$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft File: 09eD7kxpu1Bj-1z1smKLx77DdIo.mft (raw, json) Hash identifier: SQ5JtyBfth/oHlGjrGzI/we1PXwYPZnGSI5dzG1S+VY= Subject key identifier: 02:DF:1A:EF:7E:F5:D0:84:1D:52:88:8C:08:3D:7A:83:68:F9:B4:FB Authority key identifier: D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A Certificate issuer: /CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Certificate serial: 9B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft Manifest number: 9B Signing time: Mon 21 Jul 2025 01:50:52 +0000 Manifest this update: Mon 21 Jul 2025 01:50:52 +0000 Manifest next update: Mon 28 Jul 2025 01:50:52 +0000 Files and hashes: 1: 09eD7kxpu1Bj-1z1smKLx77DdIo.crl (hash: idtGRJvKMMEjPR1kML45LzUkFnGLBKh1rPYqQpnw9LY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:50:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Validity Not Before: Jul 21 01:50:52 2025 GMT Not After : Jul 28 01:50:52 2025 GMT Subject: CN=687d9cfc-1459 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cc:92:2c:e1:82:fe:aa:c6:f9:ce:0f:fb:76: e2:cd:25:f0:32:fb:8b:63:73:1a:b8:00:67:1f:b5: 62:15:39:18:e0:56:ed:07:e1:dd:a2:81:00:56:95: c1:1d:1f:d2:18:dc:07:1f:55:b5:39:83:a1:f5:86: f0:60:ae:c6:40:6d:6d:ae:83:7f:a1:4b:ff:4d:fc: f0:f0:57:a4:84:71:26:a0:a4:bc:c1:5e:37:85:1a: be:59:c2:40:0f:77:a1:45:35:20:5d:f8:cb:ce:52: a4:1a:45:c8:63:3c:9a:73:4d:86:e8:1c:66:19:a3: 66:f2:3e:f5:a8:99:fd:3f:31:9d:3c:7f:81:ad:b0: ea:f9:f8:8c:3b:6d:d8:61:d9:19:ac:eb:72:b5:57: e8:59:5c:5a:27:64:3b:6e:23:88:fc:6a:06:b4:3d: dd:35:a7:89:63:7e:81:02:2d:46:32:35:1f:b8:a0: 61:58:2c:8a:99:ea:1a:ff:ef:6b:fc:45:cb:b2:e7: d5:fc:ae:82:b5:99:bb:8f:53:ef:f6:18:b6:69:85: e2:40:2c:98:f8:82:18:7b:6b:4f:f4:59:45:6f:71: 85:d9:bf:b1:f0:23:75:75:69:29:77:c0:f8:16:61: c5:06:01:b1:0a:7c:d9:44:22:eb:2d:13:3f:a2:f3: bc:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DF:1A:EF:7E:F5:D0:84:1D:52:88:8C:08:3D:7A:83:68:F9:B4:FB X509v3 Authority Key Identifier: keyid:D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:0b:ea:96:b8:f4:92:70:27:9f:02:3a:cd:29:da:41:74:46: 7c:e3:38:ec:b7:26:dc:fd:fd:4b:cf:05:e2:40:1f:48:3d:1a: 9c:17:0c:08:cd:dc:1f:ae:12:f6:db:48:0f:0a:98:29:f4:66: b2:a7:6d:1f:6e:5b:5e:41:df:da:44:18:d8:93:36:e1:68:5d: 8f:b4:d8:7c:48:38:60:cc:84:ea:a7:c5:47:89:89:e4:aa:48: 53:b9:26:45:7b:85:ae:c0:c8:32:98:ce:b8:5f:31:78:69:d8: 7f:09:7d:ea:43:dc:cd:67:f5:e9:ac:75:48:01:6b:07:0f:4d: 96:65:27:bd:43:0d:62:a9:4d:51:f0:54:d1:ca:75:6d:1a:49: da:ed:d1:a0:1a:43:a1:1c:ff:14:0c:dd:e2:65:ab:d0:26:9c: 3b:b9:d2:12:69:0e:75:61:07:4e:96:81:8e:66:a7:ce:49:0a: d2:e9:5e:e1:d9:a4:74:b2:6b:9b:39:f0:71:23:4b:96:f3:21: d2:9d:6a:4c:28:77:18:dc:56:5b:71:cd:4c:b3:53:da:07:d2: fe:f2:45:85:e6:10:c9:d5:77:ed:52:8d:98:cf:be:ea:42:f0: d0:8c:61:16:06:53:f2:43:2e:ff:7c:d2:31:bd:84:be:8a:59: 69:0f:a0:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBNzcxMTAvBgNVBAUTKEQzRDc4M0VFNEM2OUJCNTA2M0ZCNUNGNUIyNjI4QkM3 QkVDMzc0OEEwHhcNMjUwNzIxMDE1MDUyWhcNMjUwNzI4MDE1MDUyWjAYMRYwFAYD VQQDEw02ODdkOWNmYy0xNDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy8ySLOGC/qrG+c4P+3bizSXwMvuLY3MauABnH7ViFTkY4FbtB+HdooEAVpXB HR/SGNwHH1W1OYOh9YbwYK7GQG1troN/oUv/Tfzw8FekhHEmoKS8wV43hRq+WcJA D3ehRTUgXfjLzlKkGkXIYzyac02G6BxmGaNm8j71qJn9PzGdPH+BrbDq+fiMO23Y YdkZrOtytVfoWVxaJ2Q7biOI/GoGtD3dNaeJY36BAi1GMjUfuKBhWCyKmeoa/+9r /EXLsufV/K6CtZm7j1Pv9hi2aYXiQCyY+IIYe2tP9FlFb3GF2b+x8CN1dWkpd8D4 FmHFBgGxCnzZRCLrLRM/ovO8jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFALfGu9+ 9dCEHVKIjAg9eoNo+bT7MB8GA1UdIwQYMBaAFNPXg+5MabtQY/tc9bJii8e+w3SK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUE3Ny9BQjg1MzQ0MDdB M0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUxQmotMXoxc21LTHg3N0Rk SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzA5ZUQ3a3hwdTFCai0xejFzbUtMeDc3RGRJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUE3Ny9BQjg1MzQ0MDdBM0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUx QmotMXoxc21LTHg3N0RkSW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9C+qWuPSScCefAjrNKdpBdEZ84zjstybc/f1LzwXiQB9IPRqcFwwI zdwfrhL220gPCpgp9Gayp20fblteQd/aRBjYkzbhaF2PtNh8SDhgzITqp8VHiYnk qkhTuSZFe4WuwMgymM64XzF4adh/CX3qQ9zNZ/XprHVIAWsHD02WZSe9Qw1iqU1R 8FTRynVtGkna7dGgGkOhHP8UDN3iZavQJpw7udISaQ51YQdOloGOZqfOSQrS6V7h 2aR0smubOfBxI0uW8yHSnWpMKHcY3FZbcc1Ms1PaB9L+8kWF5hDJ1XftUo2Yz77q QvDQjGEWBlPyQy7/fNIxvYS+illpD6CI -----END CERTIFICATE-----Generated at Mon Jul 21 12:50:08 2025 by rpki-client