$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: WxounOO0IKkzb95w2RqaA1Ri9Yu2of5WIfIn1r4RZVk= Subject key identifier: 61:B2:2F:E0:DA:10:45:AA:8F:2E:AF:43:76:AC:8C:F1:22:86:5D:65 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0145 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0143 Signing time: Mon 21 Jul 2025 04:24:59 +0000 Manifest this update: Mon 21 Jul 2025 04:24:58 +0000 Manifest next update: Mon 28 Jul 2025 04:24:58 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: jD6qmpULsKLk9NlbeYjYi9LsyH51cMll3AAYkvWd1oo=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:24:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 325 (0x145) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Jul 21 04:24:58 2025 GMT Not After : Jul 28 04:24:58 2025 GMT Subject: CN=687dc11a-fd4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:fc:61:cc:78:cd:1d:9b:36:82:6e:99:aa:de: b8:a7:f2:69:9e:3b:98:58:f7:45:68:ab:d8:7c:26: b6:ff:88:13:81:41:01:71:e5:90:66:bf:26:00:ac: 3d:68:60:11:6f:89:52:5b:15:bc:4a:73:a9:a6:c2: cb:05:b9:48:4a:37:4c:d5:19:04:e8:cd:5b:1b:18: 28:47:81:84:71:75:24:58:39:66:b1:b7:a7:53:b0: fc:87:1e:5b:de:95:a2:2a:09:6b:b7:8d:4e:9d:f8: aa:be:39:f8:e4:e6:11:b7:5a:53:eb:af:e1:cf:f6: ef:76:10:d1:66:7e:10:07:8a:96:df:48:42:70:20: 80:29:ba:23:76:b8:0e:9a:80:d4:9a:e0:06:73:d9: 3a:28:20:78:f4:a2:e9:cc:5e:a6:e5:12:1c:1d:3e: d5:0d:48:34:6d:40:02:59:74:e4:79:4a:85:5f:7a: 21:1f:62:9d:3a:81:df:27:0a:75:18:f3:38:45:42: 16:40:9e:c7:b4:f0:19:56:3f:60:51:79:ae:66:5a: ae:dc:27:b5:2f:6c:63:41:a9:44:62:29:a7:7c:58: b6:69:43:a7:32:5d:6c:b0:15:ff:ba:0a:90:85:07: f2:5e:0a:c2:e6:23:f8:a6:bb:df:d9:c2:41:3f:50: 0d:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B2:2F:E0:DA:10:45:AA:8F:2E:AF:43:76:AC:8C:F1:22:86:5D:65 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:ce:81:bd:d4:fc:44:b5:21:a3:6d:95:93:51:c2:a9:93:2c: b8:74:9b:fe:e7:80:b5:6a:0f:24:e8:1d:a0:95:3a:40:ee:ee: 24:94:2d:e5:77:96:3b:1f:43:8a:87:e0:fd:78:24:8e:74:54: e4:13:92:a6:c9:25:c0:a8:a6:62:97:bb:75:f4:57:19:16:d0: 01:35:64:02:c1:ef:77:75:e4:0c:d3:8c:30:22:7a:83:9e:88: 9a:0e:b3:c1:44:ff:7b:e7:b9:66:65:a9:39:da:40:87:29:24: b6:d6:b3:c6:48:45:18:e5:45:29:3b:e8:70:9b:f1:e4:c9:d9: d5:7a:74:c8:df:a8:2a:bb:f4:fb:e2:a6:31:d8:1f:2f:fe:ff: 36:92:62:d9:8a:88:7c:48:82:b4:e0:4f:b5:e2:bb:cf:b3:ac: c1:e5:b9:87:40:7f:53:b6:a1:d9:3f:c1:fa:a0:d8:6b:8a:4b: 9a:ce:c4:11:47:a5:7a:92:04:31:fa:d2:fa:4a:b0:31:a8:49: 1b:f6:1a:8d:4b:e0:b5:c0:b0:1b:11:96:10:d1:ec:4f:b7:e5: 0d:57:c6:08:04:84:fa:a9:1e:09:cd:16:2c:c9:95:e3:02:e6: 10:f5:2c:c6:30:91:8d:56:1b:5e:11:ec:f3:7f:8e:76:ce:eb: 9d:65:ef:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwNzIxMDQyNDU4WhcNMjUwNzI4MDQyNDU4WjAYMRYwFAYD VQQDEw02ODdkYzExYS1mZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/xhzHjNHZs2gm6Zqt64p/JpnjuYWPdFaKvYfCa2/4gTgUEBceWQZr8mAKw9 aGARb4lSWxW8SnOppsLLBblISjdM1RkE6M1bGxgoR4GEcXUkWDlmsbenU7D8hx5b 3pWiKglrt41Onfiqvjn45OYRt1pT66/hz/bvdhDRZn4QB4qW30hCcCCAKbojdrgO moDUmuAGc9k6KCB49KLpzF6m5RIcHT7VDUg0bUACWXTkeUqFX3ohH2KdOoHfJwp1 GPM4RUIWQJ7HtPAZVj9gUXmuZlqu3Ce1L2xjQalEYimnfFi2aUOnMl1ssBX/ugqQ hQfyXgrC5iP4prvf2cJBP1ANfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGGyL+Da EEWqjy6vQ3asjPEihl1lMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCazoG91PxEtSGjbZWTUcKpkyy4dJv+54C1ag8k6B2glTpA7u4klC3l d5Y7H0OKh+D9eCSOdFTkE5KmySXAqKZil7t19FcZFtABNWQCwe93deQM04wwInqD noiaDrPBRP9757lmZak52kCHKSS21rPGSEUY5UUpO+hwm/HkydnVenTI36gqu/T7 4qYx2B8v/v82kmLZioh8SIK04E+14rvPs6zB5bmHQH9TtqHZP8H6oNhrikuazsQR R6V6kgQx+tL6SrAxqEkb9hqNS+C1wLAbEZYQ0exPt+UNV8YIBIT6qR4JzRYsyZXj AuYQ9SzGMJGNVhteEezzf452zuudZe+s -----END CERTIFICATE-----Generated at Mon Jul 21 12:47:55 2025 by rpki-client