$ rpki-client -vvf rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.mft File: S9mZS8XP-ey2aDyU3G7s1e7uDng.mft (raw, json) Hash identifier: 2dLdZrIRe2pN49A2+nihe9jV3DCCZ0zgosEb6vjmQ2A= Subject key identifier: D5:B1:0A:9A:2A:46:D7:A7:27:41:BB:06:5F:C4:5B:12:23:F5:3E:D2 Authority key identifier: 4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78 Certificate issuer: /CN=A91E00FC/serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78 Certificate serial: 0A0B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.mft Manifest number: 09FE Signing time: Tue 22 Jul 2025 20:08:04 +0000 Manifest this update: Tue 22 Jul 2025 20:08:04 +0000 Manifest next update: Tue 29 Jul 2025 20:08:04 +0000 Files and hashes: 1: S9mZS8XP-ey2aDyU3G7s1e7uDng.crl (hash: LDE3LNd5S2XrXiXu/IBAMYMgMFhwXFL7HE3xqQ+7Jjw=) 2: CD26CAC0431611EE80B53A75C4F9AE02.roa (hash: r8n2MjMUHYmVdEJ+7Xp+vud9daXi0fU7s6dyyzC3DT4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.crl rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:08:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2571 (0xa0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E00FC, serialNumber=4BD9994BC5CFF9ECB6683C94DC6EECD5EEEE0E78 Validity Not Before: Jul 22 20:08:04 2025 GMT Not After : Jul 29 20:08:04 2025 GMT Subject: CN=687fefa4-135e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d1:e0:dc:9c:8e:8e:96:18:0e:6b:7f:c5:72: bd:98:3d:50:95:c1:c0:8b:ba:38:40:50:40:b4:1f: 13:ae:a5:d2:5d:ae:50:43:3a:d6:79:a9:d9:ab:01: 88:30:6f:6c:d4:3e:1a:6f:e7:61:3e:a0:4c:0e:14: 41:e0:e1:a7:b7:ca:55:62:38:a4:3e:10:9e:fb:06: 6c:17:5d:dd:a5:fd:4a:21:f3:dd:dd:3c:52:b5:d4: 86:61:db:64:63:d9:df:35:38:3e:c4:28:69:f8:df: dd:a6:de:27:1d:c8:9c:f2:5a:a8:07:92:25:8f:50: 63:87:b0:33:f9:41:34:4e:ec:20:8a:74:48:82:ef: 1b:eb:bd:ee:f8:f5:cf:b2:83:9d:5b:23:bf:1e:16: c8:74:45:54:04:5b:9b:3d:13:7a:80:30:eb:3d:93: b4:8e:f6:9b:d9:a1:bd:36:a4:e7:6f:8f:0e:a7:ae: 97:6c:98:51:9e:61:3a:b2:4d:25:7f:99:98:75:a1: 51:2d:13:d5:ac:75:36:04:74:56:5c:bf:2a:44:92: 62:30:13:85:36:a4:74:ce:ea:f9:ab:8d:8c:e7:21: 92:4d:50:31:2f:5b:71:b4:b8:60:67:61:c7:ca:9c: f1:d6:64:d2:c0:7d:28:67:bd:fd:15:a8:42:eb:c9: b6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:B1:0A:9A:2A:46:D7:A7:27:41:BB:06:5F:C4:5B:12:23:F5:3E:D2 X509v3 Authority Key Identifier: keyid:4B:D9:99:4B:C5:CF:F9:EC:B6:68:3C:94:DC:6E:EC:D5:EE:EE:0E:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/S9mZS8XP-ey2aDyU3G7s1e7uDng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E00FC/55F2C4C67F2F11EAADF4BF6AC4F9AE02/S9mZS8XP-ey2aDyU3G7s1e7uDng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:f5:90:45:8e:eb:b8:d4:2b:17:d0:96:ec:4b:af:49:8f:96: 51:98:67:83:9f:ab:d8:bd:81:66:00:8a:cf:da:53:c6:a2:c1: 1d:39:3d:07:d1:b2:3f:8f:29:97:a0:2d:47:f1:ac:37:e8:2e: 60:e3:ed:a8:fd:18:ee:fe:91:6b:0d:c5:38:d8:98:4f:01:5a: 2a:43:de:10:d2:79:70:68:b7:e1:79:16:f4:a6:c6:cd:5d:e2: 5f:73:2a:8e:58:ea:54:e2:57:00:0d:ff:9c:fd:d0:b8:94:6f: 3b:31:90:65:14:6c:c4:99:e4:bb:b3:95:d5:f5:27:37:18:5b: 7e:28:3d:f7:79:cc:7d:4f:89:1e:2b:f6:82:e7:fd:3d:1c:61: 99:d4:86:72:9f:d5:0f:21:1b:7d:c5:a1:64:3a:a7:7f:fc:da: 5b:19:48:a6:fe:83:00:73:51:cf:34:86:4b:f1:77:b1:b6:f3: 37:fd:26:e4:55:75:d0:ee:95:d7:a9:6a:e4:a4:60:ad:4c:3d: 20:a8:d7:7f:de:d3:82:ba:79:71:ce:c8:f1:7c:ed:cc:df:e6: 51:99:1e:82:28:c7:ed:f9:9b:ac:58:24:5d:07:57:b3:88:4b: 8f:94:bb:90:90:4e:37:3b:ba:46:d3:54:4f:c2:b2:5c:a4:16: 5f:79:03:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTAwRkMxMTAvBgNVBAUTKDRCRDk5OTRCQzVDRkY5RUNCNjY4M0M5NERDNkVFQ0Q1 RUVFRTBFNzgwHhcNMjUwNzIyMjAwODA0WhcNMjUwNzI5MjAwODA0WjAYMRYwFAYD VQQDEw02ODdmZWZhNC0xMzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtHg3JyOjpYYDmt/xXK9mD1QlcHAi7o4QFBAtB8TrqXSXa5QQzrWeanZqwGI MG9s1D4ab+dhPqBMDhRB4OGnt8pVYjikPhCe+wZsF13dpf1KIfPd3TxStdSGYdtk Y9nfNTg+xChp+N/dpt4nHcic8lqoB5Ilj1Bjh7Az+UE0TuwginRIgu8b673u+PXP soOdWyO/HhbIdEVUBFubPRN6gDDrPZO0jvab2aG9NqTnb48Op66XbJhRnmE6sk0l f5mYdaFRLRPVrHU2BHRWXL8qRJJiMBOFNqR0zur5q42M5yGSTVAxL1txtLhgZ2HH ypzx1mTSwH0oZ739FahC68m2qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNWxCpoq RtenJ0G7Bl/EWxIj9T7SMB8GA1UdIwQYMBaAFEvZmUvFz/nstmg8lNxu7NXu7g54 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDBGQy81NUYyQzRDNjdG MkYxMUVBQURGNEJGNkFDNEY5QUUwMi9TOW1aUzhYUC1leTJhRHlVM0c3czFlN3VE bmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1M5bVpTOFhQLWV5MmFEeVUzRzdzMWU3dURuZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MDBGQy81NUYyQzRDNjdGMkYxMUVBQURGNEJGNkFDNEY5QUUwMi9TOW1aUzhYUC1l eTJhRHlVM0c3czFlN3VEbmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCj9ZBFjuu41CsX0JbsS69Jj5ZRmGeDn6vYvYFmAIrP2lPGosEdOT0H 0bI/jymXoC1H8aw36C5g4+2o/Rju/pFrDcU42JhPAVoqQ94Q0nlwaLfheRb0psbN XeJfcyqOWOpU4lcADf+c/dC4lG87MZBlFGzEmeS7s5XV9Sc3GFt+KD33ecx9T4ke K/aC5/09HGGZ1IZyn9UPIRt9xaFkOqd//NpbGUim/oMAc1HPNIZL8XextvM3/Sbk VXXQ7pXXqWrkpGCtTD0gqNd/3tOCunlxzsjxfO3M3+ZRmR6CKMft+ZusWCRdB1ez iEuPlLuQkE43O7pG01RPwrJcpBZfeQNC -----END CERTIFICATE-----Generated at Wed Jul 23 07:43:28 2025 by rpki-client