$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: ZnGfHajJLzK7RohF6m0sK0qpXO7KwdLlKKi6QitcIzQ= Subject key identifier: 35:E4:A7:57:07:8E:EB:67:D1:BB:E4:8C:CF:BC:22:BF:8E:DA:BD:55 Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0507 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 04FD Signing time: Sat 05 Jul 2025 00:09:22 +0000 Manifest this update: Sat 05 Jul 2025 00:09:22 +0000 Manifest next update: Sat 12 Jul 2025 00:09:22 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: 6pwX1nQym4XVAv4JnT6hQwKtLYQsYHfiS6PDFr7oQ7w=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1287 (0x507) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Jul 5 00:09:22 2025 GMT Not After : Jul 12 00:09:22 2025 GMT Subject: CN=68686d32-d8e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6c:97:08:74:24:dd:29:5d:da:d1:8e:be:fd: cd:6b:46:f4:f1:df:19:8c:67:98:a3:4a:1d:2d:7a: 50:dc:73:75:95:f0:7d:a4:c7:6d:15:bb:11:ef:57: 1d:1a:55:6d:86:ac:86:14:13:a7:61:a2:d4:b4:28: b9:3c:3c:cc:d3:2a:33:e3:09:44:52:77:7b:23:fa: df:b5:47:8e:d3:b3:77:75:73:c4:7b:6b:35:00:e0: b8:7d:c9:cc:02:9e:56:42:68:f9:42:1d:70:c7:82: 80:a2:78:66:01:ec:b2:16:da:4f:b5:52:9d:f2:41: e7:c9:2c:85:53:66:33:d3:26:c0:ea:0f:0a:4d:76: c7:5f:5c:3d:f2:e9:69:0e:67:94:f2:45:1e:d4:66: f1:eb:1d:93:c4:fe:65:b6:54:b6:0c:7b:a8:b9:aa: 23:52:a3:e4:15:d1:90:00:b4:eb:7b:f0:86:ba:21: a9:72:d4:fc:87:ac:f6:e7:60:79:09:87:36:1e:75: a0:6d:ef:47:ad:b9:56:d0:4e:9e:9a:a4:a9:02:13: 86:2e:f9:c4:a3:da:e5:62:f4:15:79:99:7b:41:57: 15:3f:a6:66:9a:18:d8:96:5e:05:fb:07:25:b3:3e: 8f:1d:2e:4f:e3:a9:db:5f:3b:30:8a:31:c0:ea:b3: 51:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:E4:A7:57:07:8E:EB:67:D1:BB:E4:8C:CF:BC:22:BF:8E:DA:BD:55 X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:a1:7c:a7:88:99:b8:4d:16:6b:a3:62:f3:98:8c:93:d1:96: ea:3e:65:1c:5a:32:dd:ad:88:06:7f:01:83:fb:af:58:df:81: 1b:62:1f:a4:42:3a:fd:6a:ca:9b:71:a1:ef:fc:56:40:da:0c: a5:c3:37:94:a4:c4:ad:d2:8f:97:46:38:8f:d8:b7:76:98:99: 40:21:0f:83:7a:4e:e8:75:3f:35:05:7f:b9:d0:08:0c:48:ab: ae:b2:96:81:a8:cb:60:48:70:d1:b5:76:5c:6f:7f:72:97:05: 3c:72:28:9c:c8:84:d2:60:ad:4d:a9:bc:32:e7:47:7f:48:2b: ad:33:be:5d:53:d4:dd:cb:0f:42:2f:50:c0:d9:b7:e6:56:fd: ed:dc:d5:0e:9a:a9:53:ab:07:7f:82:6d:33:60:b4:d1:54:f8: 5e:24:4b:50:41:ea:2a:33:a4:a4:7d:0d:60:5b:3a:22:24:d7: 53:59:ea:80:45:7b:d0:02:a7:c8:1f:98:cb:db:15:f3:ec:83: e7:61:ef:ad:e3:28:15:50:35:8f:6a:5b:4a:bf:d4:88:84:f9: 3f:e3:c1:bc:50:1d:28:40:8d:8a:33:3b:0e:77:d3:a7:14:9d: 3b:39:78:63:c0:eb:cf:e9:15:25:41:58:4d:c2:b2:54:12:5b: b7:6d:9b:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwNzA1MDAwOTIyWhcNMjUwNzEyMDAwOTIyWjAYMRYwFAYD VQQDEw02ODY4NmQzMi1kOGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw2yXCHQk3Sld2tGOvv3Na0b08d8ZjGeYo0odLXpQ3HN1lfB9pMdtFbsR71cd GlVthqyGFBOnYaLUtCi5PDzM0yoz4wlEUnd7I/rftUeO07N3dXPEe2s1AOC4fcnM Ap5WQmj5Qh1wx4KAonhmAeyyFtpPtVKd8kHnySyFU2Yz0ybA6g8KTXbHX1w98ulp DmeU8kUe1Gbx6x2TxP5ltlS2DHuouaojUqPkFdGQALTre/CGuiGpctT8h6z252B5 CYc2HnWgbe9HrblW0E6emqSpAhOGLvnEo9rlYvQVeZl7QVcVP6ZmmhjYll4F+wcl sz6PHS5P46nbXzswijHA6rNRKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDXkp1cH jutn0bvkjM+8Ir+O2r1VMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHoXyniJm4TRZro2LzmIyT0ZbqPmUcWjLdrYgGfwGD+69Y34EbYh+k Qjr9asqbcaHv/FZA2gylwzeUpMSt0o+XRjiP2Ld2mJlAIQ+Dek7odT81BX+50AgM SKuuspaBqMtgSHDRtXZcb39ylwU8ciicyITSYK1Nqbwy50d/SCutM75dU9Tdyw9C L1DA2bfmVv3t3NUOmqlTqwd/gm0zYLTRVPheJEtQQeoqM6SkfQ1gWzoiJNdTWeqA RXvQAqfIH5jL2xXz7IPnYe+t4ygVUDWPaltKv9SIhPk/48G8UB0oQI2KMzsOd9On FJ07OXhjwOvP6RUlQVhNwrJUElu3bZvN -----END CERTIFICATE-----Generated at Sat Jul 5 18:39:52 2025 by rpki-client