$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: wPQ/DA+hQ2imEBS7hJLYUx1uXA6Ho6+Yodf98zzoO/o= Subject key identifier: CA:1E:07:77:2E:56:D6:D5:20:CC:32:F0:F5:B2:AA:A8:3B:96:C1:C0 Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: 72 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: 71 Signing time: Sat 19 Jul 2025 07:08:45 +0000 Manifest this update: Sat 19 Jul 2025 07:08:45 +0000 Manifest next update: Sat 26 Jul 2025 07:08:45 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: 44jrH7Jpf3V4k37f3k5B7RMm80Ep2ZLEqrswOZzbJqk=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:08:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 114 (0x72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Jul 19 07:08:45 2025 GMT Not After : Jul 26 07:08:45 2025 GMT Subject: CN=687b447d-f282 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ab:1c:31:91:e4:45:23:21:31:e5:5b:6a:ac: 6e:70:f1:10:b5:8e:98:b9:68:99:57:9e:f1:2d:b1: 8b:88:9f:57:03:61:73:37:c8:85:b1:27:80:7c:d2: ee:20:d2:c3:ec:e9:64:17:e0:2d:5d:82:b3:7b:3a: 7c:a6:be:28:c5:ab:e0:e5:9c:be:b4:f7:23:b8:3c: 41:81:01:f0:f7:0b:65:42:02:cd:b8:b1:03:13:eb: 9e:15:56:5d:40:a8:56:ec:fc:84:7b:6a:ec:8b:f6: bc:2a:fc:81:f6:e1:e9:4d:cd:cf:57:78:e9:f8:97: 4d:4e:ba:43:39:20:8c:94:9c:2e:b6:ba:00:ec:45: d1:93:08:e9:ff:31:8a:25:0c:02:b8:6b:c1:22:4a: 5b:a6:d8:4d:7d:1d:b0:bd:3f:af:7d:f9:3b:2c:4e: 56:27:ef:7e:19:a0:f4:85:ff:8a:0e:6c:bc:eb:1c: 82:d2:ff:ab:42:66:0a:be:f6:0a:56:8c:a3:fc:2a: 06:e0:42:68:e5:6d:b4:e5:cd:f1:75:cc:de:12:b5: 8b:e2:6b:58:55:74:03:ad:1f:1a:ff:24:1a:ea:dd: 7a:d2:5f:92:9c:ea:8d:1b:71:04:41:aa:7c:27:8c: 97:d0:1f:ae:7a:4e:f5:82:c3:d6:38:06:99:e2:98: 91:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1E:07:77:2E:56:D6:D5:20:CC:32:F0:F5:B2:AA:A8:3B:96:C1:C0 X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:01:8f:09:cc:e2:d1:8b:c6:6c:7d:10:cd:94:d2:c5:24:ba: 86:7c:71:a0:3f:b1:f8:bb:b2:81:44:1d:6e:1a:cd:ff:d9:8e: 0a:f0:2e:58:22:4f:c6:ea:77:c4:41:07:1c:b2:33:9d:5c:1c: c9:e1:3b:5a:76:10:1a:c4:40:aa:14:bc:03:01:34:bb:3d:55: 4a:b1:27:4c:8d:8f:01:37:59:33:36:eb:82:3c:08:32:71:76: 98:0a:07:c7:34:35:72:92:ad:2c:d4:38:fc:02:35:23:b8:8d: b3:eb:70:df:3d:3a:11:20:0d:0a:6d:c3:f2:c6:6e:7a:f3:71: f4:40:e3:bb:06:90:67:f7:3c:1d:af:57:ef:a3:e9:18:37:ca: ad:f1:9c:2b:71:77:4f:95:80:ae:3f:93:9a:21:60:59:5d:51: 9e:e9:2f:10:d5:c6:62:96:9e:15:95:bc:27:09:88:48:76:3f: 15:92:ca:65:d7:e5:d8:53:98:dc:18:ea:3e:5e:fe:a3:5d:53: 09:7e:f3:1e:f5:44:b6:8b:b8:ef:89:59:e5:e5:01:fe:eb:b2: 52:84:91:45:90:03:e6:2a:bb:3c:40:9a:58:aa:4b:79:df:fd: cf:e1:b5:40:ad:b4:1f:4e:f1:84:37:70:f9:7b:22:30:e2:a7: b0:02:0c:cd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODM3QjExMC8GA1UEBRMoRkEyMjgwMUM1MkFFMkE1RkM0OTFCN0NCRUJFNjhFRkNB MkM4RDFEOTAeFw0yNTA3MTkwNzA4NDVaFw0yNTA3MjYwNzA4NDVaMBgxFjAUBgNV BAMTDTY4N2I0NDdkLWYyODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUqxwxkeRFIyEx5VtqrG5w8RC1jpi5aJlXnvEtsYuIn1cDYXM3yIWxJ4B80u4g 0sPs6WQX4C1dgrN7OnymvijFq+DlnL609yO4PEGBAfD3C2VCAs24sQMT654VVl1A qFbs/IR7auyL9rwq/IH24elNzc9XeOn4l01OukM5IIyUnC62ugDsRdGTCOn/MYol DAK4a8EiSlum2E19HbC9P699+TssTlYn734ZoPSF/4oObLzrHILS/6tCZgq+9gpW jKP8KgbgQmjlbbTlzfF1zN4StYvia1hVdAOtHxr/JBrq3XrSX5Kc6o0bcQRBqnwn jJfQH656TvWCw9Y4BpnimJEjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyh4Hdy5W 1tUgzDLw9bKqqDuWwcAwHwYDVR0jBBgwFoAU+iKAHFKuKl/EkbfL6+aO/KLI0dkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MzdCLzE1OEQ3RjNDQjk5 QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvLWlLQUhGS3VLbF9Fa2JmTDYtYU9fS0xJMGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 MzdCLzE1OEQ3RjNDQjk5QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xf RWtiZkw2LWFPX0tMSTBkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIoBjwnM4tGLxmx9EM2U0sUkuoZ8caA/sfi7soFEHW4azf/ZjgrwLlgi T8bqd8RBBxyyM51cHMnhO1p2EBrEQKoUvAMBNLs9VUqxJ0yNjwE3WTM264I8CDJx dpgKB8c0NXKSrSzUOPwCNSO4jbPrcN89OhEgDQptw/LGbnrzcfRA47sGkGf3PB2v V++j6Rg3yq3xnCtxd0+VgK4/k5ohYFldUZ7pLxDVxmKWnhWVvCcJiEh2PxWSymXX 5dhTmNwY6j5e/qNdUwl+8x71RLaLuO+JWeXlAf7rslKEkUWQA+YquzxAmliqS3nf /c/htUCttB9O8YQ3cPl7IjDip7ACDM0= -----END CERTIFICATE-----Generated at Sun Jul 20 18:51:12 2025 by rpki-client