$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.mft File: L2sefhQB3gCsju23qFkNA9xUD3g.mft (raw, json) Hash identifier: GLzP7b06k0OMurYeuMkQiPsC2rlHnhXlGpWOUAFDvPc= Subject key identifier: E3:1E:8B:F4:EA:7C:F1:C8:57:32:E5:04:9D:87:B0:15:B3:4F:C9:89 Authority key identifier: 2F:6B:1E:7E:14:01:DE:00:AC:8E:ED:B7:A8:59:0D:03:DC:54:0F:78 Certificate issuer: /CN=A91DD38B/serialNumber=2F6B1E7E1401DE00AC8EEDB7A8590D03DC540F78 Certificate serial: 6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2sefhQB3gCsju23qFkNA9xUD3g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.mft Manifest number: 6F Signing time: Sat 19 Jul 2025 07:08:53 +0000 Manifest this update: Sat 19 Jul 2025 07:08:53 +0000 Manifest next update: Sat 26 Jul 2025 07:08:52 +0000 Files and hashes: 1: L2sefhQB3gCsju23qFkNA9xUD3g.crl (hash: az7m4qWCQXwOAUeNFhNvBxZGLBjcfLErxhWNPaL9tT0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.crl rsync://rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2sefhQB3gCsju23qFkNA9xUD3g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:08:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 111 (0x6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD38B, serialNumber=2F6B1E7E1401DE00AC8EEDB7A8590D03DC540F78 Validity Not Before: Jul 19 07:08:53 2025 GMT Not After : Jul 26 07:08:52 2025 GMT Subject: CN=687b4485-63f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:19:2f:73:19:95:c5:f9:66:5e:c4:7a:1c:7b: 8b:8c:8f:ac:dc:5e:d0:f5:79:af:84:c2:bc:a4:71: 38:6f:f2:6e:52:d1:1d:48:95:2f:68:82:e8:86:51: 9c:fd:54:e0:3f:1f:b2:20:9e:c5:7d:29:04:67:49: db:c2:57:59:db:91:ff:1d:45:a9:10:91:10:85:e5: c8:8e:8b:d9:c9:90:49:75:1c:0d:cf:47:45:c2:0e: ed:65:fd:df:e5:77:67:d2:63:6f:4a:b4:6b:5e:23: fb:67:bb:f1:e9:45:95:f3:e3:3d:6c:f8:62:1f:41: a6:4c:3a:5b:b7:ed:20:64:eb:e4:6a:c1:63:6b:38: 0e:e4:0c:34:88:08:06:3e:27:e9:a6:42:16:e2:26: b5:2a:10:61:63:8e:9c:fe:74:da:39:0b:be:c1:cf: c1:cc:6e:3e:f7:d0:6d:18:30:16:e8:f8:17:be:88: da:2b:10:25:71:df:d6:3e:b4:fd:02:6e:e5:a3:26: 07:79:15:31:a9:17:79:1a:89:d4:d3:21:1c:fc:9b: 98:93:31:f5:a5:8a:8f:88:da:27:75:8e:91:29:6b: af:79:a6:da:5b:52:6e:b1:bb:5d:d5:a0:93:c9:f6: 8c:1a:20:13:f2:92:ce:36:cf:e1:0d:3e:65:c2:b7: ea:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:1E:8B:F4:EA:7C:F1:C8:57:32:E5:04:9D:87:B0:15:B3:4F:C9:89 X509v3 Authority Key Identifier: keyid:2F:6B:1E:7E:14:01:DE:00:AC:8E:ED:B7:A8:59:0D:03:DC:54:0F:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2sefhQB3gCsju23qFkNA9xUD3g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD38B/A1AB2ABCBA8911EF9B338512C4F9AE02/L2sefhQB3gCsju23qFkNA9xUD3g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d3:1f:c1:39:0e:c4:28:3c:a0:cb:a3:e7:68:e3:f4:14:4f:ed: 2c:f6:85:57:13:b7:b7:3b:8e:89:c1:45:88:3d:4f:0c:9e:96: 98:3c:42:19:7d:ec:25:9e:7e:a6:ea:88:d6:a3:28:b8:71:0c: bb:36:86:de:e8:b6:60:d8:a3:50:b8:c0:dc:be:b4:48:da:d8: d6:ae:70:a2:be:6c:8d:65:13:df:3c:7a:27:76:73:d0:4f:20: b5:fe:67:eb:d0:3e:c3:60:78:db:d3:9e:65:f4:89:95:7d:b9: c4:e8:13:ec:ad:5b:89:75:4b:f2:80:5c:d5:fa:a5:f8:3f:27: 9c:8e:11:92:1d:ec:26:ee:f4:cf:3b:ef:6f:76:dd:2b:7d:84: 7d:ff:c6:e1:2b:b6:d1:9f:b7:3d:64:62:6c:3d:4b:a3:89:92: 04:5e:df:d7:44:1b:02:eb:b9:b9:c9:48:2a:30:bf:0a:4a:ba: d2:68:33:f2:34:3c:a2:11:7b:07:86:6c:59:89:94:a0:e2:91: 06:c4:c4:d7:de:c6:61:ea:ee:de:c9:55:c3:f6:30:18:bc:a2: 6b:26:ce:0f:cd:eb:08:f8:9c:73:35:37:23:43:38:a2:bd:ce: 94:b7:28:4b:41:c7:3f:98:e5:6b:15:bd:0f:8b:7e:ab:94:bc: 2f:7f:03:f5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBbzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RDM4QjExMC8GA1UEBRMoMkY2QjFFN0UxNDAxREUwMEFDOEVFREI3QTg1OTBEMDNE QzU0MEY3ODAeFw0yNTA3MTkwNzA4NTNaFw0yNTA3MjYwNzA4NTJaMBgxFjAUBgNV BAMTDTY4N2I0NDg1LTYzZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEGS9zGZXF+WZexHoce4uMj6zcXtD1ea+EwrykcThv8m5S0R1IlS9oguiGUZz9 VOA/H7IgnsV9KQRnSdvCV1nbkf8dRakQkRCF5ciOi9nJkEl1HA3PR0XCDu1l/d/l d2fSY29KtGteI/tnu/HpRZXz4z1s+GIfQaZMOlu37SBk6+RqwWNrOA7kDDSICAY+ J+mmQhbiJrUqEGFjjpz+dNo5C77Bz8HMbj730G0YMBbo+Be+iNorECVx39Y+tP0C buWjJgd5FTGpF3kaidTTIRz8m5iTMfWlio+I2id1jpEpa695ptpbUm6xu13VoJPJ 9owaIBPyks42z+ENPmXCt+oHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU4x6L9Op8 8chXMuUEnYewFbNPyYkwHwYDVR0jBBgwFoAUL2sefhQB3gCsju23qFkNA9xUD3gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUREMzhCL0ExQUIyQUJDQkE4 OTExRUY5QjMzODUxMkM0RjlBRTAyL0wyc2VmaFFCM2dDc2p1MjNxRmtOQTl4VUQz Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTDJzZWZoUUIzZ0NzanUyM3FGa05BOXhVRDNnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURE MzhCL0ExQUIyQUJDQkE4OTExRUY5QjMzODUxMkM0RjlBRTAyL0wyc2VmaFFCM2dD c2p1MjNxRmtOQTl4VUQzZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANMfwTkOxCg8oMuj52jj9BRP7Sz2hVcTt7c7jonBRYg9Twyelpg8Qhl9 7CWefqbqiNajKLhxDLs2ht7otmDYo1C4wNy+tEja2NaucKK+bI1lE988eid2c9BP ILX+Z+vQPsNgeNvTnmX0iZV9ucToE+ytW4l1S/KAXNX6pfg/J5yOEZId7Cbu9M87 72923St9hH3/xuErttGftz1kYmw9S6OJkgRe39dEGwLrubnJSCowvwpKutJoM/I0 PKIReweGbFmJlKDikQbExNfexmHq7t7JVcP2MBi8omsmzg/N6wj4nHM1NyNDOKK9 zpS3KEtBxz+Y5WsVvQ+LfquUvC9/A/U= -----END CERTIFICATE-----Generated at Mon Jul 21 06:41:59 2025 by rpki-client