$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: EoonSpGrL4RMb/hclH4FlExsXC71cJieHbgWVK7ik+Y= Subject key identifier: 71:14:E6:7A:E6:9A:7B:A8:3F:FB:EB:F8:9D:86:9D:4B:D5:87:D9:A0 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 86 Signing time: Mon 21 Jul 2025 06:47:24 +0000 Manifest this update: Mon 21 Jul 2025 06:47:24 +0000 Manifest next update: Mon 28 Jul 2025 06:47:24 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: m0rsDGfsBxA4g0CSvn9j7OqCivNB4RrnO8+85eR8szY=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 06:47:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Jul 21 06:47:24 2025 GMT Not After : Jul 28 06:47:24 2025 GMT Subject: CN=687de27c-5b77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:ed:b7:2f:a5:02:a1:14:7b:39:6f:36:11:48: 00:f2:e2:95:0b:75:3c:32:81:8f:4b:16:fd:b6:7d: 47:fd:94:bc:69:a2:89:2f:4d:8e:6c:25:a2:8d:39: 28:d8:ed:37:ef:b3:32:5b:5b:26:f9:71:e6:34:1e: a3:e2:f2:0b:27:03:0d:d5:f1:d8:7e:c5:48:2d:a8: ca:b4:08:ba:3a:84:fe:b7:49:30:b8:d7:40:63:b4: 35:24:e2:a5:cc:88:b1:ca:49:37:6b:74:cc:94:c3: e4:48:df:1e:24:f1:fb:e8:5d:a5:a6:df:cd:46:d4: 8c:0c:60:4f:7f:46:13:7b:af:36:89:2a:77:92:c3: 9b:f0:a7:e1:76:b6:a1:97:2b:f4:bd:bf:cc:0f:8a: 57:ff:dc:ad:cc:df:f4:8f:d1:1e:b4:c6:aa:ef:45: 24:fa:ee:8a:e5:fb:00:12:93:e2:98:53:3c:a6:5a: 09:2f:a9:e9:7a:a8:b5:57:91:20:8e:7e:e4:ef:d4: 24:40:e4:ee:38:a7:bd:0d:b9:97:d0:c6:8a:c4:4c: 56:6f:5d:6a:4b:02:39:d0:1e:09:37:c9:29:f0:95: c2:08:1f:6a:13:88:c9:cc:8b:62:31:dc:0b:e5:dc: 04:71:56:a1:ec:fc:66:96:5a:da:d5:86:90:f0:8e: 27:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:14:E6:7A:E6:9A:7B:A8:3F:FB:EB:F8:9D:86:9D:4B:D5:87:D9:A0 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:93:c9:b1:0e:88:e6:ca:e0:74:25:96:94:30:1e:42:fb:b0: f4:9b:2c:c5:2d:35:fe:aa:24:90:84:d8:74:f5:ae:af:75:3c: ee:8a:70:bc:a5:b5:1a:8c:61:b3:61:6f:45:42:80:35:40:df: 01:68:ab:2a:45:f2:34:3e:0f:43:74:c5:65:f7:3f:bb:09:58: ba:01:9b:20:9d:ee:07:9f:18:a5:6b:1b:85:30:02:f2:da:ba: 97:1b:18:04:41:78:db:43:a3:6c:61:d0:4e:58:0a:76:c8:a1: 34:bb:5a:e7:23:40:59:55:5e:aa:87:34:cd:f9:ec:97:43:6d: 45:bc:20:97:61:77:92:60:fd:5b:b9:c0:e6:e1:1a:d7:0f:b1: a4:bc:dd:03:99:91:da:19:d4:81:9d:31:60:15:6e:47:f9:c3: 34:cd:17:61:2a:32:db:96:2e:f7:26:90:6c:12:5e:1f:6b:92: f6:8b:aa:fd:3e:d3:0b:f5:b5:57:01:6c:02:59:17:9f:9a:98: 7b:67:5f:7c:8a:11:43:3b:48:4d:08:77:98:1e:7c:3a:79:8b: 30:aa:ee:9f:ea:20:b5:9a:32:ad:72:6c:1b:29:ae:7e:88:1b: 86:04:ca:59:c9:18:c0:71:73:cd:8f:ea:6b:b2:78:64:87:6a: 76:6a:20:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUwNzIxMDY0NzI0WhcNMjUwNzI4MDY0NzI0WjAYMRYwFAYD VQQDEw02ODdkZTI3Yy01Yjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2+23L6UCoRR7OW82EUgA8uKVC3U8MoGPSxb9tn1H/ZS8aaKJL02ObCWijTko 2O0377MyW1sm+XHmNB6j4vILJwMN1fHYfsVILajKtAi6OoT+t0kwuNdAY7Q1JOKl zIixykk3a3TMlMPkSN8eJPH76F2lpt/NRtSMDGBPf0YTe682iSp3ksOb8Kfhdrah lyv0vb/MD4pX/9ytzN/0j9EetMaq70Uk+u6K5fsAEpPimFM8ploJL6npeqi1V5Eg jn7k79QkQOTuOKe9DbmX0MaKxExWb11qSwI50B4JN8kp8JXCCB9qE4jJzItiMdwL 5dwEcVah7Pxmllra1YaQ8I4nLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHEU5nrm mnuoP/vr+J2GnUvVh9mgMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOk8mxDojmyuB0JZaUMB5C+7D0myzFLTX+qiSQhNh09a6vdTzuinC8 pbUajGGzYW9FQoA1QN8BaKsqRfI0Pg9DdMVl9z+7CVi6AZsgne4HnxilaxuFMALy 2rqXGxgEQXjbQ6NsYdBOWAp2yKE0u1rnI0BZVV6qhzTN+eyXQ21FvCCXYXeSYP1b ucDm4RrXD7GkvN0DmZHaGdSBnTFgFW5H+cM0zRdhKjLbli73JpBsEl4fa5L2i6r9 PtML9bVXAWwCWRefmph7Z198ihFDO0hNCHeYHnw6eYswqu6f6iC1mjKtcmwbKa5+ iBuGBMpZyRjAcXPNj+prsnhkh2p2aiC5 -----END CERTIFICATE-----Generated at Mon Jul 21 12:39:21 2025 by rpki-client