$ rpki-client -vvf rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft File: 23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft (raw, json) Hash identifier: l1HLfwFyYJeHJ7BIkrVmyC5E37LhW0DuOTQvp7O/3us= Subject key identifier: B1:33:30:51:07:3A:3D:CC:40:04:C2:CD:B5:11:EB:26:B9:85:25:A8 Authority key identifier: DB:78:D9:F9:35:8E:56:7D:30:6E:E3:BD:1E:AC:74:8E:96:06:BF:8F Certificate issuer: /CN=A91D72CC/serialNumber=DB78D9F9358E567D306EE3BD1EAC748E9606BF8F Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23jZ-TWOVn0wbuO9Hqx0jpYGv48.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft Manifest number: 0E6A Signing time: Sun 20 Jul 2025 17:52:54 +0000 Manifest this update: Sun 20 Jul 2025 17:52:53 +0000 Manifest next update: Sun 27 Jul 2025 17:52:53 +0000 Files and hashes: 1: 23jZ-TWOVn0wbuO9Hqx0jpYGv48.crl (hash: j8yPC3fccBLwtiagDJuM24l/5cdVphPKO40GxnE+nhI=) 2: DEDE6B3CC8A911EFB805FB63C4F9AE02.roa (hash: vEfRiQNE3h/B834WLq9GOeXPVajCjfh3DLWpODG+4Jw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.crl rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23jZ-TWOVn0wbuO9Hqx0jpYGv48.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:52:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D72CC, serialNumber=DB78D9F9358E567D306EE3BD1EAC748E9606BF8F Validity Not Before: Jul 20 17:52:53 2025 GMT Not After : Jul 27 17:52:53 2025 GMT Subject: CN=687d2cf5-f2a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:57:f9:dd:43:d4:5a:50:5a:95:6a:4d:ae:ed: 79:6c:91:8e:82:f8:32:a7:d7:b7:63:90:c9:c7:d6: 5f:34:e7:5f:b9:76:88:9a:2f:67:20:a5:09:0a:01: dd:d2:a4:c5:c4:15:ff:03:5a:27:38:21:e1:21:e8: 00:f9:8a:01:cc:4a:42:cd:6f:cf:b8:2d:87:91:47: 51:fa:08:24:6e:61:3f:e7:fa:50:93:c3:f9:40:4a: f1:4e:2b:20:22:1c:0a:4a:67:c6:c8:a9:4c:c9:f1: 01:5e:db:b5:57:2e:92:79:e7:54:db:9c:1d:fd:1f: f2:1b:0b:2f:59:c3:43:ce:f3:98:76:f2:a9:a1:3b: c3:aa:27:d6:0c:b9:2c:83:b4:b4:4f:e5:dc:96:dc: 0f:15:24:d1:09:dc:f8:78:8a:da:22:41:62:91:45: 24:75:c2:a3:22:f9:f3:61:31:fb:d7:86:c0:11:eb: 72:71:83:f4:1d:e9:2b:b3:48:31:38:e2:4a:d7:8d: b2:3d:0b:96:41:4b:4f:6c:80:e5:37:d6:84:c7:a7: bd:4e:f0:dd:7a:cb:0d:d7:db:85:c5:12:99:c1:cf: 5b:c8:e4:01:84:a6:88:4c:51:1d:44:e2:55:6b:c3: 94:e6:1f:38:e0:87:39:f9:89:97:83:42:97:5a:bd: 95:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:33:30:51:07:3A:3D:CC:40:04:C2:CD:B5:11:EB:26:B9:85:25:A8 X509v3 Authority Key Identifier: keyid:DB:78:D9:F9:35:8E:56:7D:30:6E:E3:BD:1E:AC:74:8E:96:06:BF:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23jZ-TWOVn0wbuO9Hqx0jpYGv48.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:3b:a5:3b:28:c6:67:73:95:ed:75:03:20:13:da:5a:21:d3: 9f:b6:b1:ba:df:76:ae:3a:e2:39:81:7e:c8:64:f7:1f:58:63: 92:3d:f0:31:19:c2:9a:3d:1c:b9:1c:4c:9d:a4:03:20:65:e1: d2:a6:d6:c5:4d:1b:33:e4:4f:e9:e1:cc:f1:52:06:13:4b:03: 94:ec:91:64:2e:d5:83:bf:fb:b6:d6:77:4d:a8:52:6d:60:d4: 48:e2:b7:9a:ae:ee:1c:78:74:19:17:10:91:e1:e3:9f:e8:cd: 85:d5:f5:eb:68:fc:38:d5:5b:86:91:4a:ec:31:f4:da:0f:7d: 5d:a2:2c:4a:03:2e:4c:d7:08:8d:a1:ce:31:2c:eb:12:70:06: d3:ef:38:d4:4d:ec:c7:29:03:05:0b:b8:b4:ac:82:38:a7:2d: 42:d2:01:28:1c:d5:1d:9b:5f:a8:87:9f:01:a2:07:60:7e:b7: 47:57:5b:d3:23:9b:fe:60:d3:1d:cc:66:55:e3:65:5b:9a:60: 34:1c:d5:e1:a1:c6:34:f8:18:2d:e5:11:62:8b:6f:79:35:ba: 24:1d:21:fc:6b:ad:1f:4e:1c:c9:5d:70:c3:41:22:ca:83:3e: 06:4f:8b:5d:6d:3d:d0:1b:3c:b4:fb:d4:15:76:e7:c6:11:72: db:90:c5:ca -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NzJDQzExMC8GA1UEBRMoREI3OEQ5RjkzNThFNTY3RDMwNkVFM0JEMUVBQzc0OEU5 NjA2QkY4RjAeFw0yNTA3MjAxNzUyNTNaFw0yNTA3MjcxNzUyNTNaMBgxFjAUBgNV BAMTDTY4N2QyY2Y1LWYyYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjV/ndQ9RaUFqVak2u7XlskY6C+DKn17djkMnH1l8051+5doiaL2cgpQkKAd3S pMXEFf8DWic4IeEh6AD5igHMSkLNb8+4LYeRR1H6CCRuYT/n+lCTw/lASvFOKyAi HApKZ8bIqUzJ8QFe27VXLpJ551TbnB39H/IbCy9Zw0PO85h28qmhO8OqJ9YMuSyD tLRP5dyW3A8VJNEJ3Ph4itoiQWKRRSR1wqMi+fNhMfvXhsAR63Jxg/Qd6SuzSDE4 4krXjbI9C5ZBS09sgOU31oTHp71O8N16yw3X24XFEpnBz1vI5AGEpohMUR1E4lVr w5TmHzjghzn5iZeDQpdavZX5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsTMwUQc6 PcxABMLNtRHrJrmFJagwHwYDVR0jBBgwFoAU23jZ+TWOVn0wbuO9Hqx0jpYGv48w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3MkNDLzQzMzBBQzlDQjM2 RDExRTk4MjQ2RUQwQUM0RjlBRTAyLzIzalotVFdPVm4wd2J1TzlIcXgwanBZR3Y0 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMjNqWi1UV09WbjB3YnVPOUhxeDBqcFlHdjQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3 MkNDLzQzMzBBQzlDQjM2RDExRTk4MjQ2RUQwQUM0RjlBRTAyLzIzalotVFdPVm4w d2J1TzlIcXgwanBZR3Y0OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKE7pTsoxmdzle11AyAT2loh05+2sbrfdq464jmBfshk9x9YY5I98DEZ wpo9HLkcTJ2kAyBl4dKm1sVNGzPkT+nhzPFSBhNLA5TskWQu1YO/+7bWd02oUm1g 1Ejit5qu7hx4dBkXEJHh45/ozYXV9eto/DjVW4aRSuwx9NoPfV2iLEoDLkzXCI2h zjEs6xJwBtPvONRN7McpAwULuLSsgjinLULSASgc1R2bX6iHnwGiB2B+t0dXW9Mj m/5g0x3MZlXjZVuaYDQc1eGhxjT4GC3lEWKLb3k1uiQdIfxrrR9OHMldcMNBIsqD PgZPi11tPdAbPLT71BV258YRctuQxco= -----END CERTIFICATE-----Generated at Mon Jul 21 12:54:23 2025 by rpki-client