$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: 9I51SQRZiQgEqOtgqYDnP88KJndEHnVcU/WiFDuFnoI= Subject key identifier: C2:11:38:B9:76:5E:B5:3E:7F:66:D6:CC:85:69:68:D2:24:AC:25:B4 Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: 0100 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: FD Signing time: Mon 21 Jul 2025 05:20:30 +0000 Manifest this update: Mon 21 Jul 2025 05:20:30 +0000 Manifest next update: Mon 28 Jul 2025 05:20:30 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: LFXDs2duFW8CfyfXd8S9Gzwbjfv/lyeWwCZFAA2PxvQ=) 2: 33B566F2E80811EEB4888B0FC4F9AE02.roa (hash: ZSDoXQLk70kw9Tv9vuIwvYTULilf6nNLQq+LER2jQIQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 05:19:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 256 (0x100) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D, serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: Jul 21 05:20:30 2025 GMT Not After : Jul 28 05:20:30 2025 GMT Subject: CN=687dce1e-e454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:94:ea:91:6e:29:71:45:c1:67:67:f1:52:37: fe:70:30:80:7b:4e:39:24:da:dc:e1:41:23:ba:b1: 7f:6c:22:df:84:d7:2d:bc:3c:4d:93:e8:5c:71:d0: e2:96:19:4a:64:f2:38:4e:69:9d:12:4b:ee:3f:64: 89:5c:75:bf:61:8e:0c:f6:ae:69:ba:ed:97:4c:c7: 13:f8:41:85:d7:47:7e:75:49:af:21:64:3b:47:f9: 2b:13:af:60:12:e7:a4:09:15:32:df:fb:e0:77:ca: 7b:b6:f8:a4:5d:12:71:70:de:af:e2:93:95:71:e5: 65:a5:7e:23:de:a2:50:01:98:b1:0c:0a:d2:31:47: 16:19:19:61:57:69:1c:43:4f:0d:de:2d:2d:9a:b7: fb:22:ae:d0:a4:c1:39:05:71:f2:21:1c:9c:fe:f8: c2:63:26:48:f6:ca:97:8a:da:76:95:91:21:79:40: 11:4d:33:66:1f:cd:72:c7:96:af:af:3f:e1:f3:5d: c4:2c:56:60:07:7a:93:c0:4f:bc:2d:d3:3b:83:03: 98:fa:18:e8:c5:a7:63:1a:26:f8:5e:b0:b0:a9:49: 95:b1:a6:e7:7b:2c:fe:2f:5c:49:fc:c0:83:83:d1: 3b:7f:ec:96:b9:36:5c:13:eb:24:fb:84:52:ef:25: ae:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:11:38:B9:76:5E:B5:3E:7F:66:D6:CC:85:69:68:D2:24:AC:25:B4 X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:b0:33:db:f5:ac:55:2c:89:f4:00:c0:a0:96:09:e9:0c:80: e9:fb:31:ab:44:80:43:21:31:2d:96:d0:c4:b4:88:4b:d0:bc: 49:d3:b5:6a:8b:65:e3:58:f6:ec:05:8e:f9:d0:33:e0:25:7f: 2f:2b:49:4c:23:39:90:f1:cf:18:15:93:9f:5c:a0:0f:60:c2: 72:26:49:e8:4b:8d:7d:19:c3:34:64:bf:1f:91:08:9b:58:49: 32:f5:e3:2b:48:42:22:64:21:c0:3e:f5:ff:1e:97:8a:a3:3a: 71:7b:59:79:ff:89:33:0f:fd:36:56:8e:21:69:53:da:74:7d: e4:80:41:7c:96:f7:dc:10:05:bb:a8:48:b3:7b:47:7a:dd:d3: a2:fb:b9:81:89:69:42:e6:7c:72:99:20:32:af:1c:10:e0:b0: 27:63:3b:2a:21:27:c8:09:f3:36:a3:a7:d8:6e:00:58:66:11: ee:86:2d:19:9b:ab:16:e7:aa:f7:2b:7d:e3:0c:8e:06:28:29: 59:4f:9b:2e:67:10:b0:c9:df:97:5f:9d:64:b2:5c:a0:31:dc: fa:ac:88:2f:ab:34:3d:63:b2:eb:8f:5e:a2:0b:dc:ed:d7:5e: 03:f4:80:07:74:1a:45:c9:4b:e0:1b:64:63:68:f8:af:4b:1c: d7:a7:ce:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0 ODk2ODAzQUYwHhcNMjUwNzIxMDUyMDMwWhcNMjUwNzI4MDUyMDMwWjAYMRYwFAYD VQQDEw02ODdkY2UxZS1lNDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA25TqkW4pcUXBZ2fxUjf+cDCAe045JNrc4UEjurF/bCLfhNctvDxNk+hccdDi lhlKZPI4TmmdEkvuP2SJXHW/YY4M9q5puu2XTMcT+EGF10d+dUmvIWQ7R/krE69g EuekCRUy3/vgd8p7tvikXRJxcN6v4pOVceVlpX4j3qJQAZixDArSMUcWGRlhV2kc Q08N3i0tmrf7Iq7QpME5BXHyIRyc/vjCYyZI9sqXitp2lZEheUARTTNmH81yx5av rz/h813ELFZgB3qTwE+8LdM7gwOY+hjoxadjGib4XrCwqUmVsabneyz+L1xJ/MCD g9E7f+yWuTZcE+sk+4RS7yWujQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMIROLl2 XrU+f2bWzIVpaNIkrCW0MB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4 MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUQyRC85MDg4RUU1QUU4MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFR RGRXakJoQXd5SnBJbG9BNjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDsDPb9axVLIn0AMCglgnpDIDp+zGrRIBDITEtltDEtIhL0LxJ07Vq i2XjWPbsBY750DPgJX8vK0lMIzmQ8c8YFZOfXKAPYMJyJknoS419GcM0ZL8fkQib WEky9eMrSEIiZCHAPvX/HpeKozpxe1l5/4kzD/02Vo4haVPadH3kgEF8lvfcEAW7 qEize0d63dOi+7mBiWlC5nxymSAyrxwQ4LAnYzsqISfICfM2o6fYbgBYZhHuhi0Z m6sW56r3K33jDI4GKClZT5suZxCwyd+XX51kslygMdz6rIgvqzQ9Y7Lrj16iC9zt 114D9IAHdBpFyUvgG2RjaPivSxzXp84c -----END CERTIFICATE-----Generated at Mon Jul 21 07:14:59 2025 by rpki-client