$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft File: -gfo6rqEcKil_kuhPnXZ5f6jOyc.mft (raw, json) Hash identifier: DxVejoIWtAEO3jwq/nLY2GEXrdLo/L4k2TPidOXX6K0= Subject key identifier: 95:2E:B6:39:D6:28:40:85:92:E4:1E:CE:2F:B4:E9:37:46:2A:1F:DF Authority key identifier: FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 Certificate issuer: /CN=A91F9FA2/serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Certificate serial: 09D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft Manifest number: 09CE Signing time: Sun 20 Jul 2025 20:04:42 +0000 Manifest this update: Sun 20 Jul 2025 20:04:42 +0000 Manifest next update: Sun 27 Jul 2025 20:04:42 +0000 Files and hashes: 1: -gfo6rqEcKil_kuhPnXZ5f6jOyc.crl (hash: He/pUZ6kaURkQuZ9gtEBDA7k9xtxzQplNdfw0CtfFl0=) 2: 0893031C846611EA9B99E043C4F9AE02.roa (hash: 3hay+KNg/2l74ymUeo3rJ7DbBbo6k73NfQvBnuqkfBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 20:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2518 (0x9d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9FA2, serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Validity Not Before: Jul 20 20:04:42 2025 GMT Not After : Jul 27 20:04:42 2025 GMT Subject: CN=687d4bda-e1c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:3c:f8:75:ed:20:74:a9:12:62:f7:72:20:92: 46:61:cb:b9:fe:bb:92:32:af:7f:5b:61:41:0a:35: c1:87:5b:e0:23:5f:be:77:0b:7d:8f:6e:ab:84:8a: 27:d5:17:24:3a:1f:a0:00:fd:8b:00:6a:a9:48:35: 14:37:f6:c1:ad:df:e7:50:6f:a8:af:e7:90:11:91: 6d:64:8c:de:01:20:bb:f6:9b:0a:ed:3e:9d:59:19: 23:08:4e:e2:c9:f6:c1:57:a3:08:33:0c:cb:d0:8b: fa:1d:be:60:f0:16:b4:44:16:2e:28:06:8f:fa:f3: 99:a2:39:fd:09:fc:47:50:b0:92:0d:5f:c9:aa:55: 15:25:da:3b:61:c9:95:96:3f:4f:de:76:69:9a:ac: 88:63:fe:7d:8c:9e:75:0b:c8:56:5d:da:e0:71:19: 7c:9e:86:0e:10:07:a2:e5:b6:67:87:6d:75:41:ba: 96:f1:1d:9a:07:f9:67:d6:64:49:00:bb:b7:94:ee: 4a:c8:8a:a5:37:9d:c8:12:9c:74:15:2a:d5:20:81: 08:89:59:32:bf:9b:f2:25:9e:cf:d5:48:2a:4d:c9: 2f:68:71:b8:67:a7:6a:0e:98:ae:31:d9:a2:29:18: 95:16:76:60:9b:ff:9c:68:e1:1f:ca:48:4e:bb:c5: 4b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:2E:B6:39:D6:28:40:85:92:E4:1E:CE:2F:B4:E9:37:46:2A:1F:DF X509v3 Authority Key Identifier: keyid:FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:02:5d:78:df:8f:d3:a4:e1:00:9b:38:8b:97:97:68:62:22: 59:b5:e7:33:cf:e2:46:0a:1a:8c:6e:d8:9d:79:e4:e6:f7:35: 72:3f:e8:82:c1:9b:4d:5a:eb:ec:5e:ae:96:6e:e7:4d:77:d0: e0:ca:d4:04:bc:20:ff:b5:d8:ea:54:27:70:7b:83:3c:99:40: da:b3:77:7d:d0:60:a7:b7:d0:a1:dd:86:69:85:ac:3d:2b:4f: 43:61:0b:c6:92:e9:56:f3:9f:19:78:f6:c6:be:30:fe:55:69: bf:21:59:cb:3a:33:59:4e:af:57:96:7e:78:ba:1d:86:c7:6f: 92:9a:1b:79:82:0a:eb:3e:56:8d:53:6b:2e:5a:28:4a:76:fe: d0:d9:21:20:7e:e3:8f:41:a7:bc:0e:4e:ad:18:52:a6:32:f9: ea:53:34:e1:13:d3:a1:15:4a:49:da:48:ff:04:bd:57:3d:d8: 45:d2:b4:74:ec:ac:48:27:53:1f:cd:31:e5:c1:f4:5e:88:f7: 4f:64:b4:c8:98:27:5f:16:30:b0:cb:a2:9a:d7:9f:e2:ea:bd: 38:d3:d9:fb:bc:e9:5b:d1:c9:ba:d9:3c:e3:6c:07:17:4e:65: 83:d7:16:d0:17:4a:b6:77:9f:66:5d:5d:28:6d:33:ec:57:6b: 9c:94:50:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlGQTIxMTAvBgNVBAUTKEZBMDdFOEVBQkE4NDcwQThBNUZFNEJBMTNFNzVEOUU1 RkVBMzNCMjcwHhcNMjUwNzIwMjAwNDQyWhcNMjUwNzI3MjAwNDQyWjAYMRYwFAYD VQQDEw02ODdkNGJkYS1lMWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Tz4de0gdKkSYvdyIJJGYcu5/ruSMq9/W2FBCjXBh1vgI1++dwt9j26rhIon 1RckOh+gAP2LAGqpSDUUN/bBrd/nUG+or+eQEZFtZIzeASC79psK7T6dWRkjCE7i yfbBV6MIMwzL0Iv6Hb5g8Ba0RBYuKAaP+vOZojn9CfxHULCSDV/JqlUVJdo7YcmV lj9P3nZpmqyIY/59jJ51C8hWXdrgcRl8noYOEAei5bZnh211QbqW8R2aB/ln1mRJ ALu3lO5KyIqlN53IEpx0FSrVIIEIiVkyv5vyJZ7P1UgqTckvaHG4Z6dqDpiuMdmi KRiVFnZgm/+caOEfykhOu8VLnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJUutjnW KECFkuQezi+06TdGKh/fMB8GA1UdIwQYMBaAFPoH6Oq6hHCopf5LoT512eX+ozsn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUZBMi8xQzg4QjAzQTg0 NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNLaWxfa3VoUG5YWjVmNmpP eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1nZm82cnFFY0tpbF9rdWhQblhaNWY2ak95Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUZBMi8xQzg4QjAzQTg0NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNL aWxfa3VoUG5YWjVmNmpPeWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjAl1434/TpOEAmziLl5doYiJZteczz+JGChqMbtideeTm9zVyP+iC wZtNWuvsXq6WbudNd9DgytQEvCD/tdjqVCdwe4M8mUDas3d90GCnt9Ch3YZphaw9 K09DYQvGkulW858ZePbGvjD+VWm/IVnLOjNZTq9Xln54uh2Gx2+Smht5ggrrPlaN U2suWihKdv7Q2SEgfuOPQae8Dk6tGFKmMvnqUzThE9OhFUpJ2kj/BL1XPdhF0rR0 7KxIJ1MfzTHlwfReiPdPZLTImCdfFjCwy6Ka15/i6r0409n7vOlb0cm62TzjbAcX TmWD1xbQF0q2d59mXV0obTPsV2uclFBI -----END CERTIFICATE-----Generated at Mon Jul 21 07:21:37 2025 by rpki-client