$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft File: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json) Hash identifier: AKhMVjwyAkX1k4fjZQLggkub3+VdsujPyOKQy8bC2S8= Subject key identifier: D2:44:2D:4C:A4:6A:33:34:2C:E5:78:30:21:87:E5:C9:26:14:AB:0F Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 Certificate issuer: /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Certificate serial: 0107 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft Manifest number: 0103 Signing time: Wed 23 Jul 2025 05:23:47 +0000 Manifest this update: Wed 23 Jul 2025 05:23:46 +0000 Manifest next update: Wed 30 Jul 2025 05:23:46 +0000 Files and hashes: 1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: Zx8gRMyVxqDzsokUWZwjlu9So3f6/dPANktmG/mcpwQ=) 2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: MrPqjHlMCM5b67h4IqKRm22f4PuZXIPWzDsfWbxNY08=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 05:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 263 (0x107) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Validity Not Before: Jul 23 05:23:46 2025 GMT Not After : Jul 30 05:23:46 2025 GMT Subject: CN=688071e2-53ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:38:ec:8e:ce:cf:7f:32:44:5a:4e:6f:ac:97: 83:69:1f:09:9e:cf:ad:89:0f:85:c2:86:eb:60:9c: 88:38:c5:87:8a:81:ee:b6:79:76:fc:75:4f:0b:65: 3d:cd:24:1a:7d:d9:01:9c:1d:93:ad:46:e8:23:27: b8:16:65:8d:66:47:dd:07:8c:fc:da:ce:1c:0b:7e: 10:22:89:30:a4:42:c8:a9:14:c8:c6:55:da:27:93: b9:1b:8b:93:ec:d4:f5:41:85:27:12:ff:12:42:a7: 27:0c:de:6f:68:19:48:79:8e:d1:9c:34:9d:57:c2: d8:df:0b:87:fb:ff:32:c7:85:88:11:49:94:b6:90: a9:13:ba:90:7a:cd:be:53:60:4c:1c:6d:9b:d1:82: 66:46:73:40:28:59:fc:31:d8:42:65:51:97:d7:96: 71:6d:a2:8e:ee:09:9a:ab:66:76:1a:f9:bc:e0:e5: 6c:e5:54:71:34:f8:52:a3:b7:fd:69:b6:51:78:96: 11:42:cc:46:5a:8a:33:c1:b8:5a:d1:1a:e5:f8:69: f8:40:e4:72:26:51:c2:40:cb:07:41:90:a7:85:5a: c5:cd:40:48:c6:30:c1:32:ce:60:4f:dd:89:5d:b1: 0b:c0:0a:96:e0:a5:8d:60:d9:80:a9:2d:7b:b0:a0: d7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:44:2D:4C:A4:6A:33:34:2C:E5:78:30:21:87:E5:C9:26:14:AB:0F X509v3 Authority Key Identifier: keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:83:dd:2a:da:76:4e:89:1a:e2:f1:60:86:14:d6:00:96:9b: 91:85:af:30:3a:d7:cd:75:d0:ef:8f:1a:85:7f:46:96:5b:19: e7:de:52:2d:a4:93:8b:c8:25:68:39:df:91:98:f0:e6:5d:10: 6e:3a:4e:dc:5e:4f:31:1c:1b:64:cc:f5:de:b8:b6:61:f9:ac: 80:74:92:ab:8c:a9:25:7d:5f:d6:bc:1b:9d:7d:7f:ec:41:9a: 1f:a7:d3:1d:50:26:f0:56:86:02:e5:d9:36:72:38:dd:26:73: 1a:d2:e5:29:0d:38:f3:5f:00:cf:43:2b:e6:99:fd:7d:35:cb: 0a:e8:30:76:f5:33:39:a5:4c:6d:99:3e:d2:e4:c4:60:ed:e2: 03:21:d1:fe:15:11:de:0c:d0:1e:48:35:f1:d4:8d:2c:68:01: 19:1e:b7:e4:46:76:23:c7:71:ae:63:c2:b8:40:db:94:69:1c: 4f:e0:d0:c5:db:5c:72:58:06:32:7d:02:a3:b1:f1:4c:71:0b: 60:c9:f4:08:59:89:76:fb:62:5a:d6:64:ec:82:82:12:cb:dc: 36:78:93:b7:a9:f4:ab:bf:e4:3f:cb:91:2e:7c:a5:2b:3e:dd: b9:88:dd:17:64:cc:90:34:70:9a:64:9a:4f:f1:ff:3f:5a:21: f1:65:9b:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx NkJCNTE0NTYwHhcNMjUwNzIzMDUyMzQ2WhcNMjUwNzMwMDUyMzQ2WjAYMRYwFAYD VQQDEw02ODgwNzFlMi01M2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDjsjs7PfzJEWk5vrJeDaR8Jns+tiQ+FwobrYJyIOMWHioHutnl2/HVPC2U9 zSQafdkBnB2TrUboIye4FmWNZkfdB4z82s4cC34QIokwpELIqRTIxlXaJ5O5G4uT 7NT1QYUnEv8SQqcnDN5vaBlIeY7RnDSdV8LY3wuH+/8yx4WIEUmUtpCpE7qQes2+ U2BMHG2b0YJmRnNAKFn8MdhCZVGX15ZxbaKO7gmaq2Z2Gvm84OVs5VRxNPhSo7f9 abZReJYRQsxGWoozwbha0Rrl+Gn4QORyJlHCQMsHQZCnhVrFzUBIxjDBMs5gT92J XbELwAqW4KWNYNmAqS17sKDXqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJELUyk ajM0LOV4MCGH5ckmFKsPMB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0 bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYg90q2nZOiRri8WCGFNYAlpuRha8wOtfNddDvjxqFf0aWWxnn3lIt pJOLyCVoOd+RmPDmXRBuOk7cXk8xHBtkzPXeuLZh+ayAdJKrjKklfV/WvBudfX/s QZofp9MdUCbwVoYC5dk2cjjdJnMa0uUpDTjzXwDPQyvmmf19NcsK6DB29TM5pUxt mT7S5MRg7eIDIdH+FRHeDNAeSDXx1I0saAEZHrfkRnYjx3GuY8K4QNuUaRxP4NDF 21xyWAYyfQKjsfFMcQtgyfQIWYl2+2Ja1mTsgoISy9w2eJO3qfSrv+Q/y5EufKUr Pt25iN0XZMyQNHCaZJpP8f8/WiHxZZvM -----END CERTIFICATE-----Generated at Thu Jul 24 12:15:03 2025 by rpki-client