$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft File: -9GoSKH4mo0k2wtoF6CH-y313wg.mft (raw, json) Hash identifier: C2xmAZkztH72aVtCBSeK5z4e25movMoVn8NJ1LLxURQ= Subject key identifier: D4:8D:7A:51:E2:7A:4C:60:A0:B3:D9:32:50:84:AE:5E:EE:2C:D7:8E Authority key identifier: FB:D1:A8:48:A1:F8:9A:8D:24:DB:0B:68:17:A0:87:FB:2D:F5:DF:08 Certificate issuer: /CN=A91BAFCE/serialNumber=FBD1A848A1F89A8D24DB0B6817A087FB2DF5DF08 Certificate serial: 01C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft Manifest number: 01C2 Signing time: Sat 19 Jul 2025 03:09:20 +0000 Manifest this update: Sat 19 Jul 2025 03:09:19 +0000 Manifest next update: Sat 26 Jul 2025 03:09:19 +0000 Files and hashes: 1: -9GoSKH4mo0k2wtoF6CH-y313wg.crl (hash: WB9MD3eiPDWLw0CqZzAK+Ka4O4jwZrfFf1xKiYFwzPM=) 2: 37C8FE80B2A211ED9A5C4B53C4F9AE02.roa (hash: RFveBx12nYjQL7C6dI7Z0G+EUk4Kgzyh1OTU3yziD98=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.crl rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 03:09:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 453 (0x1c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAFCE, serialNumber=FBD1A848A1F89A8D24DB0B6817A087FB2DF5DF08 Validity Not Before: Jul 19 03:09:19 2025 GMT Not After : Jul 26 03:09:19 2025 GMT Subject: CN=687b0c60-0240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6f:dc:a6:42:ad:45:16:b3:e9:00:f5:b8:7f: b4:9e:1d:6d:63:04:e3:6f:11:5e:a8:cc:34:47:e5: 85:49:35:34:13:b3:a0:00:91:1b:df:36:1e:20:03: 02:69:84:71:4f:9f:9a:62:76:69:49:ae:ba:a3:01: ca:f1:70:96:08:d5:bc:26:de:4d:ea:c8:b0:4f:67: 4e:32:9e:00:79:be:d2:1f:5d:2c:dd:79:94:33:70: bb:7c:19:7d:14:ab:2a:ed:c3:a0:fb:59:20:d2:c1: 94:bb:99:fc:c5:01:65:38:1c:fb:5c:ba:31:c8:f4: c5:67:11:ef:9e:11:16:4d:49:63:56:f7:1c:3d:75: 1c:92:c9:2c:0b:a5:6d:fa:17:a7:02:ad:58:89:fb: 36:76:56:91:ae:67:b4:15:98:8c:2f:3f:89:69:c2: e8:33:b4:d6:26:09:5d:ae:38:70:1e:bc:72:a8:3f: 80:5a:13:07:d8:ff:ef:b9:af:bf:24:3b:60:e8:2b: c6:c8:03:47:f3:15:21:2b:fc:7c:5e:57:45:e4:d0: 99:a2:32:95:3e:e5:53:35:1e:c8:1d:b2:a3:1c:dc: df:d8:eb:4e:32:21:9b:b2:78:03:8a:65:4d:de:92: ef:5d:01:12:c6:fd:06:2d:34:14:81:4a:95:5d:8d: c8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:8D:7A:51:E2:7A:4C:60:A0:B3:D9:32:50:84:AE:5E:EE:2C:D7:8E X509v3 Authority Key Identifier: keyid:FB:D1:A8:48:A1:F8:9A:8D:24:DB:0B:68:17:A0:87:FB:2D:F5:DF:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:3b:e3:99:2c:d8:4c:a8:b4:fd:ef:30:46:16:78:80:2d:fe: 8d:65:04:e2:be:14:6f:27:96:dd:77:d2:95:64:5e:81:05:0b: 8e:f5:95:97:ea:a4:0e:ad:97:17:ab:a3:a7:aa:9c:85:4b:71: ce:7e:6c:10:39:c3:29:bd:45:c3:e5:39:15:bb:60:13:be:67: 74:de:f6:d1:4b:81:08:93:2b:1c:83:18:20:08:a6:54:13:9b: 1a:19:aa:b4:95:ae:5c:c1:43:7d:68:6f:78:c3:9e:fa:2d:6b: 35:2b:0b:d4:e5:6b:1e:32:4a:1d:15:c0:f8:f2:ba:93:72:df: 87:0b:31:2a:5f:32:4c:03:fb:66:df:c6:cb:8c:98:b6:e2:12: a5:93:b2:d4:d0:70:83:73:38:1a:3e:5e:58:5b:b7:17:f6:48: c4:c1:89:71:a2:fe:71:13:ee:93:0b:81:63:b8:a6:2b:26:fa: d8:67:65:c1:1b:71:4a:2f:ab:a5:30:17:46:ee:24:14:fb:3c: 47:57:f0:22:c6:01:90:b5:a1:52:72:56:f8:90:bb:12:90:e5: f6:89:96:37:c2:62:5a:b4:a5:46:17:ed:48:df:08:1d:d4:b2: a8:6b:ef:c9:fb:05:ec:dc:6a:8d:40:96:e2:31:d8:fe:50:6e: 56:d0:f0:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFGQ0UxMTAvBgNVBAUTKEZCRDFBODQ4QTFGODlBOEQyNERCMEI2ODE3QTA4N0ZC MkRGNURGMDgwHhcNMjUwNzE5MDMwOTE5WhcNMjUwNzI2MDMwOTE5WjAYMRYwFAYD VQQDEw02ODdiMGM2MC0wMjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvW/cpkKtRRaz6QD1uH+0nh1tYwTjbxFeqMw0R+WFSTU0E7OgAJEb3zYeIAMC aYRxT5+aYnZpSa66owHK8XCWCNW8Jt5N6siwT2dOMp4Aeb7SH10s3XmUM3C7fBl9 FKsq7cOg+1kg0sGUu5n8xQFlOBz7XLoxyPTFZxHvnhEWTUljVvccPXUcksksC6Vt +henAq1Yifs2dlaRrme0FZiMLz+JacLoM7TWJgldrjhwHrxyqD+AWhMH2P/vua+/ JDtg6CvGyANH8xUhK/x8XldF5NCZojKVPuVTNR7IHbKjHNzf2OtOMiGbsngDimVN 3pLvXQESxv0GLTQUgUqVXY3IjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNSNelHi ekxgoLPZMlCErl7uLNeOMB8GA1UdIwQYMBaAFPvRqEih+JqNJNsLaBegh/st9d8I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUZDRS8yRDM0QzM5MkIy OUMxMUVEOThBODMxNEFDNEY5QUUwMi8tOUdvU0tING1vMGsyd3RvRjZDSC15MzEz d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy05R29TS0g0bW8wazJ3dG9GNkNILXkzMTN3Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUZDRS8yRDM0QzM5MkIyOUMxMUVEOThBODMxNEFDNEY5QUUwMi8tOUdvU0tING1v MGsyd3RvRjZDSC15MzEzd2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLO+OZLNhMqLT97zBGFniALf6NZQTivhRvJ5bdd9KVZF6BBQuO9ZWX 6qQOrZcXq6OnqpyFS3HOfmwQOcMpvUXD5TkVu2ATvmd03vbRS4EIkyscgxggCKZU E5saGaq0la5cwUN9aG94w576LWs1KwvU5WseMkodFcD48rqTct+HCzEqXzJMA/tm 38bLjJi24hKlk7LU0HCDczgaPl5YW7cX9kjEwYlxov5xE+6TC4FjuKYrJvrYZ2XB G3FKL6ulMBdG7iQU+zxHV/AixgGQtaFSclb4kLsSkOX2iZY3wmJatKVGF+1I3wgd 1LKoa+/J+wXs3GqNQJbiMdj+UG5W0PBg -----END CERTIFICATE-----Generated at Sun Jul 20 16:23:35 2025 by rpki-client