$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.mft File: sTgy_KSTRJYjasOJSZjD3VE9fAk.mft (raw, json) Hash identifier: XUpquN2woc7NZPbT8GAWDW73AHjU7SsAfTbBKtsnyKs= Subject key identifier: A4:D1:DE:E7:B6:E7:B1:3B:D1:21:7F:0C:01:BB:3E:A8:79:2B:F2:0A Authority key identifier: B1:38:32:FC:A4:93:44:96:23:6A:C3:89:49:98:C3:DD:51:3D:7C:09 Certificate issuer: /CN=A91D4A16/serialNumber=B13832FCA4934496236AC3894998C3DD513D7C09 Certificate serial: 01B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sTgy_KSTRJYjasOJSZjD3VE9fAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.mft Manifest number: 01B5 Signing time: Mon 21 Jul 2025 03:12:34 +0000 Manifest this update: Mon 21 Jul 2025 03:12:33 +0000 Manifest next update: Mon 28 Jul 2025 03:12:33 +0000 Files and hashes: 1: sTgy_KSTRJYjasOJSZjD3VE9fAk.crl (hash: 6eOiYwBuh0CGXi1On9lZugx32X12iGVsOzCGnutTZas=) 2: 61DBE422A88B11EFAF507987C4F9AE02.roa (hash: STHjjsnIAoIPHR0TFAUlDiXLQCeT5pB31DsweaU0WWA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.crl rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sTgy_KSTRJYjasOJSZjD3VE9fAk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 03:12:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 441 (0x1b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4A16, serialNumber=B13832FCA4934496236AC3894998C3DD513D7C09 Validity Not Before: Jul 21 03:12:33 2025 GMT Not After : Jul 28 03:12:33 2025 GMT Subject: CN=687db021-3056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9c:59:d9:93:08:63:a6:35:ef:ef:22:08:c7: 13:02:80:5a:7e:ff:5d:49:fd:55:e4:3f:50:75:d4: c9:de:f2:33:c2:9e:14:18:17:3d:99:2e:d3:e6:08: a0:63:54:23:c0:77:7a:cf:13:01:43:3d:35:61:da: 15:e0:26:5d:09:bd:fc:0a:57:b2:bc:62:26:56:f5: be:9f:19:82:60:6d:0f:5a:10:34:f9:03:4b:92:9e: c1:5d:60:5d:38:ac:5d:7b:22:e4:49:d1:7e:51:43: 4a:e8:40:44:0d:63:72:67:51:f1:3e:b9:ed:5d:e2: c9:e7:68:8a:79:b2:49:06:ec:06:c2:b7:7c:7e:f9: 60:fc:73:ae:ff:7c:99:ca:1e:9d:bb:3f:8b:62:0f: 72:43:d7:d4:44:a8:9c:2c:42:2c:7e:a4:03:5a:5f: 55:fc:64:bf:9b:ac:c9:29:7b:ce:07:21:cb:78:bb: 8d:cc:46:11:ab:1b:d5:8b:b0:ff:14:ac:db:8f:e6: 9b:09:a7:56:a4:a6:85:7f:8f:e4:55:d5:41:c2:9a: 05:37:7e:29:a9:a5:56:b4:87:d1:b0:a6:fe:a4:38: 33:a0:46:45:3a:77:07:8d:d0:7e:6b:02:07:26:5d: 85:f6:18:34:85:af:c2:18:16:79:e2:74:05:71:ee: 85:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:D1:DE:E7:B6:E7:B1:3B:D1:21:7F:0C:01:BB:3E:A8:79:2B:F2:0A X509v3 Authority Key Identifier: keyid:B1:38:32:FC:A4:93:44:96:23:6A:C3:89:49:98:C3:DD:51:3D:7C:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sTgy_KSTRJYjasOJSZjD3VE9fAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4A16/BAE7EFFECC5311ED81F4C515C4F9AE02/sTgy_KSTRJYjasOJSZjD3VE9fAk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:b7:17:49:e9:e8:ce:00:13:8f:72:95:08:1e:d1:29:09:18: b2:b7:86:b1:5e:52:39:7a:82:e8:1d:0a:5c:a5:43:80:80:d9: 79:a0:e8:c9:c2:98:09:f9:f9:e8:ef:dc:c2:8a:e6:1d:14:9a: a0:e5:b8:12:7d:77:8a:75:ef:8a:8f:1b:60:71:6d:22:33:7b: 15:4a:ce:54:44:e6:7a:e6:db:6e:6c:13:76:34:e8:65:61:31: b7:a9:8f:a3:e8:34:78:08:ca:56:ff:38:bc:38:6a:18:37:07: f4:df:3a:54:7f:9e:ba:c5:63:18:b9:79:9e:89:3d:8e:6f:4f: 67:0f:1c:c2:cf:95:f9:c1:ee:9a:82:2c:b3:86:b8:9b:5a:b9: 78:8d:7e:fb:85:5a:f7:7c:4f:e4:9c:77:b6:06:24:26:b0:45: 55:7b:ef:e7:8a:c4:e6:40:6d:83:1b:c6:40:c3:14:8f:cc:a2: 4b:47:e9:90:9e:9c:d8:df:bf:b5:c6:70:52:be:b3:4f:2a:65: b8:97:5c:e4:b7:68:c6:47:60:45:8d:1f:12:1c:77:68:80:91: 46:3a:f6:97:fe:e2:b1:a1:36:1b:a7:03:56:e4:50:72:b8:b4: e2:1a:c2:3f:f2:c2:64:a4:d1:23:64:d0:29:8e:f3:37:bc:f9: 59:f5:33:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBMTYxMTAvBgNVBAUTKEIxMzgzMkZDQTQ5MzQ0OTYyMzZBQzM4OTQ5OThDM0RE NTEzRDdDMDkwHhcNMjUwNzIxMDMxMjMzWhcNMjUwNzI4MDMxMjMzWjAYMRYwFAYD VQQDEw02ODdkYjAyMS0zMDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv5xZ2ZMIY6Y17+8iCMcTAoBafv9dSf1V5D9QddTJ3vIzwp4UGBc9mS7T5gig Y1QjwHd6zxMBQz01YdoV4CZdCb38CleyvGImVvW+nxmCYG0PWhA0+QNLkp7BXWBd OKxdeyLkSdF+UUNK6EBEDWNyZ1HxPrntXeLJ52iKebJJBuwGwrd8fvlg/HOu/3yZ yh6duz+LYg9yQ9fURKicLEIsfqQDWl9V/GS/m6zJKXvOByHLeLuNzEYRqxvVi7D/ FKzbj+abCadWpKaFf4/kVdVBwpoFN34pqaVWtIfRsKb+pDgzoEZFOncHjdB+awIH Jl2F9hg0ha/CGBZ54nQFce6FRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKTR3ue2 57E70SF/DAG7Pqh5K/IKMB8GA1UdIwQYMBaAFLE4Mvykk0SWI2rDiUmYw91RPXwJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEExNi9CQUU3RUZGRUND NTMxMUVEODFGNEM1MTVDNEY5QUUwMi9zVGd5X0tTVFJKWWphc09KU1pqRDNWRTlm QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NUZ3lfS1NUUkpZamFzT0pTWmpEM1ZFOWZBay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEExNi9CQUU3RUZGRUNDNTMxMUVEODFGNEM1MTVDNEY5QUUwMi9zVGd5X0tTVFJK WWphc09KU1pqRDNWRTlmQWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBttxdJ6ejOABOPcpUIHtEpCRiyt4axXlI5eoLoHQpcpUOAgNl5oOjJ wpgJ+fno79zCiuYdFJqg5bgSfXeKde+KjxtgcW0iM3sVSs5UROZ65ttubBN2NOhl YTG3qY+j6DR4CMpW/zi8OGoYNwf03zpUf566xWMYuXmeiT2Ob09nDxzCz5X5we6a giyzhribWrl4jX77hVr3fE/knHe2BiQmsEVVe+/nisTmQG2DG8ZAwxSPzKJLR+mQ npzY37+1xnBSvrNPKmW4l1zkt2jGR2BFjR8SHHdogJFGOvaX/uKxoTYbpwNW5FBy uLTiGsI/8sJkpNEjZNApjvM3vPlZ9TMO -----END CERTIFICATE-----Generated at Mon Jul 21 06:50:10 2025 by rpki-client