$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft File: fNlYoAf08OVuSo0kV2aIYiurciE.mft (raw, json) Hash identifier: sTvMZEsXS3AzCWEeOyYevz7XOyNnQCCvf8EmYTj/c8g= Subject key identifier: C6:A5:69:F2:44:DE:6A:13:74:E2:EF:0D:18:A2:A1:6D:C0:D1:29:80 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0141 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft Manifest number: 013D Signing time: Mon 21 Jul 2025 04:30:59 +0000 Manifest this update: Mon 21 Jul 2025 04:30:58 +0000 Manifest next update: Mon 28 Jul 2025 04:30:58 +0000 Files and hashes: 1: fNlYoAf08OVuSo0kV2aIYiurciE.crl (hash: k8oPye7ekIjsw7mnswQSAW2EmNwSpOlnVQooje8w8ME=) 2: E7021416B54B11EE86895416C4F9AE02.roa (hash: vzHahXAFIekcStIbFKvBTMDftL9nSsfmNUK1qbKIERQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:30:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 321 (0x141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: Jul 21 04:30:58 2025 GMT Not After : Jul 28 04:30:58 2025 GMT Subject: CN=687dc283-fea9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:85:c2:6c:19:db:f0:5a:3b:b9:9b:51:33:d2: 81:17:9d:af:81:3f:06:58:bc:71:ce:5e:2f:50:a8: 67:fb:36:6f:46:0c:93:d2:52:b2:0c:e4:ce:d9:31: 6c:9b:60:ea:42:b1:eb:0b:f2:ad:5b:93:86:f5:90: bb:97:25:f2:f4:bb:88:8e:8f:aa:95:65:5f:21:5a: 59:59:ac:4e:d9:33:9c:58:06:d5:a8:ad:32:45:40: 59:99:63:37:86:96:69:4a:bb:c6:e2:d9:92:0d:bc: c4:1b:2a:90:cc:3f:ce:20:a2:e4:b6:fc:19:c3:ce: 32:c8:f4:68:15:aa:ce:81:f6:04:a7:50:fc:2d:c2: db:7e:50:ff:4f:83:49:7c:30:3a:74:be:ca:3f:f5: fa:8b:78:80:1c:b6:4f:98:2e:87:54:a9:79:58:0d: 3b:1e:dc:63:76:3b:a8:a3:b3:0e:ba:af:cc:02:02: ab:97:e5:af:a4:e4:4f:e6:ab:8d:ef:75:f6:81:2a: 39:9a:fe:d3:1b:87:3b:72:c3:a1:16:e0:e9:db:46: 38:51:8d:68:bf:ff:07:4c:c2:ba:ca:25:ad:73:ab: 55:df:cb:e1:e5:8c:ba:dd:8f:02:7d:27:d0:7b:cc: 5c:1f:79:3d:16:f6:bf:51:51:7e:26:5b:2f:05:91: cb:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:A5:69:F2:44:DE:6A:13:74:E2:EF:0D:18:A2:A1:6D:C0:D1:29:80 X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:ed:94:0a:45:58:f3:16:b9:5f:bc:a8:af:b1:a2:0d:39:cb: 9e:64:28:59:dc:95:b9:3c:35:15:97:ea:34:36:4d:a3:30:fe: d9:b5:32:5c:91:f8:c4:be:f1:c2:8c:c4:34:04:e8:46:23:b0: 0b:a0:1f:69:67:ee:9c:17:f8:33:87:97:15:79:ed:e9:54:ff: 6a:a1:1f:79:46:71:f9:43:03:5a:99:39:5e:73:51:aa:ed:90: ef:c4:6e:9f:b1:2a:ed:e0:68:4f:cb:fd:8c:2b:24:08:d4:b1: 0b:16:03:8c:f5:b7:ab:ff:28:70:55:bb:b6:74:38:48:91:ca: 13:e3:fc:51:09:a7:8e:0b:82:57:b7:1d:c2:84:68:b5:b9:f3: 2f:88:8f:ac:fc:01:8e:97:97:ce:51:36:9f:ca:e8:03:da:44: ca:3b:43:85:9c:85:72:8f:a1:e9:fa:5f:db:15:f4:ac:71:d6: 27:2e:47:c7:97:da:05:c8:c3:fb:da:cc:d5:7c:e9:b5:5c:f4: 98:d1:2b:18:48:67:1b:94:4d:de:b1:00:0f:8f:f7:e0:e1:8f: f4:c5:86:f8:82:be:4d:17:cc:9a:28:27:5e:3f:5e:ab:6e:85: 4a:e6:9a:82:f6:6a:59:eb:df:97:3f:5a:b3:59:71:6e:f9:2e: 12:07:2f:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUwNzIxMDQzMDU4WhcNMjUwNzI4MDQzMDU4WjAYMRYwFAYD VQQDEw02ODdkYzI4My1mZWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAroXCbBnb8Fo7uZtRM9KBF52vgT8GWLxxzl4vUKhn+zZvRgyT0lKyDOTO2TFs m2DqQrHrC/KtW5OG9ZC7lyXy9LuIjo+qlWVfIVpZWaxO2TOcWAbVqK0yRUBZmWM3 hpZpSrvG4tmSDbzEGyqQzD/OIKLktvwZw84yyPRoFarOgfYEp1D8LcLbflD/T4NJ fDA6dL7KP/X6i3iAHLZPmC6HVKl5WA07Htxjdjuoo7MOuq/MAgKrl+WvpORP5quN 73X2gSo5mv7TG4c7csOhFuDp20Y4UY1ov/8HTMK6yiWtc6tV38vh5Yy63Y8CfSfQ e8xcH3k9Fva/UVF+JlsvBZHLdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMalafJE 3moTdOLvDRiioW3A0SmAMB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEFGMi81NzMyQzgzODg0NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhP VnVTbzBrVjJhSVlpdXJjaUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAh7ZQKRVjzFrlfvKivsaINOcueZChZ3JW5PDUVl+o0Nk2jMP7ZtTJc kfjEvvHCjMQ0BOhGI7ALoB9pZ+6cF/gzh5cVee3pVP9qoR95RnH5QwNamTlec1Gq 7ZDvxG6fsSrt4GhPy/2MKyQI1LELFgOM9ber/yhwVbu2dDhIkcoT4/xRCaeOC4JX tx3ChGi1ufMviI+s/AGOl5fOUTafyugD2kTKO0OFnIVyj6Hp+l/bFfSscdYnLkfH l9oFyMP72szVfOm1XPSY0SsYSGcblE3esQAPj/fg4Y/0xYb4gr5NF8yaKCdeP16r boVK5pqC9mpZ69+XP1qzWXFu+S4SBy+d -----END CERTIFICATE-----Generated at Mon Jul 21 07:05:32 2025 by rpki-client