$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft File: pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft (raw, json) Hash identifier: snf86PeRm3O3mSudMc26NFD/jkuWLKDRp7zFKiLVFao= Subject key identifier: F7:B1:11:B0:F5:F1:3D:99:B1:B8:7C:0E:C5:1E:DE:C0:24:18:67:43 Authority key identifier: A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 Certificate issuer: /CN=A91DD902/serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Certificate serial: 01BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft Manifest number: 01B6 Signing time: Mon 21 Jul 2025 03:10:30 +0000 Manifest this update: Mon 21 Jul 2025 03:10:30 +0000 Manifest next update: Mon 28 Jul 2025 03:10:30 +0000 Files and hashes: 1: pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl (hash: DGINS4G1YWnkE70Wijfyv2bxWRFw3/zjdF/G6DrJ0cM=) 2: 33A48584C92911EDAE3AB84EC4F9AE02.roa (hash: FLrBHslp5iyCkfQbrVJ9NSbQz6e94p5SbxYxtxyABAU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 03:10:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 442 (0x1ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD902, serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Validity Not Before: Jul 21 03:10:30 2025 GMT Not After : Jul 28 03:10:30 2025 GMT Subject: CN=687dafa6-09da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:8c:b7:b2:0e:89:ec:99:e4:3a:1e:08:ac:80: a0:26:3c:a5:d4:bd:ab:b8:9d:b6:87:bb:6e:66:9d: 38:5d:e6:65:b6:5e:6d:d2:96:92:4f:a8:f8:2b:61: 7c:e6:99:2a:46:3f:fe:cf:52:bd:f8:eb:80:a9:af: 62:46:f0:37:d7:97:86:e3:0a:a8:ce:bf:0c:a1:17: d4:69:f1:b3:e9:c7:ae:de:08:6a:7d:c4:20:13:f2: 02:a3:1f:25:86:9b:4c:56:99:7a:54:67:17:de:26: 00:0d:66:7c:08:c4:5b:e6:60:f1:8d:a9:43:87:76: 5a:a8:18:0d:af:9c:79:e8:40:9d:cf:33:ad:b8:b4: d9:f1:9a:bd:89:d9:23:18:a8:04:61:fb:d5:93:d9: e4:38:c8:60:50:1d:9f:b5:c7:d9:39:ba:da:ab:39: 43:78:9b:81:04:61:33:59:ea:e6:ab:68:fe:19:3a: d4:b0:21:0c:78:18:2d:7d:2f:33:63:da:28:fe:68: cb:45:5e:72:f9:80:b5:b2:68:8a:b8:0d:0b:6d:d7: 3f:8e:a2:08:65:44:18:87:3b:1e:1c:23:28:ca:00: f1:2d:55:f5:f9:51:58:7e:0e:f9:55:bf:91:e6:e3: 0c:93:96:32:5b:43:ed:9d:4a:43:eb:07:8f:17:b8: 98:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B1:11:B0:F5:F1:3D:99:B1:B8:7C:0E:C5:1E:DE:C0:24:18:67:43 X509v3 Authority Key Identifier: keyid:A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:53:f7:10:06:7e:5e:50:37:33:f4:7d:6d:e0:0d:8f:0e:ab: 39:2e:4d:da:ca:cf:d7:8f:1c:d8:04:06:f6:32:77:98:73:6a: 33:22:89:a7:d8:6f:ea:93:7b:8d:a0:ac:d0:0b:ea:63:e9:36: 0e:c6:81:c2:41:50:f0:7c:c8:11:42:4c:72:08:88:73:3c:b0: d7:92:ca:88:b5:e2:c1:c9:1c:bc:5b:a4:80:0f:44:5c:6f:55: 61:e7:a8:55:af:31:c1:cc:f4:a4:55:bd:67:77:f2:5f:84:6f: 8e:37:7a:7f:cb:c2:42:04:bd:6e:c5:0a:f6:d0:87:73:30:c1: eb:6d:1f:bd:f9:26:82:0b:3d:19:80:60:01:42:72:2b:34:a8: 5b:34:6f:dc:f1:79:2e:10:19:86:cd:05:71:a2:a4:69:4e:d7: b4:45:3c:36:29:1f:2c:16:09:37:db:8d:50:76:4c:c7:13:d2: 4a:00:e0:4e:a0:08:b6:25:4c:e5:be:b4:59:d6:a0:da:bd:65: 88:4b:34:3b:07:1b:cd:3e:7f:0d:73:a1:97:ce:61:92:b9:c2: 57:55:a8:21:f0:c1:54:ad:16:1b:11:a5:1b:04:3f:dd:38:d0: b6:88:e9:19:85:46:86:cf:a9:9c:e1:4c:fe:0a:36:df:c8:77: bd:ad:1b:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ5MDIxMTAvBgNVBAUTKEE2NzRDNjcwMUUyQjBDRTNEMTA3RTlGMjM2QzU1Q0VG RTY4NzY4RjEwHhcNMjUwNzIxMDMxMDMwWhcNMjUwNzI4MDMxMDMwWjAYMRYwFAYD VQQDEw02ODdkYWZhNi0wOWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8oy3sg6J7JnkOh4IrICgJjyl1L2ruJ22h7tuZp04XeZltl5t0paST6j4K2F8 5pkqRj/+z1K9+OuAqa9iRvA315eG4wqozr8MoRfUafGz6ceu3ghqfcQgE/ICox8l hptMVpl6VGcX3iYADWZ8CMRb5mDxjalDh3ZaqBgNr5x56ECdzzOtuLTZ8Zq9idkj GKgEYfvVk9nkOMhgUB2ftcfZObraqzlDeJuBBGEzWermq2j+GTrUsCEMeBgtfS8z Y9oo/mjLRV5y+YC1smiKuA0Lbdc/jqIIZUQYhzseHCMoygDxLVX1+VFYfg75Vb+R 5uMMk5YyW0PtnUpD6wePF7iYJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPexEbD1 8T2Zsbh8DsUe3sAkGGdDMB8GA1UdIwQYMBaAFKZ0xnAeKwzj0Qfp8jbFXO/mh2jx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDkwMi81NzBCM0Y4RUM5 MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRPUFJCLW55TnNWYzctYUhh UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BuVEdjQjRyRE9QUkItbnlOc1ZjNy1hSGFQRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDkwMi81NzBCM0Y4RUM5MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRP UFJCLW55TnNWYzctYUhhUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2U/cQBn5eUDcz9H1t4A2PDqs5Lk3ays/XjxzYBAb2MneYc2ozIomn 2G/qk3uNoKzQC+pj6TYOxoHCQVDwfMgRQkxyCIhzPLDXksqIteLByRy8W6SAD0Rc b1Vh56hVrzHBzPSkVb1nd/JfhG+ON3p/y8JCBL1uxQr20IdzMMHrbR+9+SaCCz0Z gGABQnIrNKhbNG/c8XkuEBmGzQVxoqRpTte0RTw2KR8sFgk3241QdkzHE9JKAOBO oAi2JUzlvrRZ1qDavWWISzQ7BxvNPn8Nc6GXzmGSucJXVagh8MFUrRYbEaUbBD/d ONC2iOkZhUaGz6mc4Uz+CjbfyHe9rRtb -----END CERTIFICATE-----Generated at Mon Jul 21 12:27:15 2025 by rpki-client