$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: BYkk6ZVLbFj++3AT/ot10MvlPAdoxSq2EM4msY+s350= Subject key identifier: 56:82:37:BB:58:F0:05:17:BD:89:E4:5C:8E:57:09:3F:C5:67:02:12 Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CA9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CA3 Signing time: Sun 20 Jul 2025 18:14:45 +0000 Manifest this update: Sun 20 Jul 2025 18:14:44 +0000 Manifest next update: Sun 27 Jul 2025 18:14:44 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: BmZEue4ecoR5zx6nKVbdtcFXE+2zODU64mL8FoAXAn0=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 18:14:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3241 (0xca9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Jul 20 18:14:44 2025 GMT Not After : Jul 27 18:14:44 2025 GMT Subject: CN=687d3214-8c3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:a9:ca:62:d6:d7:19:9a:b6:05:c5:ce:e7:f4: 1b:3e:a8:24:ed:ca:97:d0:83:10:f9:e4:48:6a:4e: 8f:ce:fb:9c:a1:5d:f9:db:42:da:e4:8a:2d:d8:b8: c6:18:e8:38:a7:c3:36:84:52:7d:15:34:11:cf:f2: 3d:e5:12:55:f0:9a:21:46:9f:7b:16:ca:e2:e2:8d: 5e:3a:f4:a5:10:2c:e4:fa:59:ec:6e:8f:2c:db:39: 5f:43:c1:e0:50:68:3e:9f:e0:c9:cc:45:21:5e:6f: 36:81:d4:52:fb:2f:ee:29:52:34:fb:f9:ad:6f:5d: 23:17:e4:c8:04:82:57:2f:ab:bf:64:0a:66:99:5c: 64:f6:97:0b:26:1f:d8:a5:d3:52:b3:33:56:9b:d2: c4:58:79:9c:72:d3:bb:73:3e:cf:12:0d:40:df:8e: 0b:38:47:51:4a:cc:b5:38:38:3a:d3:8c:dd:78:0d: 85:18:41:a5:31:1c:e7:e8:21:60:f1:0a:bd:c3:b5: a3:ef:67:c0:a3:5a:00:9a:4a:d4:91:d2:95:da:ef: 0d:53:43:55:19:4f:3b:4a:7d:ed:f7:29:fa:03:bc: af:0a:86:71:de:78:7b:13:fe:6c:4e:7a:1c:f9:fa: 9f:79:94:70:88:90:52:4c:66:9e:c3:60:e6:7c:ea: e0:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:82:37:BB:58:F0:05:17:BD:89:E4:5C:8E:57:09:3F:C5:67:02:12 X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:71:13:57:74:2f:23:4a:09:69:a2:b8:11:c1:57:ee:dd:45: 15:9a:b4:aa:1f:3a:ab:ac:7c:b5:ef:d2:4e:2b:3a:2f:90:ff: ac:37:45:50:ac:ef:e8:e8:76:af:85:7a:74:c1:fa:68:df:0f: fd:59:fd:c3:c2:0d:4d:d7:65:7d:12:58:46:0b:73:09:ce:86: a3:de:c6:62:3f:ea:87:3c:58:e2:84:62:94:bf:85:03:c7:1c: 52:55:d7:73:c4:cc:f7:c9:d5:f4:88:31:35:a0:9a:29:7a:0d: 10:fb:1e:2f:d2:32:24:d4:48:2b:0f:88:dd:ff:02:52:63:76: 9a:23:5f:a1:b9:7f:8a:f0:23:40:86:20:9f:a8:4e:da:e6:d0: 21:5b:a6:4a:7b:cc:3d:31:14:a2:97:8b:84:c1:57:ac:d4:f6: de:78:b0:e9:98:20:e5:49:59:e8:41:c8:a0:9c:cb:11:80:23: a0:71:b4:92:27:77:79:51:85:a6:3d:a4:20:03:22:bb:4e:76: a1:d1:93:dc:bb:90:1d:a0:e0:59:74:b6:3f:22:14:fa:d4:ad: 61:df:71:54:be:0c:5a:bb:22:62:b0:58:f7:4b:5c:99:f7:52: 4f:17:24:17:94:50:f6:ad:2d:cf:a7:95:0b:e5:5e:3b:84:a1: 92:a6:d6:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUwNzIwMTgxNDQ0WhcNMjUwNzI3MTgxNDQ0WjAYMRYwFAYD VQQDEw02ODdkMzIxNC04YzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4qnKYtbXGZq2BcXO5/QbPqgk7cqX0IMQ+eRIak6PzvucoV3520La5Iot2LjG GOg4p8M2hFJ9FTQRz/I95RJV8JohRp97Fsri4o1eOvSlECzk+lnsbo8s2zlfQ8Hg UGg+n+DJzEUhXm82gdRS+y/uKVI0+/mtb10jF+TIBIJXL6u/ZApmmVxk9pcLJh/Y pdNSszNWm9LEWHmcctO7cz7PEg1A344LOEdRSsy1ODg604zdeA2FGEGlMRzn6CFg 8Qq9w7Wj72fAo1oAmkrUkdKV2u8NU0NVGU87Sn3t9yn6A7yvCoZx3nh7E/5sTnoc +fqfeZRwiJBSTGaew2DmfOrg5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFaCN7tY 8AUXvYnkXI5XCT/FZwISMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFcRNXdC8jSglporgRwVfu3UUVmrSqHzqrrHy179JOKzovkP+sN0VQ rO/o6HavhXp0wfpo3w/9Wf3Dwg1N12V9ElhGC3MJzoaj3sZiP+qHPFjihGKUv4UD xxxSVddzxMz3ydX0iDE1oJopeg0Q+x4v0jIk1EgrD4jd/wJSY3aaI1+huX+K8CNA hiCfqE7a5tAhW6ZKe8w9MRSil4uEwVes1PbeeLDpmCDlSVnoQcignMsRgCOgcbSS J3d5UYWmPaQgAyK7Tnah0ZPcu5AdoOBZdLY/IhT61K1h33FUvgxauyJisFj3S1yZ 91JPFyQXlFD2rS3Pp5UL5V47hKGSptY9 -----END CERTIFICATE-----Generated at Sun Jul 20 21:57:47 2025 by rpki-client