$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.mft File: 2S2tTXbh9aAmwn8tuRxE-62OSHw.mft (raw, json) Hash identifier: 9oWOfuiVqdJ9tPJPOkvRFfDhsc2WXkHqohwWztU/nMk= Subject key identifier: AE:7F:2E:C8:24:7E:62:17:FA:CF:AB:9A:03:F8:A5:AA:D3:9C:57:86 Authority key identifier: D9:2D:AD:4D:76:E1:F5:A0:26:C2:7F:2D:B9:1C:44:FB:AD:8E:48:7C Certificate issuer: /CN=A91F5143/serialNumber=D92DAD4D76E1F5A026C27F2DB91C44FBAD8E487C Certificate serial: 0E3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2S2tTXbh9aAmwn8tuRxE-62OSHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.mft Manifest number: 0E35 Signing time: Sun 20 Jul 2025 17:49:06 +0000 Manifest this update: Sun 20 Jul 2025 17:49:05 +0000 Manifest next update: Sun 27 Jul 2025 17:49:05 +0000 Files and hashes: 1: 2S2tTXbh9aAmwn8tuRxE-62OSHw.crl (hash: GaJGkqFj270Uh/ZHTrFQP5abzjZ6keYQ9sYQ3D7Bx7U=) 2: FBBFC6D8A86B11E9A1385758C4F9AE02.roa (hash: 3xSZw8Zvxp55d8XEuNe65AngqRjiPtOfsG/OL3mouOw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.crl rsync://rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2S2tTXbh9aAmwn8tuRxE-62OSHw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:49:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3645 (0xe3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5143, serialNumber=D92DAD4D76E1F5A026C27F2DB91C44FBAD8E487C Validity Not Before: Jul 20 17:49:05 2025 GMT Not After : Jul 27 17:49:05 2025 GMT Subject: CN=687d2c11-9100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ce:a6:34:a1:d6:76:f2:b6:ab:8b:a3:c8:c4: 59:3a:2b:44:62:f9:2a:6a:93:ee:10:17:09:48:28: c8:d6:6f:aa:f6:48:c5:01:73:37:e4:b5:98:3b:5f: 0c:7a:c7:91:cd:6a:5d:48:94:5a:ae:b1:df:91:70: 60:fa:a1:76:03:e5:70:3f:53:48:05:82:c0:a1:b4: c8:41:87:6a:b0:ed:1a:32:6a:15:50:e4:93:4e:08: 0e:3a:2f:c0:8a:94:76:d7:74:6b:47:b9:c1:19:d3: 16:80:f1:3e:eb:85:0d:20:d8:0b:b0:59:3a:ef:45: 7b:ee:e3:c0:7d:3a:e6:fc:0d:13:e6:69:64:03:91: b5:78:23:f4:1c:f1:df:54:43:b2:48:54:e7:1e:be: d4:d6:d9:17:86:9a:d5:17:eb:59:06:4e:a8:e4:ef: ec:55:4f:3a:c4:33:0c:c0:97:4d:e3:07:5f:2c:9e: b1:07:e5:8f:8a:d9:87:60:3d:65:a0:a5:34:41:2b: f1:06:e0:2c:d3:5d:9f:c0:e3:d9:ae:e1:84:f4:3e: d3:e8:8b:98:87:3a:90:5f:8b:58:73:93:24:fa:fd: c5:89:d1:58:9d:c0:8c:c7:42:df:73:93:23:ac:0d: a1:6e:43:8f:dd:09:f1:57:57:f2:c8:e2:0b:35:4d: dd:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:7F:2E:C8:24:7E:62:17:FA:CF:AB:9A:03:F8:A5:AA:D3:9C:57:86 X509v3 Authority Key Identifier: keyid:D9:2D:AD:4D:76:E1:F5:A0:26:C2:7F:2D:B9:1C:44:FB:AD:8E:48:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2S2tTXbh9aAmwn8tuRxE-62OSHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5143/0DE9F776A86B11E9A701C856C4F9AE02/2S2tTXbh9aAmwn8tuRxE-62OSHw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:71:b4:d8:1e:06:95:27:4d:ba:6f:99:96:87:70:a2:9c:c8: 37:5b:29:b6:fe:42:ab:5c:5d:f6:ab:34:86:9a:fa:f1:f1:22: f4:3f:35:f1:1e:5a:77:db:ca:3f:be:8d:b3:9a:8c:c7:59:50: 84:91:bb:76:f9:08:63:34:1d:9b:43:f5:44:68:56:36:d5:94: 57:47:0b:e2:b0:c7:a3:ee:02:59:1b:80:a7:26:9e:9f:3b:90: 6c:95:b1:47:02:c1:c0:69:77:86:6c:9c:b8:a4:4e:1e:55:69: 74:56:e6:cd:28:19:0b:e3:2e:55:2e:da:6c:a0:95:89:f0:e8: 2e:3a:d3:13:d4:76:f4:7c:ad:19:39:53:0a:7d:78:be:eb:aa: ca:e8:f2:b4:5a:6d:0a:61:eb:c3:95:33:d8:34:11:06:a6:4d: 24:60:96:77:25:f5:d9:dd:cb:ae:7e:7f:e3:9d:39:57:75:07: fc:e3:08:84:02:93:27:b6:c9:98:2e:c2:ca:70:ff:af:a8:09: fa:66:c2:b9:d8:34:9a:72:3c:52:56:55:22:32:aa:7f:e2:24: 38:c4:39:87:fa:16:16:f5:cc:1c:99:9d:86:a9:73:ff:65:e4: d9:e3:b8:7f:42:68:95:d7:57:93:62:28:74:03:4e:4b:11:c4: 7b:8c:0d:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjUxNDMxMTAvBgNVBAUTKEQ5MkRBRDRENzZFMUY1QTAyNkMyN0YyREI5MUM0NEZC QUQ4RTQ4N0MwHhcNMjUwNzIwMTc0OTA1WhcNMjUwNzI3MTc0OTA1WjAYMRYwFAYD VQQDEw02ODdkMmMxMS05MTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzs6mNKHWdvK2q4ujyMRZOitEYvkqapPuEBcJSCjI1m+q9kjFAXM35LWYO18M eseRzWpdSJRarrHfkXBg+qF2A+VwP1NIBYLAobTIQYdqsO0aMmoVUOSTTggOOi/A ipR213RrR7nBGdMWgPE+64UNINgLsFk670V77uPAfTrm/A0T5mlkA5G1eCP0HPHf VEOySFTnHr7U1tkXhprVF+tZBk6o5O/sVU86xDMMwJdN4wdfLJ6xB+WPitmHYD1l oKU0QSvxBuAs012fwOPZruGE9D7T6IuYhzqQX4tYc5Mk+v3FidFYncCMx0Lfc5Mj rA2hbkOP3QnxV1fyyOILNU3ddQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK5/Lsgk fmIX+s+rmgP4parTnFeGMB8GA1UdIwQYMBaAFNktrU124fWgJsJ/LbkcRPutjkh8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTE0My8wREU5Rjc3NkE4 NkIxMUU5QTcwMUM4NTZDNEY5QUUwMi8yUzJ0VFhiaDlhQW13bjh0dVJ4RS02Mk9T SHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJTMnRUWGJoOWFBbXduOHR1UnhFLTYyT1NIdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTE0My8wREU5Rjc3NkE4NkIxMUU5QTcwMUM4NTZDNEY5QUUwMi8yUzJ0VFhiaDlh QW13bjh0dVJ4RS02Mk9TSHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjcbTYHgaVJ026b5mWh3CinMg3Wym2/kKrXF32qzSGmvrx8SL0PzXx Hlp328o/vo2zmozHWVCEkbt2+QhjNB2bQ/VEaFY21ZRXRwvisMej7gJZG4CnJp6f O5BslbFHAsHAaXeGbJy4pE4eVWl0VubNKBkL4y5VLtpsoJWJ8OguOtMT1Hb0fK0Z OVMKfXi+66rK6PK0Wm0KYevDlTPYNBEGpk0kYJZ3JfXZ3cuufn/jnTlXdQf84wiE ApMntsmYLsLKcP+vqAn6ZsK52DSacjxSVlUiMqp/4iQ4xDmH+hYW9cwcmZ2GqXP/ ZeTZ47h/QmiV11eTYih0A05LEcR7jA0O -----END CERTIFICATE-----Generated at Mon Jul 21 07:15:01 2025 by rpki-client