$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft File: qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft (raw, json) Hash identifier: LlvC9MXEi4al5k2vXKnX/3sLkfCVRuwaT1fLkOQ2pCY= Subject key identifier: D2:AE:C4:8C:52:2E:DE:50:FF:1B:E8:C6:A5:DA:48:1C:7F:C6:CF:2E Authority key identifier: A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 Certificate issuer: /CN=A91E6CCA/serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft Manifest number: 3C Signing time: Mon 21 Jul 2025 07:46:22 +0000 Manifest this update: Mon 21 Jul 2025 07:46:21 +0000 Manifest next update: Mon 28 Jul 2025 07:46:21 +0000 Files and hashes: 1: qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl (hash: NUwQGUyPhoz/sZrSxYyiBPWJFFWkRweN7Buj2+EI1CY=) 2: A94836600F7111F08BC42022C4F9AE02.roa (hash: P0ugR8U/wyMnqraRD80X5tdZACXWqmlF+Xy2XfETkeY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:46:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6CCA, serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Validity Not Before: Jul 21 07:46:21 2025 GMT Not After : Jul 28 07:46:21 2025 GMT Subject: CN=687df04e-e515 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:06:19:7c:b1:82:94:90:f9:2a:8d:7a:0a:ba: 85:5a:c2:3e:75:76:39:74:81:a5:ec:91:92:88:f4: 48:97:9d:00:06:69:5a:88:56:05:8d:fa:a9:c6:0b: 87:59:f5:84:b9:a8:cd:f9:45:07:dc:11:c8:d8:46: ff:f7:82:56:70:35:30:0a:ba:8b:bb:df:51:e0:6d: 23:5d:97:97:01:72:b8:64:90:ad:cc:38:64:e6:5d: d8:08:74:ac:36:60:7b:49:ba:cc:73:ba:13:56:58: 52:db:92:76:2b:3b:79:ca:f6:44:97:33:f7:50:fb: 21:6c:8d:c9:71:c0:ff:26:7d:0c:60:8e:b8:1e:8c: f1:bc:6b:c8:e2:43:b3:0a:40:fd:3f:af:2a:43:ff: ef:55:be:c4:83:40:39:af:0c:b9:e8:13:83:10:f7: 60:ce:bb:14:b6:32:d1:73:ca:57:14:70:5b:10:b5: 1e:8c:89:b8:52:ff:15:dd:46:99:56:32:00:d8:d5: de:32:1d:be:8d:71:26:ef:44:0e:61:3c:59:56:7a: d6:65:a8:d3:fc:7d:1f:db:5e:b4:6f:34:9f:f8:ca: d1:af:24:fc:64:4e:bf:83:41:4e:6b:78:45:c5:9b: 56:db:10:3f:66:a3:8c:db:1c:e7:20:31:36:88:fc: 21:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:AE:C4:8C:52:2E:DE:50:FF:1B:E8:C6:A5:DA:48:1C:7F:C6:CF:2E X509v3 Authority Key Identifier: keyid:A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:f1:4a:3a:fb:bd:7f:a8:fe:e0:fb:88:ed:80:0e:1b:c9:e1: 18:5f:d7:85:0b:aa:08:de:4a:eb:15:af:b6:6b:29:c4:0e:f9: 65:3e:73:da:15:0a:f4:d8:7d:92:54:53:07:d6:23:d3:dd:2a: 1e:cc:d4:19:9e:97:bf:4d:7a:ff:a1:65:b0:c9:57:e1:74:56: 5c:dd:6b:e9:63:c3:78:42:6d:eb:8c:1d:16:42:f4:72:c7:21: 21:d2:09:0b:8c:f5:36:1f:c4:40:3f:ec:d6:f0:ed:b3:76:ea: a6:62:dd:3b:42:62:a1:af:38:f7:cb:ad:77:7d:a5:2b:a2:dc: ba:4a:0f:07:58:b4:1b:ca:0d:94:30:c3:cf:55:50:77:80:bc: 76:c3:60:60:0f:82:20:86:f6:71:f6:7d:7d:74:54:c7:c9:76: 49:fd:e8:db:1a:ac:d4:76:e9:5e:1b:0f:ff:61:67:fe:0b:33: aa:12:a0:6c:8f:95:6e:10:19:92:c4:ec:f8:04:b6:8f:b2:0d: 9b:78:a3:8b:da:37:6e:77:e7:71:d1:65:de:77:36:05:69:42: 54:1b:e7:9a:9c:bc:8a:7a:81:4f:67:15:a3:6b:97:aa:c9:37: 0a:75:f5:90:37:0f:7f:fb:1c:b4:ab:5e:88:59:4c:e2:9d:68: 45:f8:42:08 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NkNDQTExMC8GA1UEBRMoQTg5RDBGRDRGNDhBQkY2OTRGRDlERjc3MDRFNTk2NDY0 REVEMjE3OTAeFw0yNTA3MjEwNzQ2MjFaFw0yNTA3MjgwNzQ2MjFaMBgxFjAUBgNV BAMTDTY4N2RmMDRlLWU1MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4Bhl8sYKUkPkqjXoKuoVawj51djl0gaXskZKI9EiXnQAGaVqIVgWN+qnGC4dZ 9YS5qM35RQfcEcjYRv/3glZwNTAKuou731HgbSNdl5cBcrhkkK3MOGTmXdgIdKw2 YHtJusxzuhNWWFLbknYrO3nK9kSXM/dQ+yFsjclxwP8mfQxgjrgejPG8a8jiQ7MK QP0/rypD/+9VvsSDQDmvDLnoE4MQ92DOuxS2MtFzylcUcFsQtR6MibhS/xXdRplW MgDY1d4yHb6NcSbvRA5hPFlWetZlqNP8fR/bXrRvNJ/4ytGvJPxkTr+DQU5reEXF m1bbED9mo4zbHOcgMTaI/CFDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0q7EjFIu 3lD/G+jGpdpIHH/Gzy4wHwYDVR0jBBgwFoAUqJ0P1PSKv2lP2d93BOWWRk3tIXkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2Q0NBLzFBN0FERUNBMEY3 MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJsUDJkOTNCT1dXUmszdElY ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcUowUDFQU0t2MmxQMmQ5M0JPV1dSazN0SVhrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2 Q0NBLzFBN0FERUNBMEY3MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJs UDJkOTNCT1dXUmszdElYay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABTxSjr7vX+o/uD7iO2ADhvJ4Rhf14ULqgjeSusVr7ZrKcQO+WU+c9oV CvTYfZJUUwfWI9PdKh7M1Bmel79Nev+hZbDJV+F0Vlzda+ljw3hCbeuMHRZC9HLH ISHSCQuM9TYfxEA/7Nbw7bN26qZi3TtCYqGvOPfLrXd9pSui3LpKDwdYtBvKDZQw w89VUHeAvHbDYGAPgiCG9nH2fX10VMfJdkn96NsarNR26V4bD/9hZ/4LM6oSoGyP lW4QGZLE7PgEto+yDZt4o4vaN25353HRZd53NgVpQlQb55qcvIp6gU9nFaNrl6rJ Nwp19ZA3D3/7HLSrXohZTOKdaEX4Qgg= -----END CERTIFICATE-----Generated at Wed Jul 23 09:04:35 2025 by rpki-client