$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft File: 0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft (raw, json) Hash identifier: mqgo+jLqdztlup/Fh6p815pBu0+VlOqveNUijmQgvro= Subject key identifier: F5:3A:81:94:BF:BD:F1:5D:80:82:51:B8:9B:90:01:1C:F4:5B:96:42 Authority key identifier: D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51 Certificate issuer: /CN=A91DA8C2/serialNumber=D24FCCAD3ACE7FFE5BF02A6A8F68C0602E1C1B51 Certificate serial: 44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft Manifest number: 43 Signing time: Mon 21 Jul 2025 07:39:27 +0000 Manifest this update: Mon 21 Jul 2025 07:39:26 +0000 Manifest next update: Mon 28 Jul 2025 07:39:26 +0000 Files and hashes: 1: 0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl (hash: n2uAHH02aHfz9G47GbFjoDRzLoUR8mckTsupFj4lFdc=) 2: 32EE2B68005411F08A6FEB4BC4F9AE02.roa (hash: wwcr+8+DOyZmloRteEL56x1j3vM+7vfdbP5INKVgy7U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:39:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68 (0x44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA8C2, serialNumber=D24FCCAD3ACE7FFE5BF02A6A8F68C0602E1C1B51 Validity Not Before: Jul 21 07:39:26 2025 GMT Not After : Jul 28 07:39:26 2025 GMT Subject: CN=687deeae-4222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:1f:22:23:11:13:01:6e:1b:41:d6:03:fe:19: 58:63:37:a7:97:35:57:d2:6d:91:34:a7:42:19:e8: 89:96:8d:d8:93:e8:2a:e7:84:32:d1:3d:53:2c:f3: e0:c2:88:4d:d1:f6:4b:94:1d:74:bb:91:7e:97:69: a3:9e:48:36:a3:bb:a0:48:ea:23:d7:60:05:21:37: 56:2c:4e:92:f3:dd:7f:aa:77:69:d3:05:b5:9e:67: d8:c3:b7:bb:3b:82:15:7c:f6:c7:34:70:1c:e2:b4: 0d:e4:e3:d4:b1:5e:cb:84:78:1c:1a:70:bd:53:2e: dc:3f:71:6c:f0:83:16:9f:da:e8:7e:f7:f8:35:90: 66:d0:84:04:c8:08:89:93:8b:d0:6f:d4:c8:ea:6a: b6:4f:0c:16:f0:3c:e9:e6:f5:c6:39:60:8a:b6:47: 60:93:04:94:32:9b:52:71:3d:96:a2:53:9c:fc:2c: a1:12:ae:1d:e4:1b:16:4b:3e:ac:6c:b4:a1:4c:da: d0:d7:bd:01:02:57:d6:3d:61:75:29:37:92:76:69: f7:d6:69:d3:71:64:41:83:3a:d4:de:12:d9:2b:9c: aa:a8:30:6d:7d:c7:8f:be:74:85:fc:f3:65:1b:1b: c0:f8:54:49:6e:1d:23:bb:f6:67:3b:47:ea:7f:03: 95:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:3A:81:94:BF:BD:F1:5D:80:82:51:B8:9B:90:01:1C:F4:5B:96:42 X509v3 Authority Key Identifier: keyid:D2:4F:CC:AD:3A:CE:7F:FE:5B:F0:2A:6A:8F:68:C0:60:2E:1C:1B:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA8C2/95A69BE2005311F08E73E14AC4F9AE02/0k_MrTrOf_5b8Cpqj2jAYC4cG1E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:23:89:88:49:3a:27:2e:74:57:17:ba:83:4c:52:16:d9:23: 56:6d:aa:7e:d3:9b:a0:84:c2:fa:5c:57:a4:9b:65:e8:94:a7: 03:0b:64:f6:b1:39:62:5c:07:a0:e5:58:b3:e5:db:3a:56:af: 54:22:c7:59:c4:9a:fe:24:aa:e8:23:56:c8:ea:69:d9:ca:98: 8e:25:d1:4c:10:4b:eb:81:dd:4a:09:83:8d:52:14:22:55:43: d1:7c:72:3e:52:e4:c5:c1:47:a4:5b:0b:f0:9d:92:fb:50:e2: 52:cd:ac:d6:d5:a5:e3:cf:55:1e:18:f7:54:4e:d3:91:18:2d: 78:13:1c:8c:3d:90:6a:e5:a9:19:23:e3:20:84:96:79:7e:ef: f3:33:0f:8f:67:b2:8a:3c:e1:df:d2:bc:ae:5f:b6:cb:66:a1: b9:23:ed:82:7b:4b:ff:e6:ba:14:fb:db:a7:3a:78:b4:aa:73: 27:e9:ab:66:73:57:1d:b4:1e:4f:44:ab:bf:df:19:5e:fe:75: 95:41:f2:31:0c:d0:b8:0a:81:1e:bb:e2:6f:3c:d0:21:36:34: 1f:09:d6:de:77:76:83:a2:3d:05:3a:77:91:c6:87:db:de:8b: ab:83:67:4f:dd:57:e3:7c:bb:c9:05:3e:ac:b4:e0:6f:75:27: 53:a3:f8:00 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QThDMjExMC8GA1UEBRMoRDI0RkNDQUQzQUNFN0ZGRTVCRjAyQTZBOEY2OEMwNjAy RTFDMUI1MTAeFw0yNTA3MjEwNzM5MjZaFw0yNTA3MjgwNzM5MjZaMBgxFjAUBgNV BAMTDTY4N2RlZWFlLTQyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCbHyIjERMBbhtB1gP+GVhjN6eXNVfSbZE0p0IZ6ImWjdiT6CrnhDLRPVMs8+DC iE3R9kuUHXS7kX6XaaOeSDaju6BI6iPXYAUhN1YsTpLz3X+qd2nTBbWeZ9jDt7s7 ghV89sc0cBzitA3k49SxXsuEeBwacL1TLtw/cWzwgxaf2uh+9/g1kGbQhATICImT i9Bv1MjqarZPDBbwPOnm9cY5YIq2R2CTBJQym1JxPZaiU5z8LKESrh3kGxZLPqxs tKFM2tDXvQECV9Y9YXUpN5J2affWadNxZEGDOtTeEtkrnKqoMG19x4++dIX882Ub G8D4VEluHSO79mc7R+p/A5VfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9TqBlL+9 8V2AglG4m5ABHPRblkIwHwYDVR0jBBgwFoAU0k/MrTrOf/5b8Cpqj2jAYC4cG1Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBOEMyLzk1QTY5QkUyMDA1 MzExRjA4RTczRTE0QUM0RjlBRTAyLzBrX01yVHJPZl81YjhDcHFqMmpBWUM0Y0cx RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMGtfTXJUck9mXzViOENwcWoyakFZQzRjRzFFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURB OEMyLzk1QTY5QkUyMDA1MzExRjA4RTczRTE0QUM0RjlBRTAyLzBrX01yVHJPZl81 YjhDcHFqMmpBWUM0Y0cxRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAI8jiYhJOicudFcXuoNMUhbZI1Ztqn7Tm6CEwvpcV6SbZeiUpwMLZPax OWJcB6DlWLPl2zpWr1Qix1nEmv4kqugjVsjqadnKmI4l0UwQS+uB3UoJg41SFCJV Q9F8cj5S5MXBR6RbC/CdkvtQ4lLNrNbVpePPVR4Y91RO05EYLXgTHIw9kGrlqRkj 4yCElnl+7/MzD49nsoo84d/SvK5ftstmobkj7YJ7S//muhT726c6eLSqcyfpq2Zz Vx20Hk9Eq7/fGV7+dZVB8jEM0LgKgR674m880CE2NB8J1t53doOiPQU6d5HGh9ve i6uDZ0/dV+N8u8kFPqy04G91J1Oj+AA= -----END CERTIFICATE-----Generated at Wed Jul 23 02:20:16 2025 by rpki-client