$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.mft File: 9Jo51DCJcORwLfKfHU3PUh8KUTU.mft (raw, json) Hash identifier: qn459I1U4uDPAArOOD+e3Y6dI6/fVgSl5dYwDCjCqGI= Subject key identifier: 34:E4:D0:60:32:98:33:9B:B9:0C:09:6F:F1:B8:0A:BD:2C:D4:6C:D1 Authority key identifier: F4:9A:39:D4:30:89:70:E4:70:2D:F2:9F:1D:4D:CF:52:1F:0A:51:35 Certificate issuer: /CN=A91D2258/serialNumber=F49A39D4308970E4702DF29F1D4DCF521F0A5135 Certificate serial: 0342 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Jo51DCJcORwLfKfHU3PUh8KUTU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.mft Manifest number: 033D Signing time: Mon 21 Jul 2025 01:19:58 +0000 Manifest this update: Mon 21 Jul 2025 01:19:58 +0000 Manifest next update: Mon 28 Jul 2025 01:19:58 +0000 Files and hashes: 1: 9Jo51DCJcORwLfKfHU3PUh8KUTU.crl (hash: Hp5viW0yCcPvbOdRZAgrwBmujVukXYwN1WxbP7SsdJw=) 2: E27CA57ECA9111EC9F9A7513C4F9AE02.roa (hash: C1ezUxuL3ClkX3BgQjjS1dTVihRitOogxbbsy9SR+JY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.crl rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Jo51DCJcORwLfKfHU3PUh8KUTU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:19:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 834 (0x342) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D2258, serialNumber=F49A39D4308970E4702DF29F1D4DCF521F0A5135 Validity Not Before: Jul 21 01:19:58 2025 GMT Not After : Jul 28 01:19:58 2025 GMT Subject: CN=687d95be-7529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:fe:18:bc:5c:79:f1:ef:d3:7f:15:16:ca:b8: 37:2f:f1:34:21:40:88:6c:af:29:90:52:40:80:95: b8:cf:be:be:e6:fe:69:cc:41:7e:a6:66:35:ed:f5: c4:f2:34:99:8b:4f:dc:08:af:22:32:05:25:38:7f: 31:c0:3f:45:8e:3d:92:f1:ab:23:66:fa:70:00:33: 86:71:8d:2c:7c:3f:66:95:bb:39:6e:cc:e4:b2:57: 81:8a:e0:04:7f:b5:fd:57:f5:fd:9b:2f:00:f6:d2: 4c:93:ab:81:df:f8:54:72:b1:03:e6:9a:b4:12:13: 22:e3:1e:cb:b0:7c:25:8e:8b:94:73:88:83:e9:9c: 4c:64:ec:f3:07:8e:8f:f6:4d:d3:67:f1:82:05:af: 71:2f:02:70:4e:e5:e5:41:5f:04:3e:a4:11:f5:a4: af:ec:5d:6c:12:b6:c7:6f:ed:f4:4f:3f:79:6e:b8: c1:8f:01:9e:9f:8e:e8:99:8b:7f:32:65:db:a2:b5: 53:72:b8:40:89:d8:51:42:a6:91:f9:25:7d:7f:65: 00:f4:77:1b:1e:f6:67:48:21:7e:8d:0a:88:7b:d6: 2d:7b:12:fb:6c:c3:79:95:f2:76:26:a6:18:c2:4f: f2:54:74:ba:23:e2:62:68:03:71:79:80:0e:97:b8: fd:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:E4:D0:60:32:98:33:9B:B9:0C:09:6F:F1:B8:0A:BD:2C:D4:6C:D1 X509v3 Authority Key Identifier: keyid:F4:9A:39:D4:30:89:70:E4:70:2D:F2:9F:1D:4D:CF:52:1F:0A:51:35 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Jo51DCJcORwLfKfHU3PUh8KUTU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:d3:17:b9:81:e9:fc:a9:68:a9:19:80:61:8b:99:2e:25:b2: ba:c6:96:d7:27:1e:ce:03:89:2d:0c:04:bc:80:2a:af:a7:e9: 3a:12:69:09:03:fe:36:68:33:2b:c7:9d:1b:e9:19:f3:49:94: 29:37:f4:2f:ef:f4:f7:d8:20:bc:21:f3:52:89:30:74:8d:2c: d7:98:a0:97:25:7e:1f:a2:fb:2f:81:b8:cd:08:36:0c:90:5a: 15:71:19:ba:8b:2f:67:e2:0c:a5:e2:75:20:c0:be:97:b7:3e: 16:d8:a4:15:4e:21:bd:8b:99:c1:c8:e9:e4:87:1d:ae:e1:a4: cf:59:5e:36:76:7a:e6:cc:ca:ba:82:33:89:0e:bf:5f:bb:4c: d7:46:9d:9c:3e:80:90:18:b5:f7:ed:4b:ef:33:68:1e:c1:49: 42:1c:f1:bb:72:48:96:c0:4c:fe:e6:4e:2e:63:0c:e0:08:fd: 59:6b:41:42:3f:b7:cb:4e:b8:3c:d5:c7:ad:4a:40:59:a7:78: 58:3b:9f:90:fd:a0:e9:40:4c:17:15:68:56:53:f8:31:9f:a9: 85:9e:cc:9a:54:93:47:48:bd:52:d9:bd:89:2c:b0:9b:cd:f2: c4:a1:2e:41:31:cd:e3:f7:65:3c:b0:34:ae:77:a7:ef:a6:aa: f7:c2:55:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDIyNTgxMTAvBgNVBAUTKEY0OUEzOUQ0MzA4OTcwRTQ3MDJERjI5RjFENERDRjUy MUYwQTUxMzUwHhcNMjUwNzIxMDExOTU4WhcNMjUwNzI4MDExOTU4WjAYMRYwFAYD VQQDEw02ODdkOTViZS03NTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1v4YvFx58e/TfxUWyrg3L/E0IUCIbK8pkFJAgJW4z76+5v5pzEF+pmY17fXE 8jSZi0/cCK8iMgUlOH8xwD9Fjj2S8asjZvpwADOGcY0sfD9mlbs5bszksleBiuAE f7X9V/X9my8A9tJMk6uB3/hUcrED5pq0EhMi4x7LsHwljouUc4iD6ZxMZOzzB46P 9k3TZ/GCBa9xLwJwTuXlQV8EPqQR9aSv7F1sErbHb+30Tz95brjBjwGen47omYt/ MmXborVTcrhAidhRQqaR+SV9f2UA9HcbHvZnSCF+jQqIe9YtexL7bMN5lfJ2JqYY wk/yVHS6I+JiaANxeYAOl7j9iQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDTk0GAy mDObuQwJb/G4Cr0s1GzRMB8GA1UdIwQYMBaAFPSaOdQwiXDkcC3ynx1Nz1IfClE1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjI1OC82MzhDMzg0NENB OEYxMUVDOTMzQUIyMTFDNEY5QUUwMi85Sm81MURDSmNPUndMZktmSFUzUFVoOEtV VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlKbzUxRENKY09Sd0xmS2ZIVTNQVWg4S1VUVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjI1OC82MzhDMzg0NENBOEYxMUVDOTMzQUIyMTFDNEY5QUUwMi85Sm81MURDSmNP UndMZktmSFUzUFVoOEtVVFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC10xe5gen8qWipGYBhi5kuJbK6xpbXJx7OA4ktDAS8gCqvp+k6EmkJ A/42aDMrx50b6RnzSZQpN/Qv7/T32CC8IfNSiTB0jSzXmKCXJX4fovsvgbjNCDYM kFoVcRm6iy9n4gyl4nUgwL6Xtz4W2KQVTiG9i5nByOnkhx2u4aTPWV42dnrmzMq6 gjOJDr9fu0zXRp2cPoCQGLX37UvvM2gewUlCHPG7ckiWwEz+5k4uYwzgCP1Za0FC P7fLTrg81cetSkBZp3hYO5+Q/aDpQEwXFWhWU/gxn6mFnsyaVJNHSL1S2b2JLLCb zfLEoS5BMc3j92U8sDSud6fvpqr3wlWd -----END CERTIFICATE-----Generated at Mon Jul 21 08:45:23 2025 by rpki-client