$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json) Hash identifier: xElBYZuz4qemRlfVm25ehW+bVq2Jd+PHKA3iW8Iwg3M= Subject key identifier: 06:C6:D7:87:08:A0:8F:8F:5F:0B:43:F7:8E:0D:81:6B:93:4E:B9:FB Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0B85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft Manifest number: 0B7A Signing time: Sun 20 Jul 2025 19:08:25 +0000 Manifest this update: Sun 20 Jul 2025 19:08:25 +0000 Manifest next update: Sun 27 Jul 2025 19:08:25 +0000 Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: 7NeWwPu286XQ+Kc34CguxwJj+21r1HmlbCKWY6Ab1jU=) 2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: dZqvR0xqd13+DRj0vsCnaFuawrKyEqpLXk81wck6o3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:08:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2949 (0xb85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Jul 20 19:08:25 2025 GMT Not After : Jul 27 19:08:25 2025 GMT Subject: CN=687d3ea9-dcbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e8:86:58:40:e6:c7:a4:6c:31:45:7b:a3:42: 82:ba:47:d6:e9:e7:91:c2:d1:4e:4d:0b:f4:67:48: 4f:28:5c:a5:ff:3b:9b:27:38:e0:ef:cb:56:b7:81: 49:9b:1d:03:83:a4:c0:e9:94:fe:0e:7d:2a:18:94: 13:35:68:d0:b3:ea:88:4e:ce:d2:f8:65:e8:87:16: ce:b4:ec:46:5f:28:cd:1a:42:fc:3a:3c:2f:bd:8e: 8b:25:7e:49:81:ee:5f:b5:4b:b5:c5:20:e5:9b:a0: 21:2b:3a:5f:49:95:02:55:b3:12:a5:dc:e8:c3:53: af:9d:ad:52:05:bd:06:a3:06:9f:8c:21:f3:20:65: 1a:9d:2d:d5:0d:76:be:2a:0e:81:5b:67:ee:d0:dd: c6:a4:22:71:86:0b:08:d0:56:89:d9:a1:44:d3:5b: e2:b9:46:f6:0d:4c:a7:53:3b:63:c8:af:ee:fd:55: 0f:11:15:56:d8:95:01:f1:74:e8:80:83:c2:61:94: 46:46:b3:15:ab:c1:69:7f:0d:ff:ef:01:ab:b4:4a: 41:f5:45:8c:5b:58:99:70:ea:d5:e5:05:eb:81:f7: d7:3c:4b:c4:2e:6b:de:de:69:55:4f:e4:d7:54:6e: 3c:c4:69:1a:6f:33:9c:db:b6:65:9a:ee:a1:49:42: 67:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:C6:D7:87:08:A0:8F:8F:5F:0B:43:F7:8E:0D:81:6B:93:4E:B9:FB X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:65:55:f0:47:a4:f9:87:8f:c2:17:9e:0c:32:49:7e:e8:2b: a7:09:e1:39:1a:6d:94:69:86:01:74:00:ee:23:05:59:c4:d7: b7:b3:e2:6b:13:16:98:e5:2a:82:61:0c:1c:d0:db:02:dc:8f: 69:ab:39:cf:b8:7c:26:3e:1b:b6:44:ad:d1:12:ea:cf:19:a3: 87:e0:77:e8:5d:38:51:8f:93:03:54:95:34:35:05:79:8d:93: b1:37:7d:a0:f6:f0:df:41:20:e9:9e:2e:58:8e:65:83:03:ed: dd:9b:05:bb:1a:a4:7a:85:b2:97:4e:4b:7b:9e:15:d7:b0:e5: 16:25:d4:60:66:2f:fd:f8:a5:bd:15:a1:04:f5:40:6c:25:69: d3:67:8b:67:db:9f:3d:57:cc:e7:56:78:80:c3:bd:1d:04:e7: eb:c6:9a:e3:99:7a:5b:b4:4a:d2:39:83:9c:37:70:1d:2a:ba: 5d:7a:62:49:5f:f4:60:c9:f7:b2:85:5c:e3:78:f7:47:1b:6f: 86:0f:2a:23:5a:63:d6:5c:bc:63:06:48:85:05:45:c5:4f:31: f8:28:23:31:40:ab:11:38:b2:d3:90:5b:20:15:c7:f5:bb:4f: 70:cd:e0:6d:e2:e9:44:ba:51:02:b6:b0:de:fb:49:12:2d:c7: 48:67:c4:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjUwNzIwMTkwODI1WhcNMjUwNzI3MTkwODI1WjAYMRYwFAYD VQQDEw02ODdkM2VhOS1kY2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxeiGWEDmx6RsMUV7o0KCukfW6eeRwtFOTQv0Z0hPKFyl/zubJzjg78tWt4FJ mx0Dg6TA6ZT+Dn0qGJQTNWjQs+qITs7S+GXohxbOtOxGXyjNGkL8OjwvvY6LJX5J ge5ftUu1xSDlm6AhKzpfSZUCVbMSpdzow1Ovna1SBb0GowafjCHzIGUanS3VDXa+ Kg6BW2fu0N3GpCJxhgsI0FaJ2aFE01viuUb2DUynUztjyK/u/VUPERVW2JUB8XTo gIPCYZRGRrMVq8Fpfw3/7wGrtEpB9UWMW1iZcOrV5QXrgffXPEvELmve3mlVT+TX VG48xGkabzOc27Zlmu6hSUJnRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAbG14cI oI+PXwtD944NgWuTTrn7MB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByZVXwR6T5h4/CF54MMkl+6CunCeE5Gm2UaYYBdADuIwVZxNe3s+Jr ExaY5SqCYQwc0NsC3I9pqznPuHwmPhu2RK3REurPGaOH4HfoXThRj5MDVJU0NQV5 jZOxN32g9vDfQSDpni5YjmWDA+3dmwW7GqR6hbKXTkt7nhXXsOUWJdRgZi/9+KW9 FaEE9UBsJWnTZ4tn2589V8znVniAw70dBOfrxprjmXpbtErSOYOcN3AdKrpdemJJ X/RgyfeyhVzjePdHG2+GDyojWmPWXLxjBkiFBUXFTzH4KCMxQKsROLLTkFsgFcf1 u09wzeBt4ulEulECtrDe+0kSLcdIZ8Tr -----END CERTIFICATE-----Generated at Mon Jul 21 06:58:42 2025 by rpki-client