$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.mft File: 9PFcZ17ZpcLRmVsn-1P_YP8CSeA.mft (raw, json) Hash identifier: sKcP0vkrXAA6JU+bE8j+4E+tMAe04tiNwVpLncRUSQU= Subject key identifier: 44:17:48:3B:70:61:5C:DB:EC:A9:1B:9E:7C:EA:70:46:75:15:A1:F2 Authority key identifier: F4:F1:5C:67:5E:D9:A5:C2:D1:99:5B:27:FB:53:FF:60:FF:02:49:E0 Certificate issuer: /CN=A91ED571/serialNumber=F4F15C675ED9A5C2D1995B27FB53FF60FF0249E0 Certificate serial: 0D79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.mft Manifest number: 0D72 Signing time: Tue 22 Jul 2025 18:07:31 +0000 Manifest this update: Tue 22 Jul 2025 18:07:31 +0000 Manifest next update: Tue 29 Jul 2025 18:07:31 +0000 Files and hashes: 1: 9PFcZ17ZpcLRmVsn-1P_YP8CSeA.crl (hash: a5SPlSxp1GJjwRXedFFTdZN4lKSynbfmI3WBmOJLytI=) 2: C9819022CE7011E98E86DD52C4F9AE02.roa (hash: EM624Ee5dZvup/p2NN7lZAjAZv2Q+/2EJL827rz91tU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.crl rsync://rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 18:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3449 (0xd79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED571, serialNumber=F4F15C675ED9A5C2D1995B27FB53FF60FF0249E0 Validity Not Before: Jul 22 18:07:31 2025 GMT Not After : Jul 29 18:07:31 2025 GMT Subject: CN=687fd363-06fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:51:6e:38:6c:87:7a:a8:95:a5:aa:49:1e:a2: 5a:8a:4b:e9:ae:f9:0d:77:d0:26:96:4a:10:91:03: e6:9e:48:1e:a4:6d:c8:c8:b7:de:7a:6b:0e:9e:dc: b9:85:d2:28:68:7c:6f:07:57:56:96:42:df:58:62: d7:97:76:f9:01:65:80:f6:e4:f6:15:11:70:b1:92: c3:14:63:1b:af:f2:47:4c:cd:55:9e:a9:c0:b3:59: f5:05:99:e4:f6:62:c1:2b:67:b2:1a:ae:54:21:67: a6:55:fe:67:90:15:07:21:da:97:08:72:10:95:37: cc:2e:91:df:cb:bd:17:b8:ba:d8:01:e9:3b:c0:1a: 21:5d:ce:34:04:9c:3b:4f:53:7b:82:23:0e:49:07: 6c:e4:de:fc:e8:5a:5f:96:36:cf:56:91:26:2c:59: 33:f2:a1:e8:49:30:4c:1f:d2:25:2e:6c:aa:ae:a6: c0:54:6c:c1:4b:c5:87:e0:3f:7c:43:85:1e:27:ee: 6d:59:b2:16:f7:57:91:d3:bc:cd:87:72:a6:8c:3f: 38:2e:c4:c5:42:ee:3f:fa:b2:81:43:d9:ed:b5:d1: fc:d2:ed:ab:c5:f5:4b:5c:4b:04:dd:0d:e5:14:cb: 90:15:ba:f4:58:6c:ce:78:43:00:77:97:d0:08:42: ee:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:17:48:3B:70:61:5C:DB:EC:A9:1B:9E:7C:EA:70:46:75:15:A1:F2 X509v3 Authority Key Identifier: keyid:F4:F1:5C:67:5E:D9:A5:C2:D1:99:5B:27:FB:53:FF:60:FF:02:49:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED571/ECD2DF96CE6F11E9A0D86D51C4F9AE02/9PFcZ17ZpcLRmVsn-1P_YP8CSeA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:bf:a4:93:68:22:5a:cd:7b:88:69:76:3e:a4:70:ce:5f:d0: 06:c0:9c:84:5d:3a:2e:3b:ef:07:99:9d:50:4d:d3:19:73:0c: 7c:40:0a:f8:2e:f0:63:d2:95:8b:36:14:e0:b0:27:ee:2a:bb: 88:4b:e7:4d:75:5d:87:a0:54:32:a1:6b:81:0f:53:d7:e4:64: 73:ae:5d:e5:4c:c0:85:1e:dd:2f:06:ea:99:b6:9f:51:dd:ba: 7d:ce:af:5a:92:75:9d:a9:71:bf:0c:a2:c5:fb:66:da:a4:31: 12:58:a6:46:ec:8c:99:3a:62:b4:88:52:c3:f2:02:72:9d:55: f2:ff:65:c0:73:1f:86:72:11:2a:17:bd:1d:e2:4d:14:b3:3f: 7a:41:5d:4b:49:d0:ae:ff:04:39:26:bb:89:7b:89:1c:9a:55: 60:af:02:65:0d:db:30:9c:54:8c:62:df:bc:a3:16:01:84:01: 94:f3:2f:b2:2a:ce:f7:91:bb:7a:85:b2:1a:05:f5:ae:dd:7a: fd:8b:bc:2a:2a:94:f6:73:f5:cf:0c:a9:84:31:41:84:91:2c: b8:ca:d5:b1:45:0c:ea:f4:33:08:5c:2c:42:ca:67:fe:7e:db: 4c:90:4a:f9:8a:10:dd:ad:e2:c8:a3:cd:6c:d2:60:a5:7e:ae: e3:2c:65:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1NzExMTAvBgNVBAUTKEY0RjE1QzY3NUVEOUE1QzJEMTk5NUIyN0ZCNTNGRjYw RkYwMjQ5RTAwHhcNMjUwNzIyMTgwNzMxWhcNMjUwNzI5MTgwNzMxWjAYMRYwFAYD VQQDEw02ODdmZDM2My0wNmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzFFuOGyHeqiVpapJHqJaikvprvkNd9AmlkoQkQPmnkgepG3IyLfeemsOnty5 hdIoaHxvB1dWlkLfWGLXl3b5AWWA9uT2FRFwsZLDFGMbr/JHTM1VnqnAs1n1BZnk 9mLBK2eyGq5UIWemVf5nkBUHIdqXCHIQlTfMLpHfy70XuLrYAek7wBohXc40BJw7 T1N7giMOSQds5N786FpfljbPVpEmLFkz8qHoSTBMH9IlLmyqrqbAVGzBS8WH4D98 Q4UeJ+5tWbIW91eR07zNh3KmjD84LsTFQu4/+rKBQ9nttdH80u2rxfVLXEsE3Q3l FMuQFbr0WGzOeEMAd5fQCELuiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEQXSDtw YVzb7KkbnnzqcEZ1FaHyMB8GA1UdIwQYMBaAFPTxXGde2aXC0ZlbJ/tT/2D/Akng MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU3MS9FQ0QyREY5NkNF NkYxMUU5QTBEODZENTFDNEY5QUUwMi85UEZjWjE3WnBjTFJtVnNuLTFQX1lQOENT ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlQRmNaMTdacGNMUm1Wc24tMVBfWVA4Q1NlQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU3MS9FQ0QyREY5NkNFNkYxMUU5QTBEODZENTFDNEY5QUUwMi85UEZjWjE3WnBj TFJtVnNuLTFQX1lQOENTZUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjv6STaCJazXuIaXY+pHDOX9AGwJyEXTouO+8HmZ1QTdMZcwx8QAr4 LvBj0pWLNhTgsCfuKruIS+dNdV2HoFQyoWuBD1PX5GRzrl3lTMCFHt0vBuqZtp9R 3bp9zq9aknWdqXG/DKLF+2bapDESWKZG7IyZOmK0iFLD8gJynVXy/2XAcx+GchEq F70d4k0Usz96QV1LSdCu/wQ5JruJe4kcmlVgrwJlDdswnFSMYt+8oxYBhAGU8y+y Ks73kbt6hbIaBfWu3Xr9i7wqKpT2c/XPDKmEMUGEkSy4ytWxRQzq9DMIXCxCymf+ fttMkEr5ihDdreLIo81s0mClfq7jLGW8 -----END CERTIFICATE-----Generated at Wed Jul 23 23:27:55 2025 by rpki-client