$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: HV5AmqoYRp4bmp+VvYw4X5gWbgKUxHmOXy5t1RJx9J4= Subject key identifier: F8:B9:79:CF:A6:AC:F3:CB:F0:C9:EE:F4:14:10:15:38:DF:01:70:4A Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 34AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 34A9 Signing time: Sun 20 Jul 2025 15:07:30 +0000 Manifest this update: Sun 20 Jul 2025 15:07:29 +0000 Manifest next update: Sun 27 Jul 2025 15:07:29 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: GWUyPk0o8lcCUL8d0Er78vOOTNwB8GMKQL0L7bGQYzg=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 15:07:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13486 (0x34ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Jul 20 15:07:29 2025 GMT Not After : Jul 27 15:07:29 2025 GMT Subject: CN=687d0631-000b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:10:72:7d:e8:29:c2:3e:42:96:7c:a5:ca:ed: e8:77:cb:43:16:a9:88:37:75:ae:08:0f:ac:bd:e5: 15:48:90:17:5d:0f:71:76:97:70:e5:a3:fb:63:b4: f0:29:ad:45:8c:ff:91:73:ce:2e:59:39:f6:b8:31: 35:c1:dd:bd:7d:16:33:51:47:fe:5e:13:1b:cd:30: 4b:32:c7:a5:42:6e:9a:e4:9c:17:e0:2c:42:c4:d9: 8d:49:91:47:2a:e0:a3:4b:79:b7:69:04:17:7f:2f: c1:80:c5:f6:c5:15:92:86:2d:ed:82:0f:59:ee:ab: c6:15:9d:70:7a:70:f6:70:dc:51:8f:2b:03:3a:3f: 9e:1d:8d:5b:3a:83:a1:0c:8b:dc:44:f5:72:95:bd: 87:4e:65:a1:49:f0:1b:5d:80:0a:07:48:45:88:7e: 44:ee:ef:0f:57:15:3f:60:dd:88:0e:ed:6d:59:70: 3f:62:07:17:03:fd:38:6a:5a:1c:7b:1d:a9:55:5f: 3f:63:1f:5f:bb:4a:30:10:78:c4:1b:77:75:73:95: 73:62:af:50:bb:e7:f5:c3:a8:58:54:76:6e:4b:ba: 8d:33:e7:3f:be:03:b5:15:22:e1:da:5b:f0:9d:9f: d6:6a:a7:62:cb:2f:e3:2c:af:af:26:b0:d1:d8:f0: c7:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:B9:79:CF:A6:AC:F3:CB:F0:C9:EE:F4:14:10:15:38:DF:01:70:4A X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:47:fd:a8:5d:8b:79:a8:8e:15:9e:8d:82:b8:78:0e:94:7e: 74:9a:7c:ee:e6:f0:30:fe:fb:2e:30:25:44:13:39:ec:fd:82: 9c:bb:1b:fb:06:da:71:b2:fd:12:33:9e:75:ce:d3:70:20:d4: 20:d1:ba:46:b9:ce:80:2b:ad:1c:91:a2:dd:80:95:43:47:6b: 3b:4a:ce:3a:af:c1:3c:5c:40:24:ae:38:7a:f3:46:e1:1f:f7: 6d:04:31:57:c6:c5:aa:b8:3e:10:69:07:73:f4:f8:9c:0b:9b: 5b:a9:23:3d:d4:aa:d7:2c:9f:60:49:c8:06:9d:f7:63:0a:f2: ed:e7:d9:b7:bc:d8:0e:f0:16:28:84:4b:9e:86:cf:93:5d:f8: 03:f8:fb:8f:b7:d9:7f:97:48:94:cd:d5:b4:05:4f:3d:cc:ab: a0:5c:ba:76:96:0f:fc:2a:4a:ec:d4:5c:1f:07:ca:1a:20:b9: 65:28:d2:b5:12:c6:2c:09:f4:81:15:74:b7:78:2e:15:ae:f4: 61:5e:ba:5c:b8:12:2a:d7:01:be:78:85:3e:1e:f1:27:15:56: 13:26:d6:12:0f:1d:e1:05:ad:be:25:31:2b:0d:b9:06:6f:58: da:3d:67:c6:a5:07:45:52:2e:57:62:e6:dd:29:51:17:f5:63: 65:3f:89:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNzIwMTUwNzI5WhcNMjUwNzI3MTUwNzI5WjAYMRYwFAYD VQQDEw02ODdkMDYzMS0wMDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnRByfegpwj5Clnylyu3od8tDFqmIN3WuCA+sveUVSJAXXQ9xdpdw5aP7Y7Tw Ka1FjP+Rc84uWTn2uDE1wd29fRYzUUf+XhMbzTBLMselQm6a5JwX4CxCxNmNSZFH KuCjS3m3aQQXfy/BgMX2xRWShi3tgg9Z7qvGFZ1wenD2cNxRjysDOj+eHY1bOoOh DIvcRPVylb2HTmWhSfAbXYAKB0hFiH5E7u8PVxU/YN2IDu1tWXA/YgcXA/04aloc ex2pVV8/Yx9fu0owEHjEG3d1c5VzYq9Qu+f1w6hYVHZuS7qNM+c/vgO1FSLh2lvw nZ/Waqdiyy/jLK+vJrDR2PDH0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPi5ec+m rPPL8Mnu9BQQFTjfAXBKMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTR/2oXYt5qI4Vno2CuHgOlH50mnzu5vAw/vsuMCVEEzns/YKcuxv7 Btpxsv0SM551ztNwINQg0bpGuc6AK60ckaLdgJVDR2s7Ss46r8E8XEAkrjh680bh H/dtBDFXxsWquD4QaQdz9PicC5tbqSM91KrXLJ9gScgGnfdjCvLt59m3vNgO8BYo hEuehs+TXfgD+PuPt9l/l0iUzdW0BU89zKugXLp2lg/8Kkrs1FwfB8oaILllKNK1 EsYsCfSBFXS3eC4VrvRhXrpcuBIq1wG+eIU+HvEnFVYTJtYSDx3hBa2+JTErDbkG b1jaPWfGpQdFUi5XYubdKVEX9WNlP4mH -----END CERTIFICATE-----Generated at Mon Jul 21 06:51:40 2025 by rpki-client