$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: QayNo7yUriqCd/Kf8s+YQS+tyDctgi1NLPgoJoHtBCQ= Subject key identifier: 2F:AD:35:07:FA:52:89:78:2B:C6:58:BB:05:42:D4:27:4B:F8:FE:12 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 3584 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3500 Signing time: Mon 30 Jun 2025 14:16:18 +0000 Manifest this update: Mon 30 Jun 2025 14:16:18 +0000 Manifest next update: Mon 07 Jul 2025 14:16:18 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: QU2ZUMdAyUBNAlG1jkJJV+5IMuJL8P8h59OJhDHUXf8=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13700 (0x3584) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Jun 30 14:16:18 2025 GMT Not After : Jul 7 14:16:18 2025 GMT Subject: CN=68629c32-ecc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:db:89:e0:9f:00:1e:21:e1:0d:c6:81:8c:33: e9:92:1d:e5:a3:db:7a:a6:34:3b:08:73:97:d4:90: 73:a1:e4:83:1f:ed:42:40:58:c1:2f:23:2e:27:64: c2:1b:37:42:cb:5c:f6:f9:ad:13:7f:d2:0c:13:0b: d5:e9:1c:36:f3:bc:a1:2a:a6:43:87:b5:6d:58:57: a4:7d:8c:31:3c:75:4a:84:0a:7a:6c:4c:d4:0f:b8: b8:e4:ea:45:93:62:74:6c:63:95:85:63:81:2e:de: 7a:28:84:70:f4:04:49:b7:e1:2c:d8:2b:2c:19:6d: 7b:72:61:77:d7:04:af:10:a2:18:d7:69:f0:a5:91: c1:76:2b:00:2c:ee:0b:9a:7e:3a:77:05:16:dd:63: cb:c5:31:05:0c:6b:9c:96:58:ff:eb:f9:59:31:70: 42:ff:a4:38:5a:72:60:43:dd:90:2f:0d:11:ef:8f: d4:38:2b:47:05:64:44:dd:2e:04:60:58:fd:69:6c: 9d:d5:17:07:23:8a:ee:bf:62:d6:f7:39:a0:6f:31: 19:dc:eb:11:6a:e8:5f:a0:4a:3a:dc:9b:e1:02:d1: 4f:6d:65:06:f1:5d:6d:a0:20:b8:10:2d:d6:72:41: b6:dd:73:17:ff:b1:6f:16:db:aa:bb:95:00:b2:ea: 12:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:AD:35:07:FA:52:89:78:2B:C6:58:BB:05:42:D4:27:4B:F8:FE:12 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:d9:ac:ab:79:e0:c1:73:62:72:a2:4c:8e:35:2e:c6:21:64: 56:51:24:f8:d2:dd:c8:9b:24:d6:22:0f:6c:15:af:f5:fe:1d: f2:5c:ba:d8:9a:f0:e1:b4:ec:a8:40:2c:ca:07:44:bf:99:e4: 8d:22:45:dd:50:36:de:cd:8e:a4:72:a5:7a:1e:46:42:48:59: 26:7b:9b:7c:33:f6:24:3b:c7:a0:f5:ac:9a:87:29:3f:a8:36: 79:51:54:5b:e7:e6:b7:89:76:db:17:19:5f:6a:e1:d2:02:e9: 60:94:92:7d:d2:18:93:41:b5:01:ce:c0:1f:58:41:2f:a9:11: e0:a5:02:45:e4:4e:a3:c8:3d:10:d7:55:ba:4a:55:36:47:05: 11:66:45:6d:40:66:94:48:16:ad:fd:30:f9:7b:32:14:1a:dd: f1:69:c3:cf:67:3b:7d:bc:46:0c:56:48:bf:0c:c9:6b:a1:62: 8b:70:87:74:37:44:a6:83:d9:20:89:84:e3:b3:53:48:c7:e4: 0b:1d:bd:7b:fe:f1:fe:d6:fa:c9:7a:f6:07:29:6e:c1:7b:8c: 7b:a9:76:fc:9c:01:0e:6b:4e:3b:a6:75:d8:94:b7:74:ed:2d: ce:b6:ea:88:e5:bd:fa:70:06:dc:47:c0:75:7c:6d:de:e7:4c: 56:37:7f:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwNjMwMTQxNjE4WhcNMjUwNzA3MTQxNjE4WjAYMRYwFAYD VQQDEw02ODYyOWMzMi1lY2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9uJ4J8AHiHhDcaBjDPpkh3lo9t6pjQ7CHOX1JBzoeSDH+1CQFjBLyMuJ2TC GzdCy1z2+a0Tf9IMEwvV6Rw287yhKqZDh7VtWFekfYwxPHVKhAp6bEzUD7i45OpF k2J0bGOVhWOBLt56KIRw9ARJt+Es2CssGW17cmF31wSvEKIY12nwpZHBdisALO4L mn46dwUW3WPLxTEFDGucllj/6/lZMXBC/6Q4WnJgQ92QLw0R74/UOCtHBWRE3S4E YFj9aWyd1RcHI4ruv2LW9zmgbzEZ3OsRauhfoEo63JvhAtFPbWUG8V1toCC4EC3W ckG23XMX/7FvFtuqu5UAsuoSywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC+tNQf6 Uol4K8ZYuwVC1CdL+P4SMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZ2ayreeDBc2JyokyONS7GIWRWUST40t3ImyTWIg9sFa/1/h3yXLrY mvDhtOyoQCzKB0S/meSNIkXdUDbezY6kcqV6HkZCSFkme5t8M/YkO8eg9ayahyk/ qDZ5UVRb5+a3iXbbFxlfauHSAulglJJ90hiTQbUBzsAfWEEvqRHgpQJF5E6jyD0Q 11W6SlU2RwURZkVtQGaUSBat/TD5ezIUGt3xacPPZzt9vEYMVki/DMlroWKLcId0 N0Smg9kgiYTjs1NIx+QLHb17/vH+1vrJevYHKW7Be4x7qXb8nAEOa047pnXYlLd0 7S3OtuqI5b36cAbcR8B1fG3e50xWN399 -----END CERTIFICATE-----Generated at Tue Jul 1 19:16:59 2025 by rpki-client