$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: VyVfXi80IIf3QCzF6fx8GiL5TNbG3INQPWuJcIJT8jI= Subject key identifier: 5D:72:79:85:23:DA:87:A3:93:75:90:AB:02:37:8D:04:4F:E3:23:AE Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: EC Signing time: Wed 23 Jul 2025 05:38:50 +0000 Manifest this update: Wed 23 Jul 2025 05:38:50 +0000 Manifest next update: Wed 30 Jul 2025 05:38:50 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: wcSTnSEp5NN5G8dO+DEmWgN1K6jbkbExjANXPdgKMvw=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: rdcsVeSD/0uRXsupB+gdsyd8ZZ4QY82jQKGKV8TuBBs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 05:38:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 239 (0xef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: Jul 23 05:38:50 2025 GMT Not After : Jul 30 05:38:50 2025 GMT Subject: CN=6880756a-793d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a1:71:e7:87:5d:bc:11:89:e5:ed:30:c3:34: e5:74:b3:1c:f1:a0:0f:08:fc:83:47:eb:fc:e5:4e: a4:b7:24:4d:4b:32:37:e3:42:c7:9f:95:a2:22:18: b4:76:1b:f9:7b:a6:5a:c0:15:ca:c4:1a:d5:90:b9: 30:3e:2b:77:8b:4f:05:c5:a1:e5:24:03:f7:88:ff: 23:8b:b8:4c:e7:3f:f1:0d:a2:4c:e6:0f:f7:b7:e4: 88:ba:3c:7f:eb:36:2e:e0:7b:a7:41:82:38:88:9b: 56:94:7a:77:d2:1e:86:d3:52:c9:82:3a:76:97:43: 8c:09:ab:43:b8:a3:85:43:52:c9:4c:e1:a0:3b:f8: 5e:18:d4:03:ac:f7:18:d6:2e:ce:b5:92:64:7b:21: 20:1e:da:3b:e9:f7:f5:50:97:13:f6:55:be:ee:fa: 2e:d9:ba:1e:fc:9c:e3:e1:18:e9:91:19:bd:50:5e: 50:3d:37:47:9c:ff:2c:f5:b6:19:bf:18:5d:78:23: 2f:3a:5e:8d:39:34:bb:05:35:76:02:aa:44:ca:dc: 34:f1:52:81:2e:b5:33:96:10:52:5f:ce:47:c0:72: 91:60:6e:05:78:a2:58:ea:2a:fd:4e:62:8b:4f:f0: a6:2c:93:e8:f3:4c:53:b4:18:1f:57:e4:e2:d1:b5: 2c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:72:79:85:23:DA:87:A3:93:75:90:AB:02:37:8D:04:4F:E3:23:AE X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:b8:f1:69:e0:e7:de:a0:d0:59:1f:a9:8f:2d:d6:7b:dc:57: 06:5d:a3:f8:d2:b7:53:83:ec:b6:c7:49:df:50:88:a8:42:8a: fb:9f:3a:25:95:13:6e:f2:4d:c1:26:2e:90:47:93:01:ce:77: 5f:f4:89:40:69:d5:62:c8:a1:66:b7:0c:ef:ba:14:36:6f:d7: c6:6f:1d:47:a9:63:85:a9:48:6f:75:be:cc:d2:7f:a4:76:47: 5d:98:48:38:9c:a5:7b:b9:6b:8b:c1:57:5b:95:0c:2f:8e:dc: 49:09:61:cb:88:06:0a:2a:23:a5:6e:5f:0d:e6:1a:8b:f8:55: 42:1b:42:8c:6f:fa:01:a8:7c:14:77:99:30:a9:f6:b0:b3:01: 00:01:87:8e:d1:75:5c:12:cc:7c:eb:fe:92:f7:a8:a3:cd:a3: a0:c8:81:71:f6:3f:0b:75:c8:9c:7f:42:3a:12:b4:36:be:4f: c8:08:f9:7c:07:a2:d2:26:11:b3:21:2a:9f:84:67:55:ec:98: 07:8a:40:f4:46:42:80:22:38:6a:c6:ff:dd:57:11:ac:01:af: 46:a5:71:18:97:d9:d4:8a:49:72:45:f6:6e:3d:4f:30:21:2c: 78:65:9b:11:b2:fc:ca:5c:7e:89:1e:ad:20:21:99:31:c3:83: b1:6d:9d:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUwNzIzMDUzODUwWhcNMjUwNzMwMDUzODUwWjAYMRYwFAYD VQQDEw02ODgwNzU2YS03OTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6Fx54ddvBGJ5e0wwzTldLMc8aAPCPyDR+v85U6ktyRNSzI340LHn5WiIhi0 dhv5e6ZawBXKxBrVkLkwPit3i08FxaHlJAP3iP8ji7hM5z/xDaJM5g/3t+SIujx/ 6zYu4HunQYI4iJtWlHp30h6G01LJgjp2l0OMCatDuKOFQ1LJTOGgO/heGNQDrPcY 1i7OtZJkeyEgHto76ff1UJcT9lW+7vou2boe/Jzj4RjpkRm9UF5QPTdHnP8s9bYZ vxhdeCMvOl6NOTS7BTV2AqpEytw08VKBLrUzlhBSX85HwHKRYG4FeKJY6ir9TmKL T/CmLJPo80xTtBgfV+Ti0bUsMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF1yeYUj 2oejk3WQqwI3jQRP4yOuMB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLuPFp4OfeoNBZH6mPLdZ73FcGXaP40rdTg+y2x0nfUIioQor7nzol lRNu8k3BJi6QR5MBzndf9IlAadViyKFmtwzvuhQ2b9fGbx1HqWOFqUhvdb7M0n+k dkddmEg4nKV7uWuLwVdblQwvjtxJCWHLiAYKKiOlbl8N5hqL+FVCG0KMb/oBqHwU d5kwqfawswEAAYeO0XVcEsx86/6S96ijzaOgyIFx9j8Ldcicf0I6ErQ2vk/ICPl8 B6LSJhGzISqfhGdV7JgHikD0RkKAIjhqxv/dVxGsAa9GpXEYl9nUiklyRfZuPU8w ISx4ZZsRsvzKXH6JHq0gIZkxw4OxbZ0J -----END CERTIFICATE-----Generated at Thu Jul 24 08:45:16 2025 by rpki-client