$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: 8cMWwRHi2SNkQSLBqRlJ8/4LG0kfq8DLcEHo0IGfOGw= Subject key identifier: 7F:A8:BC:6E:8D:67:5D:E7:17:AE:99:90:77:E4:54:F5:92:74:61:4C Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AA9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2B78 Signing time: Fri 18 Jul 2025 16:03:34 +0000 Manifest this update: Fri 18 Jul 2025 16:03:34 +0000 Manifest next update: Fri 25 Jul 2025 16:03:34 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: V7j7mUDtlAJPy0IxccgNh+qCwBu4DoNx3Xg4dLzqH3U=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2729 (0xaa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Jul 18 16:03:34 2025 GMT Not After : Jul 25 16:03:34 2025 GMT Subject: CN=687a7056-b727 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:64:e0:72:9e:34:5c:8a:3e:ac:31:84:3b:91: 1e:7e:01:8b:76:b6:7b:ea:7f:57:63:6e:52:49:e7: c1:75:ba:dd:f1:7e:4f:e8:ce:b4:a8:90:87:53:e2: cc:7d:df:75:4b:6d:ee:be:6c:ff:87:55:62:1c:a6: 8e:77:e0:c5:a3:1c:34:8e:f7:47:5e:a4:6c:31:65: e9:e9:67:4b:97:62:0a:d2:26:20:b2:7e:c6:c1:56: 23:78:84:27:2e:ea:c3:0a:c8:39:7b:68:5b:9d:8b: b3:6c:e2:55:f1:4d:c1:66:41:95:c5:45:64:1a:79: 8c:62:61:cb:cc:cb:49:dc:1a:92:45:1c:6a:1b:ce: 77:e8:53:7a:d8:44:3e:b5:cf:75:e4:99:40:2f:3d: b9:6c:8f:15:e8:10:2f:f2:9e:4c:7e:41:c1:b2:26: c1:b4:34:5e:ad:76:51:a1:95:24:c4:35:74:06:4e: 1f:ec:40:dd:39:41:37:05:39:26:ca:44:d5:b3:bc: f0:81:85:8f:44:ac:40:c3:6a:61:76:69:0a:72:2b: 0c:b9:9c:3f:24:3d:20:b7:5f:26:79:81:85:93:80: 1a:cb:34:08:a2:3b:f4:cb:6b:d3:14:64:61:98:76: bf:d5:00:60:5f:63:da:87:0d:5b:20:37:ca:e5:99: c0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:A8:BC:6E:8D:67:5D:E7:17:AE:99:90:77:E4:54:F5:92:74:61:4C X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:f5:68:3d:81:50:f5:96:6c:80:b9:fd:2b:ca:ab:02:ee:16: d2:a7:6b:4c:02:f1:5e:34:67:d5:88:08:59:8d:8d:fa:00:ae: 29:ba:e9:ba:62:38:a5:e6:a4:b0:ae:02:0b:b6:22:3e:11:6d: 38:7d:a8:42:88:ab:b3:4e:bd:cc:4d:b4:51:9f:69:fc:ac:62: cc:f3:64:b8:65:a9:c9:a2:8a:9f:dc:60:92:c2:d7:67:48:90: a9:e5:45:76:28:24:42:a1:b6:d0:f2:fc:aa:24:6f:a8:37:26: f8:c0:02:4c:2a:7c:fa:bc:0f:a2:61:bb:dc:38:7c:a1:49:dc: 03:e3:b5:1b:7d:ee:27:93:45:0e:d4:b1:08:fb:df:01:24:02: b9:4a:5a:5a:f5:73:45:c4:2d:8b:96:59:ee:08:04:73:6b:4e: bd:8c:6f:f4:e8:82:61:78:f8:54:f9:b2:e1:ee:bb:01:61:96: 0d:a6:b8:d1:8c:81:23:3f:44:28:46:95:57:0a:97:2a:73:a0: d4:dc:50:fc:30:98:c9:10:c8:90:9e:ca:d8:88:22:c2:2e:7b: 12:ac:19:c4:a6:bd:e2:41:f0:bd:fb:96:d8:dc:e9:a1:f1:a8: 97:ae:8b:4a:6d:14:b5:0a:8d:63:48:8a:df:56:e9:74:e1:cb: 07:ba:8e:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUwNzE4MTYwMzM0WhcNMjUwNzI1MTYwMzM0WjAYMRYwFAYD VQQDEw02ODdhNzA1Ni1iNzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GTgcp40XIo+rDGEO5EefgGLdrZ76n9XY25SSefBdbrd8X5P6M60qJCHU+LM fd91S23uvmz/h1ViHKaOd+DFoxw0jvdHXqRsMWXp6WdLl2IK0iYgsn7GwVYjeIQn LurDCsg5e2hbnYuzbOJV8U3BZkGVxUVkGnmMYmHLzMtJ3BqSRRxqG8536FN62EQ+ tc915JlALz25bI8V6BAv8p5MfkHBsibBtDRerXZRoZUkxDV0Bk4f7EDdOUE3BTkm ykTVs7zwgYWPRKxAw2phdmkKcisMuZw/JD0gt18meYGFk4AayzQIojv0y2vTFGRh mHa/1QBgX2Pahw1bIDfK5ZnA3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH+ovG6N Z13nF66ZkHfkVPWSdGFMMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAw9Wg9gVD1lmyAuf0ryqsC7hbSp2tMAvFeNGfViAhZjY36AK4puum6 Yjil5qSwrgILtiI+EW04fahCiKuzTr3MTbRRn2n8rGLM82S4ZanJooqf3GCSwtdn SJCp5UV2KCRCobbQ8vyqJG+oNyb4wAJMKnz6vA+iYbvcOHyhSdwD47Ubfe4nk0UO 1LEI+98BJAK5Slpa9XNFxC2LllnuCARza069jG/06IJhePhU+bLh7rsBYZYNprjR jIEjP0QoRpVXCpcqc6DU3FD8MJjJEMiQnsrYiCLCLnsSrBnEpr3iQfC9+5bY3Omh 8aiXrotKbRS1Co1jSIrfVul04csHuo6T -----END CERTIFICATE-----Generated at Sun Jul 20 10:16:20 2025 by rpki-client