$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft File: 7AffwfGIh38OvP3gtIHMAiw0NrI.mft (raw, json) Hash identifier: Aq+F001zW1DKk5fUkfIsEMhKGBCQtrtpUOvmQW9Z85g= Subject key identifier: F3:DC:BF:6A:DB:38:FE:12:95:F2:AD:EA:67:2F:5B:24:70:B9:0E:AD Authority key identifier: EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2 Certificate issuer: /CN=A91BEE1D/serialNumber=EC07DFC1F188877F0EBCFDE0B481CC022C3436B2 Certificate serial: 67 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft Manifest number: 67 Signing time: Sat 19 Jul 2025 07:12:31 +0000 Manifest this update: Sat 19 Jul 2025 07:12:30 +0000 Manifest next update: Sat 26 Jul 2025 07:12:30 +0000 Files and hashes: 1: 7AffwfGIh38OvP3gtIHMAiw0NrI.crl (hash: 1wfGKWC8M360Hg2bwIIT9Qz8wE7wrBp+Ph+OZ3vhXRI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.crl rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:12:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 103 (0x67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEE1D, serialNumber=EC07DFC1F188877F0EBCFDE0B481CC022C3436B2 Validity Not Before: Jul 19 07:12:30 2025 GMT Not After : Jul 26 07:12:30 2025 GMT Subject: CN=687b455e-d00d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ea:20:0d:b4:9c:06:3c:d1:d5:22:c1:09:d7: a6:02:8a:8b:cd:cb:09:0a:6b:55:e6:20:42:33:57: e3:30:a7:a6:e4:d1:80:3f:81:5f:05:96:ae:40:87: b9:1b:bc:b6:f0:f0:7c:8f:fa:dc:8b:f3:25:30:ae: 90:3b:d6:20:e9:f1:3f:d7:7e:1e:cd:a8:b6:4f:5e: ba:46:cc:a6:77:c1:8e:2e:9d:1b:59:e7:93:91:ec: 0f:06:9b:2a:c2:c4:fd:35:c5:0a:d5:7d:45:24:05: 11:e3:31:c1:aa:94:6f:2f:76:c1:b0:ee:2b:0b:d9: b6:d7:66:22:b8:47:26:1b:9c:a5:90:c3:30:67:ec: 4e:28:e1:aa:97:6d:ed:0a:fd:c7:f0:79:36:2b:8c: bb:56:de:de:a0:d9:5c:1d:be:6e:00:4f:98:23:54: 28:82:7b:d8:a8:59:0f:f9:12:78:1a:d6:73:94:c3: 36:f0:1a:e6:bc:bf:b8:e1:bd:0a:f4:01:a3:2c:71: 0f:86:69:3c:20:39:7c:3c:af:26:20:4f:d6:1d:9d: 79:51:d3:0f:65:5a:26:e2:eb:41:e6:75:11:d0:1c: dc:ff:6f:53:40:7b:8c:f5:81:db:20:fc:5a:0b:7a: 19:1c:72:48:d2:18:55:a3:64:58:16:5b:21:f9:67: e9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:DC:BF:6A:DB:38:FE:12:95:F2:AD:EA:67:2F:5B:24:70:B9:0E:AD X509v3 Authority Key Identifier: keyid:EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:95:3f:45:7f:69:62:db:0d:2a:f1:63:e0:14:fa:49:a9:18: c7:f0:dc:65:dd:30:03:2c:b4:12:10:98:27:60:cc:ad:a1:d9: 01:f6:15:17:23:d7:88:4a:b9:d3:fd:71:a7:aa:19:93:8d:ad: 62:63:1b:3a:98:b3:09:a1:b1:4c:88:b9:a2:cd:a1:dc:b3:a0: 3d:57:e0:a8:a1:3e:b4:73:8c:bd:4c:56:03:cd:6b:cb:37:7a: 4b:23:9b:90:36:79:f6:d8:0a:b2:5e:da:6b:8b:7f:13:48:61: 69:bf:aa:85:9a:37:89:df:bb:16:35:16:d8:76:a8:d7:20:74: 14:07:4c:cb:4a:74:b6:f8:7e:81:e7:df:50:49:7f:61:74:2d: 05:5d:c6:2e:35:89:b6:7d:0e:60:50:58:ce:06:60:89:1b:d7: ef:df:7a:a5:99:02:e7:75:05:a1:e0:82:9e:90:d0:bc:0d:c2: f8:f8:b5:99:b1:42:d5:0d:c6:be:e0:0c:96:b6:ad:5a:dd:79: de:bd:cb:a5:79:5a:5e:6d:19:60:88:e6:e4:d8:2f:73:4c:56: 3e:7c:6a:21:51:0b:00:af:6a:ed:92:81:bf:b9:7c:34:02:e9: 32:ab:a8:b8:23:b1:18:cb:5a:96:f7:a4:c3:8d:63:eb:c2:3f: 8b:e2:ae:32 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUUxRDExMC8GA1UEBRMoRUMwN0RGQzFGMTg4ODc3RjBFQkNGREUwQjQ4MUNDMDIy QzM0MzZCMjAeFw0yNTA3MTkwNzEyMzBaFw0yNTA3MjYwNzEyMzBaMBgxFjAUBgNV BAMTDTY4N2I0NTVlLWQwMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDA6iANtJwGPNHVIsEJ16YCiovNywkKa1XmIEIzV+Mwp6bk0YA/gV8Flq5Ah7kb vLbw8HyP+tyL8yUwrpA71iDp8T/Xfh7NqLZPXrpGzKZ3wY4unRtZ55OR7A8GmyrC xP01xQrVfUUkBRHjMcGqlG8vdsGw7isL2bbXZiK4RyYbnKWQwzBn7E4o4aqXbe0K /cfweTYrjLtW3t6g2Vwdvm4AT5gjVCiCe9ioWQ/5Enga1nOUwzbwGua8v7jhvQr0 AaMscQ+GaTwgOXw8ryYgT9YdnXlR0w9lWibi60HmdRHQHNz/b1NAe4z1gdsg/FoL ehkcckjSGFWjZFgWWyH5Z+mTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU89y/ats4 /hKV8q3qZy9bJHC5Dq0wHwYDVR0jBBgwFoAU7AffwfGIh38OvP3gtIHMAiw0NrIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFRTFELzkyNzgyMjM0Qzcw RTExRUY4MDY3QzQ2NkM0RjlBRTAyLzdBZmZ3ZkdJaDM4T3ZQM2d0SUhNQWl3ME5y SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvN0FmZndmR0loMzhPdlAzZ3RJSE1BaXcwTnJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF RTFELzkyNzgyMjM0QzcwRTExRUY4MDY3QzQ2NkM0RjlBRTAyLzdBZmZ3ZkdJaDM4 T3ZQM2d0SUhNQWl3ME5ySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIGVP0V/aWLbDSrxY+AU+kmpGMfw3GXdMAMstBIQmCdgzK2h2QH2FRcj 14hKudP9caeqGZONrWJjGzqYswmhsUyIuaLNodyzoD1X4KihPrRzjL1MVgPNa8s3 eksjm5A2efbYCrJe2muLfxNIYWm/qoWaN4nfuxY1Fth2qNcgdBQHTMtKdLb4foHn 31BJf2F0LQVdxi41ibZ9DmBQWM4GYIkb1+/feqWZAud1BaHggp6Q0LwNwvj4tZmx QtUNxr7gDJa2rVrded69y6V5Wl5tGWCI5uTYL3NMVj58aiFRCwCvau2Sgb+5fDQC 6TKrqLgjsRjLWpb3pMONY+vCP4virjI= -----END CERTIFICATE-----Generated at Mon Jul 21 03:26:28 2025 by rpki-client