$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft File: IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json) Hash identifier: d1peVj/dZDj3tItU5YoTwERuj2b/0MjNqyCTAd9Bppc= Subject key identifier: DE:C2:CB:1D:84:15:BA:D4:63:1E:18:9E:69:04:43:53:52:A7:ED:B9 Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: 75 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft Manifest number: 74 Signing time: Wed 30 Jul 2025 17:49:28 +0000 Manifest this update: Wed 30 Jul 2025 17:49:28 +0000 Manifest next update: Wed 06 Aug 2025 17:49:28 +0000 Files and hashes: 1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: +2Yo/+1+OHMIjPKRDc66TAuG7yC1+8Ey98FCKlFYEpU=) 2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Aug 2025 17:49:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 117 (0x75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Validity Not Before: Jul 30 17:49:28 2025 GMT Not After : Aug 6 17:49:28 2025 GMT Subject: CN=688a5b28-801f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c9:ad:0b:1c:19:fa:c8:c2:9b:77:e3:d8:79: dd:7a:fe:bd:b3:9f:bb:21:13:60:4f:1b:d7:67:c0: 70:93:78:60:76:fb:e2:95:06:91:72:b0:f9:b1:c6: 9f:da:b1:5c:2b:e1:3e:09:8f:a8:16:bd:66:02:40: 3e:04:fd:bb:d0:4e:be:c1:b1:6e:3a:95:30:78:17: e6:ac:71:a7:45:a6:79:cd:e0:a4:f3:dd:26:e1:d8: 4b:87:31:44:2c:9b:32:f2:68:6f:8f:2b:5b:5e:32: 89:d1:9b:b2:44:89:70:65:c1:60:ba:5d:5e:8d:93: 61:41:ae:1f:95:bf:7d:98:4f:fa:a6:a4:52:2e:3f: c3:84:3f:07:d1:fd:9c:70:2e:0c:a6:59:51:8b:28: 13:3b:db:15:76:1c:66:33:f1:58:93:88:4c:d0:5b: ab:e6:2e:4a:ca:a3:18:58:be:3b:6a:fa:02:62:60: 23:82:ee:3f:d4:bb:dc:14:22:c4:40:de:81:7e:45: 42:51:39:bf:cd:4f:81:06:6f:f6:2e:25:97:25:7c: 92:eb:02:d3:8e:05:54:f5:dd:43:45:02:96:1f:61: 0d:39:a9:4c:1c:80:1f:15:0a:47:1b:92:06:eb:53: ad:e1:2c:ed:a1:21:4a:cf:05:cc:6d:5f:35:e5:86: 8c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:C2:CB:1D:84:15:BA:D4:63:1E:18:9E:69:04:43:53:52:A7:ED:B9 X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:72:a0:85:2b:4a:92:f4:8c:ae:f6:bb:b0:71:3f:c6:59:9c: f8:2f:76:eb:20:91:9a:56:25:40:95:b8:6c:38:dd:f2:81:e7: 34:65:0d:3c:54:9f:4b:47:28:f3:92:34:76:f0:08:63:50:fa: 85:e6:1c:31:98:86:fb:4e:f8:31:1e:9e:41:15:49:19:49:d3: ee:c9:d2:d0:40:cc:a9:85:8a:57:1c:bc:44:aa:c7:82:29:44: 22:c7:c4:f4:b1:ba:0b:98:4b:00:95:a1:27:4e:cb:be:a6:4a: 42:4a:d3:51:3c:81:71:d6:a9:24:4b:c7:2b:8d:ff:64:db:f8: 63:c9:4d:31:48:ad:87:fd:cd:24:51:8d:07:75:1f:b3:8c:53: 60:f4:2d:39:e7:d1:1a:ea:cd:c0:d0:a0:f6:fb:b3:17:bc:09: 7b:73:18:af:31:7d:29:8d:c8:60:96:29:39:58:b3:d8:7b:15: fb:84:b2:dd:19:1e:89:13:79:52:d5:5a:e2:bf:97:e4:9f:f1: 71:c0:be:99:55:f7:e7:06:7a:8c:ba:4a:61:0e:0e:24:83:bf: 87:ae:74:3d:11:7e:16:a9:f1:40:b9:86:fd:9f:90:3a:90:ba: 49:58:ec:3a:95:a2:d1:55:37:c0:15:82:cf:34:6c:1e:3a:7d: d5:eb:47:8e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw Q0Q1Rjg1OTAeFw0yNTA3MzAxNzQ5MjhaFw0yNTA4MDYxNzQ5MjhaMBgxFjAUBgNV BAMTDTY4OGE1YjI4LTgwMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7ya0LHBn6yMKbd+PYed16/r2zn7shE2BPG9dnwHCTeGB2++KVBpFysPmxxp/a sVwr4T4Jj6gWvWYCQD4E/bvQTr7BsW46lTB4F+ascadFpnnN4KTz3Sbh2EuHMUQs mzLyaG+PK1teMonRm7JEiXBlwWC6XV6Nk2FBrh+Vv32YT/qmpFIuP8OEPwfR/Zxw LgymWVGLKBM72xV2HGYz8ViTiEzQW6vmLkrKoxhYvjtq+gJiYCOC7j/Uu9wUIsRA 3oF+RUJROb/NT4EGb/YuJZclfJLrAtOOBVT13UNFApYfYQ05qUwcgB8VCkcbkgbr U63hLO2hIUrPBcxtXzXlhoyjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3sLLHYQV utRjHhieaQRDU1Kn7bkwHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVD MjI1L0M5NDQ3RkYwQkVGOTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZE b2xLRWJ6WERRTVF6Vi1Gay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD5yoIUrSpL0jK72u7BxP8ZZnPgvdusgkZpWJUCVuGw43fKB5zRlDTxU n0tHKPOSNHbwCGNQ+oXmHDGYhvtO+DEenkEVSRlJ0+7J0tBAzKmFilccvESqx4Ip RCLHxPSxuguYSwCVoSdOy76mSkJK01E8gXHWqSRLxyuN/2Tb+GPJTTFIrYf9zSRR jQd1H7OMU2D0LTnn0RrqzcDQoPb7sxe8CXtzGK8xfSmNyGCWKTlYs9h7FfuEst0Z HokTeVLVWuK/l+Sf8XHAvplV9+cGeoy6SmEODiSDv4eudD0Rfhap8UC5hv2fkDqQ uklY7DqVotFVN8AVgs80bB46fdXrR44= -----END CERTIFICATE-----Generated at Thu Jul 31 04:01:01 2025 by rpki-client