$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.mft File: 25K4P0wYeDkNakTmrtV6d1ImNRI.mft (raw, json) Hash identifier: mN1KfW3R8u/JG8E+4ARdWrW254dKdPTPqlnj7ZM9qtc= Subject key identifier: 3B:33:14:C2:79:43:85:39:71:0A:CE:3E:DF:46:0E:63:E8:47:BA:37 Authority key identifier: DB:92:B8:3F:4C:18:78:39:0D:6A:44:E6:AE:D5:7A:77:52:26:35:12 Certificate issuer: /CN=A91BBD5B/serialNumber=DB92B83F4C1878390D6A44E6AED57A7752263512 Certificate serial: 1D2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.mft Manifest number: 1D22 Signing time: Sun 20 Jul 2025 16:10:22 +0000 Manifest this update: Sun 20 Jul 2025 16:10:21 +0000 Manifest next update: Sun 27 Jul 2025 16:10:21 +0000 Files and hashes: 1: 25K4P0wYeDkNakTmrtV6d1ImNRI.crl (hash: EKfU6Rf8Kkh3eVTabXNZAjsLk8RsT7JvK0fCUhJNZB0=) 2: AB9480A6BB6811E69E8D1212C4F9AE02.roa (hash: XU2BtSx1XPF+OETuBQTO4A3xSlkRLbVqfxk4yTT8ml4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.crl rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 16:10:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7469 (0x1d2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BBD5B, serialNumber=DB92B83F4C1878390D6A44E6AED57A7752263512 Validity Not Before: Jul 20 16:10:21 2025 GMT Not After : Jul 27 16:10:21 2025 GMT Subject: CN=687d14ee-1acb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5e:7e:9a:01:23:49:57:48:98:b3:c2:00:4a: 87:6c:53:44:b2:7c:19:cd:13:1c:56:32:c5:24:2f: bc:61:d5:f9:ae:ea:9d:40:6a:21:92:b6:ff:c5:8c: 28:f7:98:48:d9:b3:6c:85:03:82:90:d3:c8:4f:2c: 96:37:e4:7b:4b:2f:7c:49:2c:53:3b:89:3f:7f:87: d6:66:62:b0:b3:e4:d0:b5:43:84:7a:02:34:71:b8: df:44:5f:6e:c5:2c:ed:d8:a3:fc:a6:29:d6:af:d8: 7a:16:19:89:10:17:2e:36:44:55:93:82:70:8c:e8: 6d:1f:d9:e0:0a:39:a3:a6:4e:21:a2:f7:ed:3e:ad: ec:3b:ba:12:81:8d:0f:f0:1b:b2:2c:5a:48:1a:48: 31:cf:ba:e4:86:b8:5d:f9:cd:bb:bd:52:7f:81:4a: 1f:e7:ab:91:ab:77:cb:61:a2:e4:15:77:e2:79:44: 21:4b:78:74:27:21:3d:ad:bf:fb:35:91:8a:b7:eb: 44:6e:6f:e1:6f:a5:e1:82:ce:3e:a0:da:88:54:0b: d8:4a:12:e7:22:26:0b:b1:b0:64:39:59:50:8a:42: d2:65:ee:fe:1a:4c:32:2e:9f:7b:cc:51:a3:20:89: 6b:a1:4d:e0:d3:4b:4c:34:e0:63:b8:b2:45:83:e3: 1e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:33:14:C2:79:43:85:39:71:0A:CE:3E:DF:46:0E:63:E8:47:BA:37 X509v3 Authority Key Identifier: keyid:DB:92:B8:3F:4C:18:78:39:0D:6A:44:E6:AE:D5:7A:77:52:26:35:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:17:29:58:0c:3e:f1:16:66:f5:4c:fe:a7:6b:36:2a:80:d6: 5a:3b:2a:2b:65:9c:4d:c3:76:ec:9c:03:d3:bd:6e:dc:0c:26: 3b:d9:52:41:a8:51:6c:a6:53:0c:51:5f:e2:84:66:c3:30:fb: 84:ba:d2:08:00:bf:42:76:1d:74:94:52:d4:a7:d8:90:51:92: 7f:96:e6:32:3e:5b:bb:76:d3:f1:76:3e:3d:a7:1c:2b:a7:92: 47:27:61:2e:a2:92:2d:f5:2a:28:02:73:98:e3:19:7e:82:3a: 89:f5:1e:52:7a:2d:70:50:bb:bf:2d:0c:d7:9d:dd:75:d6:4c: 90:b0:89:15:af:bd:b8:3a:81:02:88:26:cf:c1:6d:55:48:fc: 06:dd:a9:8f:b7:22:0a:92:21:64:cf:84:55:54:c4:b9:4d:3b: b6:87:64:be:0a:98:b7:04:78:83:3c:d9:14:3d:3c:d1:6e:3e: 21:4c:11:09:14:2f:9b:84:bd:a6:5f:82:5b:be:3b:1b:97:a5: 27:59:d3:57:a8:ec:2f:14:4d:25:2d:42:95:bf:0a:8e:74:55: d1:68:0e:06:c4:79:1a:c5:cc:3e:e1:55:fd:e7:f3:5e:ed:13: 8a:d5:65:83:22:60:20:ce:18:3f:de:80:92:f2:36:d5:ba:a2: ba:9f:ee:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkJENUIxMTAvBgNVBAUTKERCOTJCODNGNEMxODc4MzkwRDZBNDRFNkFFRDU3QTc3 NTIyNjM1MTIwHhcNMjUwNzIwMTYxMDIxWhcNMjUwNzI3MTYxMDIxWjAYMRYwFAYD VQQDEw02ODdkMTRlZS0xYWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt15+mgEjSVdImLPCAEqHbFNEsnwZzRMcVjLFJC+8YdX5ruqdQGohkrb/xYwo 95hI2bNshQOCkNPITyyWN+R7Sy98SSxTO4k/f4fWZmKws+TQtUOEegI0cbjfRF9u xSzt2KP8pinWr9h6FhmJEBcuNkRVk4JwjOhtH9ngCjmjpk4hovftPq3sO7oSgY0P 8BuyLFpIGkgxz7rkhrhd+c27vVJ/gUof56uRq3fLYaLkFXfieUQhS3h0JyE9rb/7 NZGKt+tEbm/hb6Xhgs4+oNqIVAvYShLnIiYLsbBkOVlQikLSZe7+GkwyLp97zFGj IIlroU3g00tMNOBjuLJFg+MeOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDszFMJ5 Q4U5cQrOPt9GDmPoR7o3MB8GA1UdIwQYMBaAFNuSuD9MGHg5DWpE5q7VendSJjUS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkQ1Qi8xNzAyRkMzRUJC NjcxMUU2QUUyNDA0MEZDNEY5QUUwMi8yNUs0UDB3WWVEa05ha1RtcnRWNmQxSW1O UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI1SzRQMHdZZURrTmFrVG1ydFY2ZDFJbU5SSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QkQ1Qi8xNzAyRkMzRUJCNjcxMUU2QUUyNDA0MEZDNEY5QUUwMi8yNUs0UDB3WWVE a05ha1RtcnRWNmQxSW1OUkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBFylYDD7xFmb1TP6nazYqgNZaOyorZZxNw3bsnAPTvW7cDCY72VJB qFFsplMMUV/ihGbDMPuEutIIAL9Cdh10lFLUp9iQUZJ/luYyPlu7dtPxdj49pxwr p5JHJ2EuopIt9SooAnOY4xl+gjqJ9R5Sei1wULu/LQzXnd111kyQsIkVr724OoEC iCbPwW1VSPwG3amPtyIKkiFkz4RVVMS5TTu2h2S+Cpi3BHiDPNkUPTzRbj4hTBEJ FC+bhL2mX4Jbvjsbl6UnWdNXqOwvFE0lLUKVvwqOdFXRaA4GxHkaxcw+4VX95/Ne 7ROK1WWDImAgzhg/3oCS8jbVuqK6n+4E -----END CERTIFICATE-----Generated at Mon Jul 21 12:29:11 2025 by rpki-client