$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft File: SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft (raw, json) Hash identifier: +tXL9DmyhdXftEekftulKKLqPlV/IzIOh86aZWTQZ50= Subject key identifier: BF:9C:37:AC:1C:77:27:32:27:D3:6C:6A:5B:CC:4E:A6:08:94:66:42 Authority key identifier: 48:F9:60:09:BC:D4:CE:06:CD:60:D1:25:F0:A9:1B:23:FE:C3:03:60 Certificate issuer: /CN=A91D3D89/serialNumber=48F96009BCD4CE06CD60D125F0A91B23FEC30360 Certificate serial: DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft Manifest number: D7 Signing time: Mon 21 Jul 2025 05:44:25 +0000 Manifest this update: Mon 21 Jul 2025 05:44:24 +0000 Manifest next update: Mon 28 Jul 2025 05:44:24 +0000 Files and hashes: 1: SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl (hash: U05ieFRx5eelNOGh443KgLDdbarn/3uuchI/AfrwUdw=) 2: 37D4A3DE20BA11EF9B035D1FC4F9AE02.roa (hash: 97sXWjq7Fj5JCQCyo6BRYI+5mz862DUMpg5o3JeeUks=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 05:19:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 218 (0xda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3D89, serialNumber=48F96009BCD4CE06CD60D125F0A91B23FEC30360 Validity Not Before: Jul 21 05:44:24 2025 GMT Not After : Jul 28 05:44:24 2025 GMT Subject: CN=687dd3b9-fbd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f5:6e:dd:8d:90:1b:43:8c:08:e4:b3:fb:53: ac:80:03:71:02:5c:e1:be:a7:d5:ed:71:de:64:d6: 55:6a:8f:d0:fe:be:28:88:f6:b8:e3:8a:e6:80:6e: ce:76:13:b9:e5:56:71:80:16:18:12:76:b5:b7:a9: dc:79:db:a7:8c:07:53:d9:2b:20:98:d8:68:20:18: 61:b6:85:5d:80:1d:b0:2b:15:16:36:db:07:3b:7a: 61:e7:94:95:0c:1b:82:3a:c6:cd:a6:f2:13:75:18: 06:92:1c:c5:9c:12:f9:0f:32:0d:3b:c0:c5:f3:25: 0d:41:41:88:cb:3f:20:c1:d9:a3:08:ee:88:90:c8: 34:b6:1b:09:9f:25:0d:aa:26:14:aa:09:ee:cb:0c: 6c:63:5f:ae:e5:de:fd:8e:cb:2f:7c:61:4c:bd:2a: d8:6f:fa:24:ef:ba:05:42:4e:53:47:b6:37:89:23: de:f3:b3:d8:c6:6e:1a:db:d8:96:c1:0a:76:06:fb: 19:84:60:7c:78:c7:3b:f5:fc:64:3c:40:48:7d:d6: b1:b9:29:4f:76:9b:03:5e:c1:a6:41:fc:28:e9:19: fe:8b:73:f6:0c:da:27:ae:57:7a:30:b7:1a:28:8b: 96:93:a0:ae:2a:ab:da:34:61:20:09:5a:0a:5b:af: e7:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:9C:37:AC:1C:77:27:32:27:D3:6C:6A:5B:CC:4E:A6:08:94:66:42 X509v3 Authority Key Identifier: keyid:48:F9:60:09:BC:D4:CE:06:CD:60:D1:25:F0:A9:1B:23:FE:C3:03:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:54:c0:3c:34:3d:0c:03:0d:a2:b4:fc:ea:1c:de:33:34:9d: 17:80:a9:80:54:b0:3b:b4:af:c7:f5:db:ae:53:ce:a8:45:bc: 20:fb:c8:91:b3:88:31:c7:b2:a2:d4:62:1a:bd:2e:bb:2e:6b: 34:b0:51:b7:96:20:a1:90:92:5d:da:77:9f:9e:33:94:7d:3e: 89:3f:8d:b0:df:2a:60:06:5f:60:3c:f6:08:54:46:e2:f7:fb: b6:21:b3:24:3e:a6:cc:72:0c:ac:46:28:5c:e6:c7:dd:38:32: e7:bf:7f:dc:d2:f0:d6:af:e8:15:76:3e:4f:cb:ce:67:37:0c: d0:29:60:e4:04:f8:f2:6f:85:24:c1:32:7b:be:c3:1e:c2:c8: 7c:e5:5d:44:30:b3:09:40:18:c6:9c:f6:ff:c3:38:df:dd:79: f0:ad:a2:ff:34:12:44:23:94:3a:42:16:4f:2e:48:7c:aa:cd: de:79:f2:de:6d:3c:ce:d5:61:a4:3b:7e:15:07:79:45:a6:c7: 81:7a:f0:9b:e6:dc:d9:ee:30:77:fd:62:3c:25:45:e9:c7:f7: a4:eb:bc:5a:f8:8e:8b:b5:0b:a0:ad:49:35:a0:38:d0:f4:f1: 9e:6f:28:9d:99:10:16:34:04:c1:a3:4b:c3:04:96:57:18:d1: e2:2c:85:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNEODkxMTAvBgNVBAUTKDQ4Rjk2MDA5QkNENENFMDZDRDYwRDEyNUYwQTkxQjIz RkVDMzAzNjAwHhcNMjUwNzIxMDU0NDI0WhcNMjUwNzI4MDU0NDI0WjAYMRYwFAYD VQQDEw02ODdkZDNiOS1mYmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyfVu3Y2QG0OMCOSz+1OsgANxAlzhvqfV7XHeZNZVao/Q/r4oiPa444rmgG7O dhO55VZxgBYYEna1t6ncedunjAdT2SsgmNhoIBhhtoVdgB2wKxUWNtsHO3ph55SV DBuCOsbNpvITdRgGkhzFnBL5DzINO8DF8yUNQUGIyz8gwdmjCO6IkMg0thsJnyUN qiYUqgnuywxsY1+u5d79jssvfGFMvSrYb/ok77oFQk5TR7Y3iSPe87PYxm4a29iW wQp2BvsZhGB8eMc79fxkPEBIfdaxuSlPdpsDXsGmQfwo6Rn+i3P2DNonrld6MLca KIuWk6CuKqvaNGEgCVoKW6/nWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL+cN6wc dycyJ9NsalvMTqYIlGZCMB8GA1UdIwQYMBaAFEj5YAm81M4GzWDRJfCpGyP+wwNg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Q4OS9EM0VENTg1ODIw QjgxMUVGQkUxQzI4MTVDNEY5QUUwMi9TUGxnQ2J6VXpnYk5ZTkVsOEtrYklfN0RB MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NQbGdDYnpVemdiTllORWw4S2tiSV83REEyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE M0Q4OS9EM0VENTg1ODIwQjgxMUVGQkUxQzI4MTVDNEY5QUUwMi9TUGxnQ2J6VXpn Yk5ZTkVsOEtrYklfN0RBMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAeVMA8ND0MAw2itPzqHN4zNJ0XgKmAVLA7tK/H9duuU86oRbwg+8iR s4gxx7Ki1GIavS67Lms0sFG3liChkJJd2nefnjOUfT6JP42w3ypgBl9gPPYIVEbi 9/u2IbMkPqbMcgysRihc5sfdODLnv3/c0vDWr+gVdj5Py85nNwzQKWDkBPjyb4Uk wTJ7vsMewsh85V1EMLMJQBjGnPb/wzjf3XnwraL/NBJEI5Q6QhZPLkh8qs3eefLe bTzO1WGkO34VB3lFpseBevCb5tzZ7jB3/WI8JUXpx/ek67xa+I6LtQugrUk1oDjQ 9PGebyidmRAWNATBo0vDBJZXGNHiLIUq -----END CERTIFICATE-----Generated at Mon Jul 21 07:21:36 2025 by rpki-client