$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft File: rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json) Hash identifier: NLFq6+2BfqApIJojmkcaDt+6KSNIM0wPjJ5wDVyPm+o= Subject key identifier: 05:26:DB:85:AC:40:0E:5D:A9:DA:FF:74:14:99:0A:87:D3:B0:21:E2 Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 Certificate issuer: /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Certificate serial: 0212 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft Manifest number: 020D Signing time: Sat 19 Jul 2025 00:47:39 +0000 Manifest this update: Sat 19 Jul 2025 00:47:39 +0000 Manifest next update: Sat 26 Jul 2025 00:47:39 +0000 Files and hashes: 1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: fpsz34WBrCqfKsY/VFo/p+B6xoFZgADS5ViJhTpxV5I=) 2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:47:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 530 (0x212) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Validity Not Before: Jul 19 00:47:39 2025 GMT Not After : Jul 26 00:47:39 2025 GMT Subject: CN=687aeb2b-a0cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:1d:36:92:06:2e:a0:fb:d4:df:fd:48:13:3a: 02:da:b2:84:28:3b:32:0c:97:66:bc:da:51:00:16: 0d:d7:d8:22:55:60:33:cb:8a:09:e7:83:e0:1c:99: 80:9c:f2:b6:99:61:5f:62:52:18:69:c2:09:a5:9b: e2:85:08:3e:99:68:cb:fb:29:6c:56:25:45:2f:ca: ec:26:88:f9:29:c3:a5:54:44:3d:e9:42:ce:dd:ef: 43:99:03:30:53:8e:7e:8f:4e:f3:ad:06:77:5f:c2: ef:ef:c9:3a:be:1b:5e:76:27:20:4b:b2:cb:5f:ca: d6:13:d1:87:96:f9:6d:8f:a6:12:7c:31:69:c5:06: 03:b9:94:6e:49:d2:40:d3:ab:f3:d5:5d:49:c1:31: 69:f8:fd:c1:e3:6c:cc:08:20:69:36:d6:fb:bf:18: 79:03:15:25:82:ee:12:90:b9:b6:f9:e2:39:6e:e4: f0:13:71:8f:f3:e2:89:49:a6:ac:f2:37:f0:00:ab: 07:25:75:56:e0:30:e7:b8:dc:35:0e:39:2c:3d:71: 76:87:91:4c:b9:89:03:5d:42:37:40:b6:bf:b7:5d: 93:ec:72:17:16:f4:05:4b:c7:1b:12:6d:a6:76:3e: d0:b4:a0:76:63:f2:ca:79:88:d1:ee:8f:9e:49:9a: 17:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:26:DB:85:AC:40:0E:5D:A9:DA:FF:74:14:99:0A:87:D3:B0:21:E2 X509v3 Authority Key Identifier: keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:18:b4:8e:f3:ab:e9:92:87:49:bf:b3:f8:45:50:bd:fc:e5: 6f:27:ce:d8:86:25:9d:0a:2a:b3:cf:2a:c4:06:2c:35:3d:1d: 3a:68:57:7d:c3:b2:fc:fc:10:d5:dc:1a:78:74:c3:ae:89:fd: ae:5d:3b:c0:94:3f:c6:a6:3b:e9:07:f1:15:d1:a3:28:c2:31: 9e:ac:47:f7:38:bf:93:07:5d:69:7a:0e:82:7e:62:4a:9a:5f: dc:f0:fc:7b:c2:eb:a7:51:fc:f1:1d:8a:26:34:a8:d2:aa:f3: 5a:1b:c2:af:7f:de:16:63:b0:74:41:be:a7:0a:9d:c0:44:1d: 66:94:a8:41:9b:dc:ae:2a:c7:1d:3c:3d:97:de:8f:e1:5f:6a: db:66:e0:f6:88:cb:5c:e0:cb:b3:fe:e0:80:3a:b3:09:7c:0d: 9c:10:a9:22:55:e7:87:c3:f6:71:dd:66:f0:cb:8b:20:ad:7a: 0e:96:c4:66:09:de:81:85:31:db:4e:26:3e:0b:d9:bc:80:52: c8:7d:2e:b8:97:bd:5c:58:92:ef:3c:b3:d6:34:1f:d4:e5:4e: 78:48:79:f4:de:df:54:63:4e:ba:7f:42:a6:33:0a:ce:34:3e: c2:79:95:d1:ea:b8:02:22:19:9a:e3:db:71:f7:24:6f:70:ad: 3b:d9:dd:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4 N0U2NzM2ODgwHhcNMjUwNzE5MDA0NzM5WhcNMjUwNzI2MDA0NzM5WjAYMRYwFAYD VQQDEw02ODdhZWIyYi1hMGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuR02kgYuoPvU3/1IEzoC2rKEKDsyDJdmvNpRABYN19giVWAzy4oJ54PgHJmA nPK2mWFfYlIYacIJpZvihQg+mWjL+ylsViVFL8rsJoj5KcOlVEQ96ULO3e9DmQMw U45+j07zrQZ3X8Lv78k6vhtedicgS7LLX8rWE9GHlvltj6YSfDFpxQYDuZRuSdJA 06vz1V1JwTFp+P3B42zMCCBpNtb7vxh5AxUlgu4SkLm2+eI5buTwE3GP8+KJSaas 8jfwAKsHJXVW4DDnuNw1DjksPXF2h5FMuYkDXUI3QLa/t12T7HIXFvQFS8cbEm2m dj7QtKB2Y/LKeYjR7o+eSZoXmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAUm24Ws QA5dqdr/dBSZCofTsCHiMB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2GLSO86vpkodJv7P4RVC9/OVvJ87YhiWdCiqzzyrEBiw1PR06aFd9 w7L8/BDV3Bp4dMOuif2uXTvAlD/GpjvpB/EV0aMowjGerEf3OL+TB11peg6CfmJK ml/c8Px7wuunUfzxHYomNKjSqvNaG8Kvf94WY7B0Qb6nCp3ARB1mlKhBm9yuKscd PD2X3o/hX2rbZuD2iMtc4Muz/uCAOrMJfA2cEKkiVeeHw/Zx3Wbwy4sgrXoOlsRm Cd6BhTHbTiY+C9m8gFLIfS64l71cWJLvPLPWNB/U5U54SHn03t9UY066f0KmMwrO ND7CeZXR6rgCIhma49tx9yRvcK072d3O -----END CERTIFICATE-----Generated at Sun Jul 20 15:07:11 2025 by rpki-client