$ rpki-client -vvf rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft File: pkvkSssA5L2uRJGw-gzXCZ0scnw.mft (raw, json) Hash identifier: 2k8ES0rtpb22IMfH5Shh9l9ZVwEY86+qIaTDzV7leaI= Subject key identifier: 5F:2C:BC:57:82:81:3A:F8:EA:E4:04:BC:1C:AA:7B:F1:F7:C2:86:74 Authority key identifier: A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C Certificate issuer: /CN=A91288D9/serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C Certificate serial: 7C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft Manifest number: 7A Signing time: Sun 20 Jul 2025 19:20:49 +0000 Manifest this update: Sun 20 Jul 2025 19:20:48 +0000 Manifest next update: Sun 27 Jul 2025 19:20:48 +0000 Files and hashes: 1: pkvkSssA5L2uRJGw-gzXCZ0scnw.crl (hash: 0MJT8xTKZlXxsb4rz095DicEzYlnqycrE6DMBGrux/k=) 2: 8D431594FFDF11EF8DF72930C4F9AE02.roa (hash: pDBpwWzy3RFOzY6mOa1pibkze94QAdG3zJbynRenhAw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:20:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 124 (0x7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91288D9, serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C Validity Not Before: Jul 20 19:20:48 2025 GMT Not After : Jul 27 19:20:48 2025 GMT Subject: CN=687d4191-f4fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:93:f1:db:a1:83:e0:eb:76:c4:4c:fc:1a:97: e4:da:fc:e9:33:28:ad:ff:98:1a:45:94:48:33:e4: d0:05:e8:70:d7:6e:9b:6e:de:ed:19:57:fe:77:1a: 07:83:47:0a:40:e1:cf:e9:78:87:67:18:37:56:50: b8:3c:5a:80:05:b2:40:e4:66:59:f6:d0:e4:ed:7e: 25:26:f3:f4:0d:f8:a2:f3:d5:66:d2:c8:12:03:9f: 9b:c8:a1:dc:2b:3e:56:0b:f4:dd:07:5f:b2:63:9f: 27:2a:58:92:44:ba:a3:86:64:31:f4:6c:a4:79:f9: 78:1a:3c:4d:ec:d5:d7:04:1c:6a:f0:b5:59:a2:9d: 7e:8f:f7:70:cd:95:81:4e:e8:65:fc:f5:f5:06:75: dc:51:3b:c3:68:2f:a6:0a:78:ad:c7:98:b2:f2:fd: 8e:1e:94:d4:56:3a:d5:03:9c:ff:bb:3b:79:b1:25: 8c:5e:30:69:b3:73:58:f5:49:2f:ca:98:b0:b9:ab: 23:0a:e3:e5:7b:e2:d5:68:0c:34:14:94:2f:a9:21: b6:9d:5f:6f:e8:65:b4:be:ac:42:56:68:30:2e:d8: 12:f3:cf:95:c5:a1:a4:8b:c4:72:09:cd:b9:c5:ee: 4e:66:c6:81:91:c5:3a:14:2c:60:9d:8a:7b:77:49: 22:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:2C:BC:57:82:81:3A:F8:EA:E4:04:BC:1C:AA:7B:F1:F7:C2:86:74 X509v3 Authority Key Identifier: keyid:A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:3b:7d:9a:43:43:9a:77:2f:ba:e7:ce:c4:a2:c4:10:a1:26: a8:59:64:1e:20:cb:b1:ff:dd:09:e0:04:cc:90:68:de:09:ba: 31:16:21:80:8f:0b:b0:da:ac:ef:7a:89:86:04:d3:5a:5c:0c: 14:98:9f:af:ed:1d:ad:4c:76:21:2b:74:ca:32:e0:1b:7a:e9: a8:bc:e5:d8:5f:64:97:a3:12:ab:92:0c:ae:c5:e6:b4:40:83: 4a:1c:85:80:2b:88:d5:78:a3:e9:11:f6:5e:c7:86:c6:1f:af: 20:8e:e6:45:62:71:f3:ea:73:c8:11:93:6a:3f:9e:c7:73:05: aa:31:3a:e4:b5:12:b4:2b:7a:26:57:c2:ac:45:3c:72:6c:cf: bb:2a:3b:c5:2e:c1:8a:5d:ea:7f:f4:78:6d:cf:42:50:b9:54: 07:02:81:2f:9c:92:68:3f:3c:80:40:64:6a:36:95:12:d1:a2: fd:54:19:0e:63:08:41:56:44:61:41:d0:78:b1:1a:8e:56:b4: cd:4c:f3:18:3c:37:4e:82:6e:71:fe:ce:32:e6:45:b7:c5:a3: 9b:9b:2a:cf:1d:60:44:ea:78:07:8b:12:4e:dd:67:00:e8:7f: 5e:1b:a6:36:0a:34:91:2d:6e:4b:b4:e9:38:96:62:0d:e8:25: d3:5c:fb:41 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy ODhEOTExMC8GA1UEBRMoQTY0QkU0NEFDQjAwRTRCREFFNDQ5MUIwRkEwQ0Q3MDk5 RDJDNzI3QzAeFw0yNTA3MjAxOTIwNDhaFw0yNTA3MjcxOTIwNDhaMBgxFjAUBgNV BAMTDTY4N2Q0MTkxLWY0ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCbk/HboYPg63bETPwal+Ta/OkzKK3/mBpFlEgz5NAF6HDXbptu3u0ZV/53GgeD RwpA4c/peIdnGDdWULg8WoAFskDkZln20OTtfiUm8/QN+KLz1WbSyBIDn5vIodwr PlYL9N0HX7JjnycqWJJEuqOGZDH0bKR5+XgaPE3s1dcEHGrwtVminX6P93DNlYFO 6GX89fUGddxRO8NoL6YKeK3HmLLy/Y4elNRWOtUDnP+7O3mxJYxeMGmzc1j1SS/K mLC5qyMK4+V74tVoDDQUlC+pIbadX2/oZbS+rEJWaDAu2BLzz5XFoaSLxHIJzbnF 7k5mxoGRxToULGCdint3SSL3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXyy8V4KB Ovjq5AS8HKp78ffChnQwHwYDVR0jBBgwFoAUpkvkSssA5L2uRJGw+gzXCZ0scnww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4OEQ5L0Y4M0UzRkNFQURC QzExRUZCMzAyOTgzRUM0RjlBRTAyL3BrdmtTc3NBNUwydVJKR3ctZ3pYQ1owc2Nu dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcGt2a1Nzc0E1TDJ1UkpHdy1nelhDWjBzY253LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4 OEQ5L0Y4M0UzRkNFQURCQzExRUZCMzAyOTgzRUM0RjlBRTAyL3BrdmtTc3NBNUwy dVJKR3ctZ3pYQ1owc2Nudy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJs7fZpDQ5p3L7rnzsSixBChJqhZZB4gy7H/3QngBMyQaN4JujEWIYCP C7DarO96iYYE01pcDBSYn6/tHa1MdiErdMoy4Bt66ai85dhfZJejEquSDK7F5rRA g0ochYAriNV4o+kR9l7HhsYfryCO5kVicfPqc8gRk2o/nsdzBaoxOuS1ErQreiZX wqxFPHJsz7sqO8UuwYpd6n/0eG3PQlC5VAcCgS+ckmg/PIBAZGo2lRLRov1UGQ5j CEFWRGFB0HixGo5WtM1M8xg8N06CbnH+zjLmRbfFo5ubKs8dYETqeAeLEk7dZwDo f14bpjYKNJEtbku06TiWYg3oJdNc+0E= -----END CERTIFICATE-----Generated at Mon Jul 21 00:27:21 2025 by rpki-client