$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.mft File: 7XLHFrwK9Z1DBjI_uqR0vUtN5xw.mft (raw, json) Hash identifier: IceufR4w+KqEUFhASPSPa+RBJ+QlO2iRqqGvXdB59JY= Subject key identifier: B7:7D:6C:82:15:45:96:24:83:F3:1F:9A:07:3B:D0:B3:36:1B:0F:CF Authority key identifier: ED:72:C7:16:BC:0A:F5:9D:43:06:32:3F:BA:A4:74:BD:4B:4D:E7:1C Certificate issuer: /CN=A91BAA24/serialNumber=ED72C716BC0AF59D4306323FBAA474BD4B4DE71C Certificate serial: 1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.mft Manifest number: 1C Signing time: Tue 01 Jul 2025 08:41:59 +0000 Manifest this update: Tue 01 Jul 2025 08:41:59 +0000 Manifest next update: Tue 08 Jul 2025 08:41:58 +0000 Files and hashes: 1: 7XLHFrwK9Z1DBjI_uqR0vUtN5xw.crl (hash: Ern0JFH2D6xqibr0AR5wdN8k14WYI/um6Igdnn6Ewjg=) 2: 28C2D6002BCB11F0A99C1E60C4F9AE02.roa (hash: 3eRh0WSm3ML8fWWz0uqzCk5In0Q1rchUgCmcr9wy07U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.crl rsync://rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:41:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAA24, serialNumber=ED72C716BC0AF59D4306323FBAA474BD4B4DE71C Validity Not Before: Jul 1 08:41:59 2025 GMT Not After : Jul 8 08:41:58 2025 GMT Subject: CN=68639f57-3aa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:49:ed:58:48:60:c0:65:8a:94:8d:31:82:f9: 88:eb:92:b4:60:44:e5:71:b1:56:2b:a2:01:eb:4a: 77:92:6c:ef:57:a9:b7:aa:44:d2:a1:e2:25:dd:df: 3e:5e:85:f1:73:b9:38:b7:44:0f:aa:6f:aa:7c:4e: ea:51:2a:4d:76:c3:eb:db:ce:94:0c:27:13:a5:8f: 51:11:74:c9:c5:2e:35:36:44:35:3b:b1:81:ca:01: 85:cc:36:8f:b5:56:11:43:99:52:7e:f7:63:f9:19: 58:3c:e3:a7:5e:4a:32:1a:db:ee:69:85:e6:77:31: 9d:54:49:c1:b1:28:5d:95:74:1e:a2:16:13:4f:d0: 90:1b:82:10:0f:59:5a:6a:61:bf:32:ac:c6:8c:42: 59:77:0b:71:81:60:89:ee:b0:c6:f8:e5:90:3a:55: f1:f3:9f:c3:2b:79:7f:c8:bd:c7:c5:44:cc:43:76: 67:35:b7:dd:e1:12:45:e9:92:5c:2a:22:a8:1f:b8: e9:a9:52:95:70:a7:0b:bd:c8:92:9b:28:f7:46:dc: cd:e8:fb:c0:fb:aa:b7:f0:6a:6a:c3:bf:10:f9:c5: 02:1b:6a:4b:6e:a1:04:45:0d:61:d8:e2:37:98:0f: d5:2a:13:05:ba:64:92:aa:c4:25:20:b1:b4:f3:9e: ff:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:7D:6C:82:15:45:96:24:83:F3:1F:9A:07:3B:D0:B3:36:1B:0F:CF X509v3 Authority Key Identifier: keyid:ED:72:C7:16:BC:0A:F5:9D:43:06:32:3F:BA:A4:74:BD:4B:4D:E7:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAA24/1739C35A2BC911F0B8BE3F3BC4F9AE02/7XLHFrwK9Z1DBjI_uqR0vUtN5xw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:71:96:24:32:e9:83:f1:63:46:14:d4:f1:74:6c:f2:f4:fe: 67:c3:c9:c6:d5:91:e0:5b:77:67:00:bc:26:bc:05:72:1b:3e: 40:1c:bb:50:b8:a6:95:f7:ce:30:1c:d6:59:80:1d:da:d3:ee: 83:be:31:33:a4:65:64:0a:29:a0:5b:3b:e9:7a:54:6b:0f:ee: d3:2f:bb:9c:d0:05:16:67:38:ff:1e:e0:33:bc:97:27:58:e3: 2d:5c:bf:08:70:11:b4:d8:c6:5e:0f:24:58:c0:c6:ee:6d:d0: 90:95:e2:f3:2a:02:bb:67:14:30:29:bc:76:e3:73:95:d7:44: 29:61:41:8c:3a:4e:e9:7c:19:2c:ed:5d:e7:7f:e7:cd:27:08: d8:7c:9e:54:5b:25:82:78:27:d4:a5:cd:c8:68:89:f7:1f:42: 5e:61:77:f0:a5:43:02:0f:a6:45:cf:17:2b:42:10:03:7a:46: 56:d4:a2:99:d3:bf:52:aa:cb:5f:40:ae:c1:f2:c2:ea:cf:b7: a6:83:c8:c4:66:3b:62:ea:c4:f2:a4:f0:fe:64:eb:6f:1a:0e: d0:a3:16:b7:3c:92:85:99:b8:54:e6:ca:98:ae:90:33:43:83: 80:99:f5:e2:6c:64:7d:90:02:27:40:90:b8:d9:d6:dd:ae:2b: 61:25:69:c3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QUEyNDExMC8GA1UEBRMoRUQ3MkM3MTZCQzBBRjU5RDQzMDYzMjNGQkFBNDc0QkQ0 QjRERTcxQzAeFw0yNTA3MDEwODQxNTlaFw0yNTA3MDgwODQxNThaMBgxFjAUBgNV BAMTDTY4NjM5ZjU3LTNhYTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDASe1YSGDAZYqUjTGC+YjrkrRgROVxsVYrogHrSneSbO9XqbeqRNKh4iXd3z5e hfFzuTi3RA+qb6p8TupRKk12w+vbzpQMJxOlj1ERdMnFLjU2RDU7sYHKAYXMNo+1 VhFDmVJ+92P5GVg846deSjIa2+5pheZ3MZ1UScGxKF2VdB6iFhNP0JAbghAPWVpq Yb8yrMaMQll3C3GBYInusMb45ZA6VfHzn8MreX/IvcfFRMxDdmc1t93hEkXpklwq IqgfuOmpUpVwpwu9yJKbKPdG3M3o+8D7qrfwamrDvxD5xQIbaktuoQRFDWHY4jeY D9UqEwW6ZJKqxCUgsbTznv//AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUt31sghVF liSD8x+aBzvQszYbD88wHwYDVR0jBBgwFoAU7XLHFrwK9Z1DBjI/uqR0vUtN5xww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBQTI0LzE3MzlDMzVBMkJD OTExRjBCOEJFM0YzQkM0RjlBRTAyLzdYTEhGcndLOVoxREJqSV91cVIwdlV0TjV4 dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN1hMSEZyd0s5WjFEQmpJX3VxUjB2VXRONXh3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJB QTI0LzE3MzlDMzVBMkJDOTExRjBCOEJFM0YzQkM0RjlBRTAyLzdYTEhGcndLOVox REJqSV91cVIwdlV0TjV4dy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAExxliQy6YPxY0YU1PF0bPL0/mfDycbVkeBbd2cAvCa8BXIbPkAcu1C4 ppX3zjAc1lmAHdrT7oO+MTOkZWQKKaBbO+l6VGsP7tMvu5zQBRZnOP8e4DO8lydY 4y1cvwhwEbTYxl4PJFjAxu5t0JCV4vMqArtnFDApvHbjc5XXRClhQYw6Tul8GSzt Xed/580nCNh8nlRbJYJ4J9SlzchoifcfQl5hd/ClQwIPpkXPFytCEAN6RlbUopnT v1Kqy19ArsHywurPt6aDyMRmO2LqxPKk8P5k628aDtCjFrc8koWZuFTmypiukDND g4CZ9eJsZH2QAidAkLjZ1t2uK2ElacM= -----END CERTIFICATE-----Generated at Tue Jul 1 18:54:43 2025 by rpki-client