$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft File: ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft (raw, json) Hash identifier: 4LelxuyMJsXGz3zQh/LxRnwBuqt3dfKaHwbBT2sdE8c= Subject key identifier: 14:DC:5B:CC:2D:FF:0E:E7:4B:83:EE:E5:6E:3D:83:B3:AA:2F:37:71 Authority key identifier: 93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 Certificate issuer: /CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Certificate serial: 0EA1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft Manifest number: 0E90 Signing time: Sun 20 Jul 2025 17:43:32 +0000 Manifest this update: Sun 20 Jul 2025 17:43:31 +0000 Manifest next update: Sun 27 Jul 2025 17:43:31 +0000 Files and hashes: 1: ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl (hash: t9rutwcbrZAng8DWJNzkvHI09IFXwN58JNX1AEbE0yE=) 2: 5C154406988911E991B10838C4F9AE02.roa (hash: rlBKToBwc/S7CrTJwY8L3fa6c6H9ms0SKbG322SWU2g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3745 (0xea1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEF3E, serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Validity Not Before: Jul 20 17:43:31 2025 GMT Not After : Jul 27 17:43:31 2025 GMT Subject: CN=687d2ac4-cff4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2f:36:92:d8:b8:14:ad:0e:04:c1:b7:ab:01: 9e:1d:a1:27:51:82:32:af:a9:d7:02:6b:6b:f2:34: f9:38:ca:95:b0:ff:64:48:2a:9b:59:b2:da:2e:75: 1c:0f:cf:49:13:bd:01:99:84:c6:af:27:be:9b:9f: a1:f8:f8:47:23:32:99:a9:be:d2:e4:59:f9:71:e7: b8:52:f7:ea:67:ea:ee:69:53:ba:02:5a:5d:4b:43: 05:c0:cd:97:a6:20:d8:14:9a:a0:72:cb:0d:0d:f2: 18:5e:98:7d:08:bf:05:46:90:2c:47:af:74:b7:43: 58:ae:57:7b:c0:14:94:50:a4:77:a0:67:86:ee:52: ba:b4:6f:c9:cc:d9:a1:c9:01:05:0d:24:26:c4:95: 43:51:db:ec:98:c3:51:d1:06:9a:5e:b8:92:9c:a9: 1d:b0:91:20:3d:e6:69:ef:1b:ee:56:bf:7f:27:f5: 17:64:7e:90:f4:52:a3:1e:d5:62:09:02:1b:ec:67: 57:4c:08:61:0c:53:b6:66:04:e6:dc:7e:d1:31:aa: 4c:86:49:59:a2:8d:6d:cf:7b:39:51:d6:ed:17:ac: 92:ed:f0:32:46:df:b4:6f:dc:a4:46:f7:80:77:28: 6e:97:46:10:d8:69:a2:a6:92:d5:66:b8:75:4a:36: 40:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:DC:5B:CC:2D:FF:0E:E7:4B:83:EE:E5:6E:3D:83:B3:AA:2F:37:71 X509v3 Authority Key Identifier: keyid:93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:10:bf:5c:31:35:c0:16:51:2b:7f:06:ff:d5:ff:a0:8e:d6: cf:60:ac:9b:83:14:73:8c:df:fe:2b:77:a6:aa:a6:a4:82:b3: 4a:ea:b9:df:20:e1:cd:d0:25:13:2a:cd:ee:3c:69:e0:8c:85: 6c:35:0a:c3:a5:3a:2e:93:38:4e:00:e7:c9:cc:e5:84:48:fd: a3:74:33:cb:71:39:36:b8:fd:48:b8:ae:63:62:5c:3c:db:d3: 9a:b2:da:e7:ee:aa:98:f5:07:f8:7e:ff:f4:6b:04:b4:07:b5: 0a:1e:59:f9:09:3d:37:85:75:64:19:0b:76:b8:51:c1:12:ec: d8:b0:aa:49:bf:a2:96:5b:17:be:4a:34:a0:d7:43:5a:72:b0: 46:e7:4b:79:58:75:b0:33:dc:28:2e:95:40:6e:d6:88:a4:a0: d4:be:29:06:9c:38:45:49:83:b3:40:c6:c8:17:7a:da:3b:a1: 60:7a:bc:c9:b7:0f:a1:54:7f:c4:dc:fb:9d:c0:65:d7:39:92: 9d:5c:d7:a2:c0:77:d5:e1:31:50:32:ad:4e:e6:8f:5e:15:7e: 00:20:bd:36:d1:2d:18:38:b1:89:c3:15:e4:8f:01:89:e9:e6: 61:31:6a:7c:3b:af:9a:aa:c9:5f:d2:82:cb:bc:5c:e4:bc:d9: 5b:66:7f:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VGM0UxMTAvBgNVBAUTKDkzMkVDMkU2RTUyQjVBRjZDN0IwM0M0MTUwMjBFREUy NzJBQUExNDUwHhcNMjUwNzIwMTc0MzMxWhcNMjUwNzI3MTc0MzMxWjAYMRYwFAYD VQQDEw02ODdkMmFjNC1jZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0C82kti4FK0OBMG3qwGeHaEnUYIyr6nXAmtr8jT5OMqVsP9kSCqbWbLaLnUc D89JE70BmYTGrye+m5+h+PhHIzKZqb7S5Fn5cee4UvfqZ+ruaVO6AlpdS0MFwM2X piDYFJqgcssNDfIYXph9CL8FRpAsR690t0NYrld7wBSUUKR3oGeG7lK6tG/JzNmh yQEFDSQmxJVDUdvsmMNR0QaaXriSnKkdsJEgPeZp7xvuVr9/J/UXZH6Q9FKjHtVi CQIb7GdXTAhhDFO2ZgTm3H7RMapMhklZoo1tz3s5UdbtF6yS7fAyRt+0b9ykRveA dyhul0YQ2GmippLVZrh1SjZA4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBTcW8wt /w7nS4Pu5W49g7OqLzdxMB8GA1UdIwQYMBaAFJMuwublK1r2x7A8QVAg7eJyqqFF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUYzRS9DQjc0Q0Y2RTk4 N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2YkhzRHhCVUNEdDRuS3Fv VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2t5N0M1dVVyV3ZiSHNEeEJVQ0R0NG5LcW9VVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUYzRS9DQjc0Q0Y2RTk4N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2 YkhzRHhCVUNEdDRuS3FvVVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHEL9cMTXAFlErfwb/1f+gjtbPYKybgxRzjN/+K3emqqakgrNK6rnf IOHN0CUTKs3uPGngjIVsNQrDpToukzhOAOfJzOWESP2jdDPLcTk2uP1IuK5jYlw8 29Oastrn7qqY9Qf4fv/0awS0B7UKHln5CT03hXVkGQt2uFHBEuzYsKpJv6KWWxe+ SjSg10NacrBG50t5WHWwM9woLpVAbtaIpKDUvikGnDhFSYOzQMbIF3raO6FgerzJ tw+hVH/E3PudwGXXOZKdXNeiwHfV4TFQMq1O5o9eFX4AIL020S0YOLGJwxXkjwGJ 6eZhMWp8O6+aqslf0oLLvFzkvNlbZn/E -----END CERTIFICATE-----Generated at Sun Jul 20 20:25:35 2025 by rpki-client