$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: SKCWeNd7eevJFmDI17ZNZHNCOmzZDvieh+rOXQpUh7Q= Subject key identifier: 39:FE:99:9E:4F:A9:3A:10:F0:6F:EA:A5:FB:D4:EC:C9:4C:32:EC:A4 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 10 Signing time: Tue 01 Jul 2025 08:52:53 +0000 Manifest this update: Tue 01 Jul 2025 08:52:52 +0000 Manifest next update: Tue 08 Jul 2025 08:52:52 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: ZLZEo58c5ZZDaOjnGXX4BxU3jzPpdw6gUm9GjdWivPM=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:52:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Jul 1 08:52:52 2025 GMT Not After : Jul 8 08:52:52 2025 GMT Subject: CN=6863a1e5-2d10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:53:4d:f2:42:ec:86:5b:29:4d:a4:72:78:d8: db:f6:fb:f9:48:c1:bb:3e:17:b9:9a:d0:e6:c8:ac: 4b:c1:39:5e:02:11:ed:5d:01:d7:6e:ff:5b:c6:48: ac:1d:ce:d8:4f:31:7c:5f:28:1f:c3:1f:6c:04:f6: 97:2f:47:f0:df:77:a3:c3:4c:92:f5:42:27:71:b8: ef:59:fd:12:41:13:45:94:5b:89:20:19:91:dc:b2: 07:aa:a4:2d:39:51:49:41:5f:da:89:24:b0:23:17: 12:8f:3a:4b:eb:89:41:dc:8d:e6:5a:7e:70:12:64: 0c:69:e8:1f:f5:be:84:d1:c1:99:46:70:8e:f5:c8: 0c:c1:06:36:3d:4e:8a:5f:81:97:92:d0:b9:8b:32: c3:e0:2f:42:df:fb:04:d5:19:fc:58:4e:27:8c:ff: b3:25:e3:8e:3b:f0:50:29:72:b9:40:cc:e7:7b:d5: b2:c8:e6:3e:0b:de:cf:97:44:24:cb:31:06:d2:c7: ab:f2:ab:d1:f9:28:f8:fb:3b:81:6c:36:1c:3b:ab: 00:0d:de:fe:11:90:00:a1:fb:28:ae:ef:de:dd:27: f9:5f:f0:bf:d5:74:e2:31:6d:24:d3:4a:c6:c8:be: f4:ab:f9:21:7d:49:13:8b:d1:07:16:57:c4:ea:fd: 05:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:FE:99:9E:4F:A9:3A:10:F0:6F:EA:A5:FB:D4:EC:C9:4C:32:EC:A4 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:8a:eb:a8:e3:d6:e2:cd:7f:75:89:3b:ae:18:40:07:e7:9b: 69:ab:4b:5a:35:8c:ea:57:78:91:3b:86:80:92:0c:94:a2:6f: 3d:9c:40:14:82:1e:59:b9:ab:1d:35:dd:f7:92:a5:3d:8e:76: e4:c9:43:13:3e:68:fb:24:f4:7b:0b:9c:7a:91:7b:e4:2b:29: b0:50:28:9e:c4:b1:8a:15:3b:31:f7:62:59:5d:1c:8d:b5:b8: 37:7b:b2:24:d1:61:33:c3:a9:2f:27:79:06:df:f7:28:ac:f8: 1d:c7:a8:68:22:d1:e4:86:73:9e:d0:72:40:fc:d6:63:84:c3: df:e3:72:00:cf:07:2f:5a:2b:7c:f8:f3:2d:d1:2b:24:f9:da: 9e:ae:35:cf:80:08:19:23:bd:95:24:71:a1:92:89:5f:be:83: 03:b6:c1:ee:ce:c1:27:dd:56:de:19:1d:97:7b:95:d2:d7:3f: 82:4b:91:28:02:e6:11:68:f7:21:ff:c3:bf:fc:2c:e3:a3:f3: 17:5d:e8:b6:b2:be:ce:ce:c9:8f:b9:33:c8:2d:be:8f:be:94: 7f:62:07:8d:2a:4e:ac:a7:5d:d1:34:6b:c9:da:08:85:64:8a: 66:3e:d6:b0:89:76:fc:c3:fd:09:3e:f7:81:d7:c7:50:6b:ff: 50:4b:a1:43 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTA3MDEwODUyNTJaFw0yNTA3MDgwODUyNTJaMBgxFjAUBgNV BAMTDTY4NjNhMWU1LTJkMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2U03yQuyGWylNpHJ42Nv2+/lIwbs+F7ma0ObIrEvBOV4CEe1dAddu/1vGSKwd zthPMXxfKB/DH2wE9pcvR/Dfd6PDTJL1QidxuO9Z/RJBE0WUW4kgGZHcsgeqpC05 UUlBX9qJJLAjFxKPOkvriUHcjeZafnASZAxp6B/1voTRwZlGcI71yAzBBjY9Topf gZeS0LmLMsPgL0Lf+wTVGfxYTieM/7Ml44478FApcrlAzOd71bLI5j4L3s+XRCTL MQbSx6vyq9H5KPj7O4FsNhw7qwAN3v4RkACh+yiu797dJ/lf8L/VdOIxbSTTSsbI vvSr+SF9SROL0QcWV8Tq/QUZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOf6Znk+p OhDwb+ql+9TsyUwy7KQwHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0VEMEYxMUY0NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0Umxj R1ZVdFN5OFZ2Ukp2RWJJay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAGK66jj1uLNf3WJO64YQAfnm2mrS1o1jOpXeJE7hoCSDJSibz2cQBSC Hlm5qx013feSpT2OduTJQxM+aPsk9HsLnHqRe+QrKbBQKJ7EsYoVOzH3YlldHI21 uDd7siTRYTPDqS8neQbf9yis+B3HqGgi0eSGc57QckD81mOEw9/jcgDPBy9aK3z4 8y3RKyT52p6uNc+ACBkjvZUkcaGSiV++gwO2we7OwSfdVt4ZHZd7ldLXP4JLkSgC 5hFo9yH/w7/8LOOj8xdd6Layvs7OyY+5M8gtvo++lH9iB40qTqynXdE0a8naCIVk imY+1rCJdvzD/Qk+94HXx1Br/1BLoUM= -----END CERTIFICATE-----Generated at Wed Jul 2 13:06:22 2025 by rpki-client