM/HyjW m4y7BgsN1w84MCp6N3Oe6lDwZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEppBTHP phRy25ZUZHaIB1pgCQN7MB8GA1UdIwQYMBaAFNUWe5cHh0EJV+Jdn4dQhWDwBXdu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTAxMS8zODg4RTBDNEM3 M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFRbFg0bDJmaDFDRllQQUZk MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFSWjdsd2VIUVFsWDRsMmZoMUNGWVBBRmQyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTAxMS8zODg4RTBDNEM3M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFR bFg0bDJmaDFDRllQQUZkMjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6wWSWiCG7sFCk1qiNO2Sr4Y7BXlsEjuac+Jr+yippBRo0mCx5We61 PZGmCZccb2nARcNExEiALHcIfaizxFabpjFqZEelcp2yiiM98bc/5uetT8bgGfhy PW4PiVr80bq/eA5ueG1Sg7LHfIAuZfChFVZH07176j6yGJ056qVhIcYYvdJUTHpN +tmcC+Tuxaq9FGuRBMalg9WYpYFA+LiElH4B/arsucT7gv/2JHPMAIYssLT8jhV/ 4pNo/IxIfvMjhw6l8o6bwYy5edP5rGQT/vhGraYqdaiFmCXkBa5NGh9WGft1o5eR c5FAfo/ZRFMQ8JAyZ8cBwRj4ikIwBGnN -----END CERTIFICATE-----Generated at Thu Jul 24 12:15:58 2025 by rpki-client