$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft File: PN9D1xf8WEnyOpTimncrKKXXAeM.mft (raw, json) Hash identifier: PR1A6wNsrVRxsAOUrTkIlzIfjhJirYrKqulzob1Hl+8= Subject key identifier: 8F:57:E7:CA:0F:96:62:58:3C:B4:B9:4D:15:E6:9A:1F:C5:45:73:12 Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 0868 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft Manifest number: 0860 Signing time: Sun 20 Jul 2025 20:47:47 +0000 Manifest this update: Sun 20 Jul 2025 20:47:47 +0000 Manifest next update: Sun 27 Jul 2025 20:47:47 +0000 Files and hashes: 1: PN9D1xf8WEnyOpTimncrKKXXAeM.crl (hash: Qk7PFxPMsNN2wDnjjUItsFlLeLDYtq15WP2z868YXsw=) 2: D0CF108ED85111EF9DC0826CC4F9AE02.roa (hash: zvHITej7x6G5n4QCQAElY7CsJ+bvYQTRcFwTwkacxFI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 20:47:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2152 (0x868) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: Jul 20 20:47:47 2025 GMT Not After : Jul 27 20:47:47 2025 GMT Subject: CN=687d55f3-4c7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:46:b1:b6:68:8d:5a:3c:48:b8:75:5d:f0:20: 68:81:5c:69:4c:d0:7a:7d:16:48:a0:67:54:9a:07: aa:2b:bb:13:c6:dc:39:c1:db:2b:09:fa:65:58:8c: 82:d6:47:af:b3:6a:72:7a:7e:ec:37:e2:0a:30:ff: 9a:80:ba:61:04:56:e3:10:d0:41:2b:e0:48:ce:4d: 41:ec:bb:f2:21:1c:fd:37:6f:69:92:7b:bc:d3:3e: 7b:02:97:fb:f2:c1:3a:34:ff:f4:7e:6e:b4:8c:f4: 51:1d:af:cd:b8:7e:a0:e0:01:18:51:d8:34:64:00: 40:28:c4:09:ff:56:cc:f1:7d:20:83:b1:60:36:2e: 33:c5:20:7e:8a:df:a5:f3:a5:a0:23:95:a5:29:dd: 0b:8a:7a:6f:7a:93:65:1b:b3:4b:3e:f0:1b:41:7e: 5b:1a:9a:f4:86:00:31:60:3f:ce:ac:16:b0:90:08: 2c:e7:78:51:62:ee:00:9f:de:98:95:70:56:13:9a: 82:b5:36:85:81:5f:62:25:f6:b6:47:e3:c6:70:98: a8:3b:84:18:48:83:85:d9:24:ae:c2:82:e5:63:9d: 2e:2f:0c:fb:33:31:34:eb:b9:1b:20:be:0c:d7:92: 7e:0f:f3:d3:43:c5:fd:a9:94:c2:0e:c6:42:d3:18: 05:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:57:E7:CA:0F:96:62:58:3C:B4:B9:4D:15:E6:9A:1F:C5:45:73:12 X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:3e:ce:d7:b5:a4:00:b7:ab:ec:c2:03:7f:5d:ec:e9:28:60: 15:95:b5:3b:a3:f1:8b:98:e7:15:12:80:d3:98:86:90:a2:32: 98:59:ad:95:a6:f9:f1:5e:e6:36:c3:16:d9:6d:87:e8:72:75: 29:dc:d5:fc:e1:8c:bf:95:20:7d:9b:9a:1e:ee:c0:d0:3b:c0: 54:27:6f:7c:ea:8c:6a:c6:43:52:bb:29:98:f9:65:a0:2d:a5: 7e:68:6d:4f:75:60:00:ad:0f:48:ee:89:50:71:0f:81:d6:11: 59:b8:e4:fb:91:0e:5c:8e:de:c4:bf:83:56:32:94:9e:6f:04: 25:f7:c6:af:90:8e:ee:ce:02:07:3b:ba:7d:52:8c:40:45:58: 4a:05:f4:eb:fb:d2:5a:4b:27:1f:cf:0c:8a:2e:17:e9:f9:79: 22:da:57:66:34:f9:51:a5:55:71:8f:8c:d8:6a:6a:7e:72:9e: d7:e9:87:fd:34:99:5b:4f:16:37:cd:9c:76:ee:b2:c9:80:7a: 49:8f:6f:28:06:18:47:a5:c9:87:c2:f4:a2:29:18:76:e8:23: 94:06:69:29:d1:21:a8:2c:21:be:fa:e3:3b:d8:ec:6e:85:a5: 2e:5c:ca:f3:d0:25:00:3b:cf:d6:f5:e8:e4:a9:3b:9d:3d:53: 21:52:de:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwNzIwMjA0NzQ3WhcNMjUwNzI3MjA0NzQ3WjAYMRYwFAYD VQQDEw02ODdkNTVmMy00YzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr0axtmiNWjxIuHVd8CBogVxpTNB6fRZIoGdUmgeqK7sTxtw5wdsrCfplWIyC 1kevs2pyen7sN+IKMP+agLphBFbjENBBK+BIzk1B7LvyIRz9N29pknu80z57Apf7 8sE6NP/0fm60jPRRHa/NuH6g4AEYUdg0ZABAKMQJ/1bM8X0gg7FgNi4zxSB+it+l 86WgI5WlKd0LinpvepNlG7NLPvAbQX5bGpr0hgAxYD/OrBawkAgs53hRYu4An96Y lXBWE5qCtTaFgV9iJfa2R+PGcJioO4QYSIOF2SSuwoLlY50uLwz7MzE067kbIL4M 15J+D/PTQ8X9qZTCDsZC0xgFwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI9X58oP lmJYPLS5TRXmmh/FRXMSMB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JCMy85NUFFQTlFOENCRTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdF bnlPcFRpbW5jcktLWFhBZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQPs7XtaQAt6vswgN/XezpKGAVlbU7o/GLmOcVEoDTmIaQojKYWa2V pvnxXuY2wxbZbYfocnUp3NX84Yy/lSB9m5oe7sDQO8BUJ2986oxqxkNSuymY+WWg LaV+aG1PdWAArQ9I7olQcQ+B1hFZuOT7kQ5cjt7Ev4NWMpSebwQl98avkI7uzgIH O7p9UoxARVhKBfTr+9JaSycfzwyKLhfp+Xki2ldmNPlRpVVxj4zYamp+cp7X6Yf9 NJlbTxY3zZx27rLJgHpJj28oBhhHpcmHwvSiKRh26COUBmkp0SGoLCG++uM72Oxu haUuXMrz0CUAO8/W9ejkqTudPVMhUt42 -----END CERTIFICATE-----Generated at Mon Jul 21 08:05:58 2025 by rpki-client