$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: WjTLwUTyG4jO9DxXFsE4f5Ku17ejDoMi61jGyEmR/Q4= Subject key identifier: C3:03:5A:10:74:33:10:51:87:E7:9A:EE:77:23:32:28:E8:76:04:92 Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: 0102 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: 0100 Signing time: Sat 19 Jul 2025 05:18:44 +0000 Manifest this update: Sat 19 Jul 2025 05:18:44 +0000 Manifest next update: Sat 26 Jul 2025 05:18:44 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: GbWocsWRX714nMe7x4H9KLKSn/BIGyJC/vjWiqgRH1Y=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: tK5HTPbAj/ZNMX+j7tcaCGQxo/xqwq0UKtlHWscWUVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 05:18:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 258 (0x102) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA, serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: Jul 19 05:18:44 2025 GMT Not After : Jul 26 05:18:44 2025 GMT Subject: CN=687b2ab4-de15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4e:c7:51:96:e9:da:93:e2:20:b5:cc:b8:33: ca:d8:cf:9f:1e:10:22:c6:1f:64:5a:cf:f2:d1:fe: 34:e1:24:be:b8:1f:9f:3c:55:b9:ba:da:cb:f6:92: df:ec:03:0f:8f:fc:fe:5e:2c:41:86:34:02:da:25: f4:df:cf:74:80:07:0b:3a:70:ad:0a:5b:49:af:09: e3:fe:9e:2e:2d:3d:d2:74:32:94:f8:23:05:d9:a1: c1:19:c3:b8:99:58:5d:42:cc:59:16:59:f6:36:0f: c2:c7:b2:f0:fc:47:67:14:93:14:38:ed:4a:c1:b2: 39:9a:46:9f:e0:9c:85:99:cb:83:c3:37:19:a3:7d: c6:de:a6:d9:c0:b0:5b:ad:af:9c:46:96:1b:e8:dc: 63:81:a2:16:f7:cb:ee:1b:a8:ca:3e:61:45:48:9c: 9d:b6:ca:5d:08:1c:83:cf:81:09:6c:3d:ee:35:1e: cc:eb:8c:8a:91:5d:b4:a8:e3:7d:c4:62:ca:3f:15: c5:3f:89:e0:98:d4:f6:5f:dd:d8:ca:aa:2c:56:76: 65:f6:50:b8:bb:4f:52:43:e3:88:03:d7:9d:ec:8a: 57:b7:ff:94:92:d5:73:35:95:7e:ea:d6:1b:65:6b: 83:ae:15:b5:a0:c1:d1:2c:6d:ba:6e:d7:fe:06:29: 49:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:03:5A:10:74:33:10:51:87:E7:9A:EE:77:23:32:28:E8:76:04:92 X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:40:19:b5:74:4c:1b:a9:2b:85:cd:5c:81:63:43:6f:e1:de: 4f:5e:f2:d3:58:61:4b:07:b4:c5:a2:ef:51:17:f8:9d:94:90: a6:d2:2c:b1:ab:9b:55:24:7e:f0:ae:8e:ea:49:4f:6f:ad:ec: db:66:6f:db:de:ad:05:bd:83:56:8d:18:12:8e:ae:2f:db:17: 1d:3f:87:d7:e3:4b:0c:72:1a:a3:25:98:47:33:0a:29:70:46: 67:3c:ab:1f:ee:65:a8:ff:29:98:d7:0a:df:9d:eb:a4:8d:49: 55:60:81:fc:27:8f:a9:4d:05:21:9b:9d:ce:54:75:f5:6a:97: 2f:37:4f:4c:ce:0f:c7:47:34:a3:35:bc:32:d8:50:95:41:d8: 3a:35:a0:02:34:3f:94:6b:19:9c:4a:eb:fe:77:7b:fb:47:7a: 5c:fd:e4:4e:9a:ce:2e:ab:ef:d4:d7:5b:58:75:f4:35:1b:6c: fd:9d:b9:1e:71:4b:0d:c4:9d:1d:5e:89:32:fe:e0:21:44:38: 56:a3:93:bd:47:d1:61:b9:66:c0:46:7d:b9:10:1f:b6:94:f8: 8c:0c:1b:5b:19:59:81:da:88:c5:f0:d2:c7:3a:89:2d:2a:6f: 31:c8:43:07:98:99:dd:2a:81:43:41:f6:c1:09:bd:3f:07:90: 23:95:62:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTI5REExMTAvBgNVBAUTKDJGRDI0QjZGRDc5ODA0NDU3MzU0Mzg2NjYyQ0UzMERE QTNCMjAwQjUwHhcNMjUwNzE5MDUxODQ0WhcNMjUwNzI2MDUxODQ0WjAYMRYwFAYD VQQDEw02ODdiMmFiNC1kZTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxE7HUZbp2pPiILXMuDPK2M+fHhAixh9kWs/y0f404SS+uB+fPFW5utrL9pLf 7AMPj/z+XixBhjQC2iX03890gAcLOnCtCltJrwnj/p4uLT3SdDKU+CMF2aHBGcO4 mVhdQsxZFln2Ng/Cx7Lw/EdnFJMUOO1KwbI5mkaf4JyFmcuDwzcZo33G3qbZwLBb ra+cRpYb6NxjgaIW98vuG6jKPmFFSJydtspdCByDz4EJbD3uNR7M64yKkV20qON9 xGLKPxXFP4ngmNT2X93YyqosVnZl9lC4u09SQ+OIA9ed7IpXt/+UktVzNZV+6tYb ZWuDrhW1oMHRLG26btf+BilJ+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMMDWhB0 MxBRh+ea7ncjMijodgSSMB8GA1UdIwQYMBaAFC/SS2/XmARFc1Q4ZmLOMN2jsgC1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjlEQS8zNEI1QjUxNERB NTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJFVnpWRGhtWXM0dzNhT3lB TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjlEQS8zNEI1QjUxNERBNTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJF VnpWRGhtWXM0dzNhT3lBTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtQBm1dEwbqSuFzVyBY0Nv4d5PXvLTWGFLB7TFou9RF/idlJCm0iyx q5tVJH7wro7qSU9vrezbZm/b3q0FvYNWjRgSjq4v2xcdP4fX40sMchqjJZhHMwop cEZnPKsf7mWo/ymY1wrfneukjUlVYIH8J4+pTQUhm53OVHX1apcvN09Mzg/HRzSj Nbwy2FCVQdg6NaACND+UaxmcSuv+d3v7R3pc/eROms4uq+/U11tYdfQ1G2z9nbke cUsNxJ0dXoky/uAhRDhWo5O9R9FhuWbARn25EB+2lPiMDBtbGVmB2ojF8NLHOokt Km8xyEMHmJndKoFDQfbBCb0/B5AjlWJx -----END CERTIFICATE-----Generated at Sun Jul 20 18:39:10 2025 by rpki-client