$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft File: df43qD7agAphAmCFh-30CJ2CQOA.mft (raw, json) Hash identifier: 0j15afJhdF+y/gDe2rkUaa/s9DiJtZ/UjlaGuvrcPRc= Subject key identifier: B1:D0:8A:BB:5E:7A:78:A0:0C:8C:63:78:C1:BA:AE:63:0A:EE:17:83 Authority key identifier: 75:FE:37:A8:3E:DA:80:0A:61:02:60:85:87:ED:F4:08:9D:82:40:E0 Certificate issuer: /CN=A91DC7AA/serialNumber=75FE37A83EDA800A6102608587EDF4089D8240E0 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft Manifest number: 28 Signing time: Mon 21 Jul 2025 07:57:30 +0000 Manifest this update: Mon 21 Jul 2025 07:57:29 +0000 Manifest next update: Mon 28 Jul 2025 07:57:29 +0000 Files and hashes: 1: df43qD7agAphAmCFh-30CJ2CQOA.crl (hash: UQQcsd9xq1TRPKy+dsAWhuqtgpKrjHNKoU6lApK8tWk=) 2: A7C7EF962A8911F09526D35BC4F9AE02.roa (hash: q6DsrTnHuS/+1sVBywXv85oiJzaT3sKc0CSqiWHXn5c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.crl rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:57:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC7AA, serialNumber=75FE37A83EDA800A6102608587EDF4089D8240E0 Validity Not Before: Jul 21 07:57:29 2025 GMT Not After : Jul 28 07:57:29 2025 GMT Subject: CN=687df2ea-22fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:17:18:45:78:c4:65:ce:83:1f:15:7d:06:77: b2:5c:3b:c1:dc:02:01:9d:39:46:5f:61:21:6b:86: 90:0d:d5:b4:d1:de:e4:e1:98:82:56:5e:75:13:36: 1d:71:05:65:c6:a0:01:c3:80:be:f3:58:97:30:c1: 5c:92:53:b8:b1:e4:7b:e1:e8:93:06:f9:f6:ba:6f: 8b:0c:fa:c0:09:2a:38:7f:4d:3b:f8:d9:be:8d:e2: 20:19:cd:17:56:6d:8e:a7:71:c8:4e:8a:b6:3a:61: fc:16:58:66:68:df:b5:fa:d0:47:4f:90:84:51:32: d5:d1:03:73:28:0f:0f:2e:47:20:bf:3b:21:86:6e: 9e:41:4d:ee:2f:8f:92:af:bc:f3:bd:e1:15:d5:76: 93:5c:66:b3:a7:4b:57:75:59:36:92:a7:66:fe:cc: 77:ef:37:fd:2c:83:b6:5d:a9:18:71:ea:da:d5:8b: 03:4a:b0:f1:6f:49:79:7e:eb:56:52:a7:c0:58:dc: 21:04:f3:c6:af:12:2d:c4:30:13:ad:27:38:18:94: 8b:56:45:42:db:4c:88:f0:47:91:14:c9:55:4b:2d: 8b:18:f4:e4:7b:9a:c1:b2:3b:5f:1d:e6:27:be:28: ed:3d:79:fe:49:da:5f:bf:0c:2d:8c:9c:34:8b:23: b3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:D0:8A:BB:5E:7A:78:A0:0C:8C:63:78:C1:BA:AE:63:0A:EE:17:83 X509v3 Authority Key Identifier: keyid:75:FE:37:A8:3E:DA:80:0A:61:02:60:85:87:ED:F4:08:9D:82:40:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/df43qD7agAphAmCFh-30CJ2CQOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC7AA/D22EDA342A8811F0A30D9159C4F9AE02/df43qD7agAphAmCFh-30CJ2CQOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:2c:81:4a:bd:66:40:b3:6d:a2:91:24:04:40:76:d2:c0:f2: 62:a7:e0:9c:d3:9d:cd:7e:71:be:e8:c4:cd:1c:3e:74:0a:ce: 8f:20:17:1e:3d:90:8c:c8:72:8a:e4:3c:4f:3e:18:70:da:80: c7:df:75:a0:8c:05:c5:16:cc:9b:fc:44:e9:67:53:b2:5c:5e: f9:44:b9:a7:ae:8f:79:ee:84:cc:84:70:40:82:36:b3:c6:42: dc:f0:42:cd:74:f2:bd:9d:37:f5:21:23:90:e0:b7:a7:51:ed: 77:03:0a:9e:c6:70:fd:fd:9e:89:79:00:bb:77:f4:7e:5a:ca: f1:e9:9e:a8:2b:4e:36:94:82:c7:ef:88:16:c9:d2:67:95:fa: c6:a8:f9:de:df:15:4d:d1:1e:91:14:7e:63:0b:91:f6:3d:12: 7d:7b:9b:a6:b1:37:b1:9c:aa:b5:ba:90:6d:83:8f:5a:9e:3f: 0b:9f:d6:5b:f4:fb:77:d0:59:2c:99:fa:a9:40:d2:75:08:2f: f3:32:d3:ae:4a:81:50:d5:f9:70:3e:c5:54:39:f5:4d:3f:32: 42:00:75:88:1c:ef:c8:b5:98:63:c3:c7:3a:41:28:18:eb:9b: 3a:9e:d3:95:a9:0b:cd:bb:4b:1d:6d:df:ce:c4:89:32:d4:6c: 11:43:99:5c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QzdBQTExMC8GA1UEBRMoNzVGRTM3QTgzRURBODAwQTYxMDI2MDg1ODdFREY0MDg5 RDgyNDBFMDAeFw0yNTA3MjEwNzU3MjlaFw0yNTA3MjgwNzU3MjlaMBgxFjAUBgNV BAMTDTY4N2RmMmVhLTIyZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+FxhFeMRlzoMfFX0Gd7JcO8HcAgGdOUZfYSFrhpAN1bTR3uThmIJWXnUTNh1x BWXGoAHDgL7zWJcwwVySU7ix5Hvh6JMG+fa6b4sM+sAJKjh/TTv42b6N4iAZzRdW bY6ncchOirY6YfwWWGZo37X60EdPkIRRMtXRA3MoDw8uRyC/OyGGbp5BTe4vj5Kv vPO94RXVdpNcZrOnS1d1WTaSp2b+zHfvN/0sg7ZdqRhx6trViwNKsPFvSXl+61ZS p8BY3CEE88avEi3EMBOtJzgYlItWRULbTIjwR5EUyVVLLYsY9OR7msGyO18d5ie+ KO09ef5J2l+/DC2MnDSLI7M/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsdCKu156 eKAMjGN4wbquYwruF4MwHwYDVR0jBBgwFoAUdf43qD7agAphAmCFh+30CJ2CQOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDN0FBL0QyMkVEQTM0MkE4 ODExRjBBMzBEOTE1OUM0RjlBRTAyL2RmNDNxRDdhZ0FwaEFtQ0ZoLTMwQ0oyQ1FP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZGY0M3FEN2FnQXBoQW1DRmgtMzBDSjJDUU9BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURD N0FBL0QyMkVEQTM0MkE4ODExRjBBMzBEOTE1OUM0RjlBRTAyL2RmNDNxRDdhZ0Fw aEFtQ0ZoLTMwQ0oyQ1FPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAcsgUq9ZkCzbaKRJARAdtLA8mKn4JzTnc1+cb7oxM0cPnQKzo8gFx49 kIzIcorkPE8+GHDagMffdaCMBcUWzJv8ROlnU7JcXvlEuaeuj3nuhMyEcECCNrPG QtzwQs108r2dN/UhI5Dgt6dR7XcDCp7GcP39nol5ALt39H5ayvHpnqgrTjaUgsfv iBbJ0meV+sao+d7fFU3RHpEUfmMLkfY9En17m6axN7GcqrW6kG2Dj1qePwuf1lv0 +3fQWSyZ+qlA0nUIL/My065KgVDV+XA+xVQ59U0/MkIAdYgc78i1mGPDxzpBKBjr mzqe05WpC827Sx1t387EiTLUbBFDmVw= -----END CERTIFICATE-----Generated at Mon Jul 21 12:39:18 2025 by rpki-client