$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft File: hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft (raw, json) Hash identifier: +Y7hj0DFFxoCkVjJ200QH+AjjEnmfNzejEr7CIL/mNA= Subject key identifier: 2B:6E:40:1D:B3:88:C9:24:11:A8:C5:C0:C7:EE:12:2C:27:D9:D2:A0 Authority key identifier: 85:79:37:72:61:CA:27:9F:1C:2F:F2:EB:C4:42:97:43:7D:D6:E6:94 Certificate issuer: /CN=A91BF5C0/serialNumber=8579377261CA279F1C2FF2EBC44297437DD6E694 Certificate serial: 02E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft Manifest number: 02DA Signing time: Mon 21 Jul 2025 01:39:06 +0000 Manifest this update: Mon 21 Jul 2025 01:39:06 +0000 Manifest next update: Mon 28 Jul 2025 01:39:06 +0000 Files and hashes: 1: hXk3cmHKJ58cL_LrxEKXQ33W5pQ.crl (hash: GeyYpLFTmavQmsg9MrNcDtupLjAomNrTxPCQKM7Uw3Y=) 2: 5B6AD2DCF1C811ECBBC34549C4F9AE02.roa (hash: rCIHZh9wUruVRZk/2Wl+iO0bQmypaGymRp+P5pHJgrc=) 3: 5AD85A56F1C811ECBBC34549C4F9AE02.roa (hash: WLqs4EYDGZGhgsTcvZkB1qzpm9zeqwQq3iz4UzKMW3w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.crl rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:39:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 741 (0x2e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF5C0, serialNumber=8579377261CA279F1C2FF2EBC44297437DD6E694 Validity Not Before: Jul 21 01:39:06 2025 GMT Not After : Jul 28 01:39:06 2025 GMT Subject: CN=687d9a3a-8890 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3c:47:cf:1b:69:de:a7:65:27:c5:80:70:0c: e8:e4:63:d1:64:75:47:2a:8e:00:0a:21:b0:5b:10: b5:a7:be:0c:65:a1:3f:fd:b6:46:23:24:0a:51:c6: a4:94:e3:63:64:84:0f:3c:18:25:b8:8f:21:c9:f8: 70:a6:fe:ee:2d:1c:c3:bc:86:bd:c3:f8:f8:d3:c5: 16:66:e2:48:f3:3c:20:5a:f2:48:04:8f:7d:ca:0a: a5:bf:19:7e:87:21:fa:1f:f4:78:8c:20:de:9a:59: 2b:6d:cb:80:7a:fb:a8:45:c1:37:5f:da:2f:e6:8d: 04:3b:53:bb:88:65:34:dc:b1:8b:0b:01:3a:23:b0: 81:64:fc:b5:17:28:27:22:0b:85:90:4c:2f:8f:df: b9:c0:73:28:36:99:de:80:1a:9f:1c:a1:97:c4:51: e3:c5:d2:48:6f:0c:08:a6:38:9a:a9:75:c3:15:49: 15:00:2e:7a:a2:9f:f8:f0:5c:cd:47:a3:d8:ad:d7: b8:9e:10:4b:12:be:e8:13:e1:79:fa:17:51:4d:ae: 37:cd:43:cf:7d:0e:ed:bb:63:bf:c5:50:94:22:0b: 91:d8:e5:d3:ba:0f:c9:eb:18:91:bd:c2:02:31:71: 06:7f:7d:14:27:41:db:33:80:22:f7:15:d2:46:1b: c5:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:6E:40:1D:B3:88:C9:24:11:A8:C5:C0:C7:EE:12:2C:27:D9:D2:A0 X509v3 Authority Key Identifier: keyid:85:79:37:72:61:CA:27:9F:1C:2F:F2:EB:C4:42:97:43:7D:D6:E6:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:bb:17:47:fe:ef:a1:bc:ba:a2:d2:76:cf:61:4b:33:c1:23: c6:29:dd:31:8b:eb:40:e8:e9:6b:0a:a4:8c:72:78:ed:07:95: 70:f9:19:69:b0:b9:28:e3:bc:6b:d0:f8:3d:5b:b3:1f:78:03: 26:c3:bf:5d:26:1d:82:aa:e5:66:96:f7:2b:cd:09:a7:de:f8: 42:18:69:d1:76:e7:b2:a1:41:a5:d6:0c:52:dc:49:a0:8a:b4: ad:0e:39:9e:38:ff:09:14:30:5e:15:23:bf:35:52:b3:56:a3: 39:ca:a3:ec:30:c2:79:57:c4:43:3e:0e:ff:2a:e0:fa:fe:ab: 06:29:30:24:df:02:8b:cb:17:f8:d1:7d:3c:1b:28:90:43:cf: b1:66:4d:05:a4:4d:5e:8e:10:03:06:ad:85:32:6b:43:5c:c8: 92:2c:a5:64:83:2c:4b:02:a3:10:87:a1:42:2a:ca:82:ed:3f: 19:8b:9b:b7:c7:fb:82:3d:e1:0f:79:7e:f4:29:a3:bd:12:c3: 0f:c2:34:a1:d0:0f:99:49:b9:c8:8d:77:fe:39:6e:e1:0c:bd: 4e:49:8c:aa:be:00:1e:92:08:03:f3:2e:b9:db:db:15:6b:e9: 4e:93:d8:f2:1f:b8:07:3a:2b:16:c6:ef:43:b1:66:6a:a3:49: 99:52:2f:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAuUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY1QzAxMTAvBgNVBAUTKDg1NzkzNzcyNjFDQTI3OUYxQzJGRjJFQkM0NDI5NzQz N0RENkU2OTQwHhcNMjUwNzIxMDEzOTA2WhcNMjUwNzI4MDEzOTA2WjAYMRYwFAYD VQQDEw02ODdkOWEzYS04ODkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzxHzxtp3qdlJ8WAcAzo5GPRZHVHKo4ACiGwWxC1p74MZaE//bZGIyQKUcak lONjZIQPPBgluI8hyfhwpv7uLRzDvIa9w/j408UWZuJI8zwgWvJIBI99ygqlvxl+ hyH6H/R4jCDemlkrbcuAevuoRcE3X9ov5o0EO1O7iGU03LGLCwE6I7CBZPy1Fygn IguFkEwvj9+5wHMoNpnegBqfHKGXxFHjxdJIbwwIpjiaqXXDFUkVAC56op/48FzN R6PYrde4nhBLEr7oE+F5+hdRTa43zUPPfQ7tu2O/xVCUIguR2OXTug/J6xiRvcIC MXEGf30UJ0HbM4Ai9xXSRhvFPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCtuQB2z iMkkEajFwMfuEiwn2dKgMB8GA1UdIwQYMBaAFIV5N3JhyiefHC/y68RCl0N91uaU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjVDMC9CQ0JENEZCNkYx QzIxMUVDQTE2M0ZENDJDNEY5QUUwMi9oWGszY21IS0o1OGNMX0xyeEVLWFEzM1c1 cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hYazNjbUhLSjU4Y0xfTHJ4RUtYUTMzVzVwUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjVDMC9CQ0JENEZCNkYxQzIxMUVDQTE2M0ZENDJDNEY5QUUwMi9oWGszY21IS0o1 OGNMX0xyeEVLWFEzM1c1cFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3uxdH/u+hvLqi0nbPYUszwSPGKd0xi+tA6OlrCqSMcnjtB5Vw+Rlp sLko47xr0Pg9W7MfeAMmw79dJh2CquVmlvcrzQmn3vhCGGnRdueyoUGl1gxS3Emg irStDjmeOP8JFDBeFSO/NVKzVqM5yqPsMMJ5V8RDPg7/KuD6/qsGKTAk3wKLyxf4 0X08GyiQQ8+xZk0FpE1ejhADBq2FMmtDXMiSLKVkgyxLAqMQh6FCKsqC7T8Zi5u3 x/uCPeEPeX70KaO9EsMPwjSh0A+ZSbnIjXf+OW7hDL1OSYyqvgAekggD8y6529sV a+lOk9jyH7gHOisWxu9DsWZqo0mZUi8g -----END CERTIFICATE-----Generated at Mon Jul 21 06:30:51 2025 by rpki-client