$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft File: PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft (raw, json) Hash identifier: gKSEilaonL0Q/shhtPkj2p38THfgLwgpFmfhYorm9ho= Subject key identifier: 1C:15:0A:EB:32:08:C1:B5:2B:7D:00:11:2E:4F:E3:F6:75:AD:9C:AA Authority key identifier: 3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6 Certificate issuer: /CN=A91E4668/serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6 Certificate serial: 0E9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft Manifest number: 0E8E Signing time: Fri 18 Jul 2025 17:51:30 +0000 Manifest this update: Fri 18 Jul 2025 17:51:29 +0000 Manifest next update: Fri 25 Jul 2025 17:51:29 +0000 Files and hashes: 1: PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl (hash: o7fwZS1dq2okmozQk1YYp1ZLzVAo8QKnpIpgAR4zTUg=) 2: A5B7D874091F11EFA6EDE141C4F9AE02.roa (hash: vN4eTkgE+NqzrGCF55MmLQiQ1U4uCoJcvi6VZO9X/KY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 17:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3738 (0xe9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4668, serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6 Validity Not Before: Jul 18 17:51:29 2025 GMT Not After : Jul 25 17:51:29 2025 GMT Subject: CN=687a89a1-a3c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:00:cd:01:52:f6:8e:3a:38:46:b7:0a:80:36: ff:3c:90:d2:78:6e:7e:cd:ea:f1:9e:09:d6:b2:0e: 41:72:02:7e:87:16:f9:f4:f9:b2:dc:75:f6:59:03: 28:27:17:69:79:88:ac:09:b8:d0:47:ef:95:58:46: bb:87:1b:17:e0:dc:93:8f:cc:dc:3b:22:74:72:38: b1:b3:9d:48:34:75:73:38:3e:9e:7a:44:ed:51:ea: fb:8c:f4:3a:36:9e:c5:72:f6:22:25:a8:2f:fd:af: 7f:e5:3a:26:61:77:23:d6:77:c5:ee:08:cb:5b:f3: 9f:ef:8e:96:17:ab:d0:69:95:0c:29:e2:d0:ed:9c: 7d:f8:8a:52:07:dc:89:70:41:e6:01:b4:bf:3b:7b: 26:47:57:00:e4:24:99:68:bd:35:c7:5b:72:12:ea: 6c:a8:9a:53:c3:87:14:b4:04:19:58:36:d8:ce:7a: 52:ca:4e:2d:f8:69:6e:c9:f5:d8:80:3b:43:94:80: 79:94:78:fa:4e:7e:66:02:6c:9f:22:b9:5b:f3:d8: af:08:87:e7:b5:67:47:bb:05:01:24:2e:6a:91:57: 3b:f9:eb:73:58:3f:44:11:7a:ed:fe:35:48:3e:66: 49:30:53:9e:a4:6e:77:8a:6a:49:43:d9:9b:6a:ba: e1:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:15:0A:EB:32:08:C1:B5:2B:7D:00:11:2E:4F:E3:F6:75:AD:9C:AA X509v3 Authority Key Identifier: keyid:3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:35:88:64:b2:66:47:f8:d3:5b:10:13:81:73:a7:cc:61:04: 51:52:9b:4b:0e:76:90:40:7d:4e:14:af:67:42:5b:78:90:c4: 6e:a6:e0:0e:66:f1:b8:4d:be:1c:c7:a8:3a:d2:e9:1d:0f:2a: a9:3d:74:81:b4:26:bc:ff:04:7a:7f:14:8b:dd:5f:28:69:70: 51:83:18:d6:bb:e7:dc:bf:ce:ed:49:9c:42:40:99:9d:8c:f5: f6:86:cb:9e:0b:29:bf:37:17:e7:4d:67:54:5a:ea:88:83:53: 14:68:18:95:84:ae:9c:0a:42:ce:c7:2d:c1:43:17:e2:a3:66: ff:d4:cf:df:ec:cc:33:dd:1d:48:01:a6:b5:c2:eb:b1:fa:c8: ed:c5:14:56:2b:79:0f:f0:4f:8a:d4:39:f9:fa:13:90:11:50: a7:10:2e:1e:a2:85:3c:49:3f:3c:74:8f:3a:75:ae:0d:3a:2a: 07:03:30:95:0e:94:69:db:e8:cf:aa:33:33:17:3b:56:45:f1: b2:9f:5e:ae:a3:29:80:4e:31:3a:12:f7:cf:4a:bc:e0:64:c4: 8c:eb:90:e6:c5:32:d1:06:94:7d:79:96:bc:cd:a8:9d:64:55: cc:31:87:4d:17:4d:44:b9:d2:e9:81:00:8b:7b:77:4b:0f:c4: 42:e2:57:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDpowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ2NjgxMTAvBgNVBAUTKDNEMDU1NkQxOTNCQzkyQTIxRUE3NDdGOTU4QzY5N0E5 N0VDNUQ1RDYwHhcNMjUwNzE4MTc1MTI5WhcNMjUwNzI1MTc1MTI5WjAYMRYwFAYD VQQDEw02ODdhODlhMS1hM2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyADNAVL2jjo4RrcKgDb/PJDSeG5+zerxngnWsg5BcgJ+hxb59Pmy3HX2WQMo JxdpeYisCbjQR++VWEa7hxsX4NyTj8zcOyJ0cjixs51INHVzOD6eekTtUer7jPQ6 Np7FcvYiJagv/a9/5TomYXcj1nfF7gjLW/Of746WF6vQaZUMKeLQ7Zx9+IpSB9yJ cEHmAbS/O3smR1cA5CSZaL01x1tyEupsqJpTw4cUtAQZWDbYznpSyk4t+GluyfXY gDtDlIB5lHj6Tn5mAmyfIrlb89ivCIfntWdHuwUBJC5qkVc7+etzWD9EEXrt/jVI PmZJMFOepG53impJQ9mbarrhGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBwVCusy CMG1K30AES5P4/Z1rZyqMB8GA1UdIwQYMBaAFD0FVtGTvJKiHqdH+VjGl6l+xdXW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDY2OC83QzkwMDlBQzk3 RjExMUU5QTJFNTE5ODFDNEY5QUUwMi9QUVZXMFpPOGtxSWVwMGY1V01hWHFYN0Yx ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BRVlcwWk84a3FJZXAwZjVXTWFYcVg3RjFkWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDY2OC83QzkwMDlBQzk3RjExMUU5QTJFNTE5ODFDNEY5QUUwMi9QUVZXMFpPOGtx SWVwMGY1V01hWHFYN0YxZFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCENYhksmZH+NNbEBOBc6fMYQRRUptLDnaQQH1OFK9nQlt4kMRupuAO ZvG4Tb4cx6g60ukdDyqpPXSBtCa8/wR6fxSL3V8oaXBRgxjWu+fcv87tSZxCQJmd jPX2hsueCym/NxfnTWdUWuqIg1MUaBiVhK6cCkLOxy3BQxfio2b/1M/f7Mwz3R1I Aaa1wuux+sjtxRRWK3kP8E+K1Dn5+hOQEVCnEC4eooU8ST88dI86da4NOioHAzCV DpRp2+jPqjMzFztWRfGyn16uoymATjE6EvfPSrzgZMSM65DmxTLRBpR9eZa8zaid ZFXMMYdNF01EudLpgQCLe3dLD8RC4le+ -----END CERTIFICATE-----Generated at Sun Jul 20 11:37:50 2025 by rpki-client