$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.mft File: zo4PK6SZxeWHsBXhBE8JjOYsp1g.mft (raw, json) Hash identifier: vHtYojFv3mJt5I1lvoY1WbqX+W7ZqTs+FnwXP+Mzc+s= Subject key identifier: 1E:47:DC:BE:EE:11:70:81:E0:D6:F4:DE:5A:96:44:DF:08:5E:C4:8D Authority key identifier: CE:8E:0F:2B:A4:99:C5:E5:87:B0:15:E1:04:4F:09:8C:E6:2C:A7:58 Certificate issuer: /CN=A91FA729/serialNumber=CE8E0F2BA499C5E587B015E1044F098CE62CA758 Certificate serial: 1737 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zo4PK6SZxeWHsBXhBE8JjOYsp1g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.mft Manifest number: 172D Signing time: Tue 22 Jul 2025 16:45:54 +0000 Manifest this update: Tue 22 Jul 2025 16:45:53 +0000 Manifest next update: Tue 29 Jul 2025 16:45:53 +0000 Files and hashes: 1: zo4PK6SZxeWHsBXhBE8JjOYsp1g.crl (hash: X9MURuS+Az8mIoSet0aEnFE0pKTOpd8710L1ovzbE1Q=) 2: 4A81F344C34111EB855D7C84C4F9AE02.roa (hash: uASyVgC1Cwioz2zhPx4P08otp7ZGZ17OkqWd5dxa/vo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.crl rsync://rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zo4PK6SZxeWHsBXhBE8JjOYsp1g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:45:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5943 (0x1737) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA729, serialNumber=CE8E0F2BA499C5E587B015E1044F098CE62CA758 Validity Not Before: Jul 22 16:45:53 2025 GMT Not After : Jul 29 16:45:53 2025 GMT Subject: CN=687fc042-ec44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ba:91:dd:1b:32:0c:2e:30:fc:0e:93:97:da: 95:1d:f5:82:87:13:8b:2d:f4:c0:58:cf:1b:73:91: cc:39:cf:7a:2b:17:a9:70:85:21:a9:7f:47:5e:87: af:4a:84:d5:e3:1d:3d:a8:bb:ea:f4:24:12:af:77: 73:eb:c5:10:e2:e5:8b:71:c0:51:7c:fa:f9:f6:8f: e3:1e:7a:0e:3b:20:1d:bc:ef:db:90:64:8c:c7:f1: 8c:b0:0d:af:8a:b4:36:1c:28:96:33:a1:48:87:48: bb:22:b8:b1:1d:ad:30:b5:da:7d:ff:0d:39:f5:a5: a3:a9:4c:c5:4d:28:eb:b1:7b:cf:6d:eb:99:91:be: 5f:be:7e:98:e9:dd:8f:5a:86:f6:be:a6:5c:e2:ab: 2c:1d:30:d5:6d:60:a2:0b:b9:ba:69:0d:0b:14:3f: 02:37:03:11:ae:f1:7d:1d:4a:5d:f8:61:e7:09:2d: f7:b4:29:1c:f2:d5:c9:ca:79:71:f4:43:bb:b1:d6: ab:89:18:72:2b:57:ba:f7:d9:f4:17:d2:d2:19:d9: 8a:2e:5f:05:2d:36:ec:d3:99:2c:65:02:c8:44:4e: 23:73:e7:f6:56:54:0f:e6:1e:72:14:79:63:85:d8: f2:02:6c:81:bf:5c:5a:e6:44:d3:38:ea:16:a6:ff: 85:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:47:DC:BE:EE:11:70:81:E0:D6:F4:DE:5A:96:44:DF:08:5E:C4:8D X509v3 Authority Key Identifier: keyid:CE:8E:0F:2B:A4:99:C5:E5:87:B0:15:E1:04:4F:09:8C:E6:2C:A7:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zo4PK6SZxeWHsBXhBE8JjOYsp1g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA729/28B9D01CE5F811E79A7D8433C4F9AE02/zo4PK6SZxeWHsBXhBE8JjOYsp1g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:3f:37:e5:99:e3:fe:3e:75:a8:91:38:42:fe:37:24:bd:2c: de:ef:dd:7a:01:84:fe:18:27:bd:70:6e:0c:71:f6:ee:43:c6: 0b:04:d7:a2:11:88:6b:01:78:19:b5:66:ad:57:dc:d3:e8:99: df:d8:13:fd:34:03:d7:88:f5:64:89:9c:2d:76:4b:a8:bb:d4: 87:86:b5:15:ae:ea:e7:c6:c8:13:52:2a:ea:9f:3d:c7:69:58: 69:23:e9:db:32:19:d0:a8:d2:63:40:f0:4d:7b:0f:78:69:81: 61:5a:33:0d:33:bb:9f:2e:b5:f7:9c:02:a3:3e:af:7d:9f:6c: 5c:c2:18:7f:94:b5:ea:73:1f:61:68:36:3e:f1:c9:54:bc:21: 16:06:1d:19:59:9b:d5:f2:d3:8a:6c:df:46:8e:9a:f9:41:d1: ae:3f:7c:bf:c2:ee:95:0a:cc:d5:25:0a:bf:a8:a5:f9:dd:2b: 01:c9:a1:50:94:30:b0:c9:d8:04:e5:4d:f1:7b:d1:46:48:ec: 6c:47:85:2c:d8:cb:9a:e9:aa:2c:7a:20:f6:73:cf:7b:76:3d: df:90:f5:ac:f0:b5:3c:d1:ad:d4:b8:58:24:66:03:ac:77:9a: 84:05:9e:92:42:2f:60:ba:24:d8:75:ce:1d:85:60:31:f1:ad: 46:5f:c2:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE3MjkxMTAvBgNVBAUTKENFOEUwRjJCQTQ5OUM1RTU4N0IwMTVFMTA0NEYwOThD RTYyQ0E3NTgwHhcNMjUwNzIyMTY0NTUzWhcNMjUwNzI5MTY0NTUzWjAYMRYwFAYD VQQDEw02ODdmYzA0Mi1lYzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtbqR3RsyDC4w/A6Tl9qVHfWChxOLLfTAWM8bc5HMOc96KxepcIUhqX9HXoev SoTV4x09qLvq9CQSr3dz68UQ4uWLccBRfPr59o/jHnoOOyAdvO/bkGSMx/GMsA2v irQ2HCiWM6FIh0i7IrixHa0wtdp9/w059aWjqUzFTSjrsXvPbeuZkb5fvn6Y6d2P Wob2vqZc4qssHTDVbWCiC7m6aQ0LFD8CNwMRrvF9HUpd+GHnCS33tCkc8tXJynlx 9EO7sdariRhyK1e699n0F9LSGdmKLl8FLTbs05ksZQLIRE4jc+f2VlQP5h5yFHlj hdjyAmyBv1xa5kTTOOoWpv+FuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB5H3L7u EXCB4Nb03lqWRN8IXsSNMB8GA1UdIwQYMBaAFM6ODyukmcXlh7AV4QRPCYzmLKdY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTcyOS8yOEI5RDAxQ0U1 RjgxMUU3OUE3RDg0MzNDNEY5QUUwMi96bzRQSzZTWnhlV0hzQlhoQkU4SmpPWXNw MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pvNFBLNlNaeGVXSHNCWGhCRThKak9Zc3AxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTcyOS8yOEI5RDAxQ0U1RjgxMUU3OUE3RDg0MzNDNEY5QUUwMi96bzRQSzZTWnhl V0hzQlhoQkU4SmpPWXNwMWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjPzflmeP+PnWokThC/jckvSze7916AYT+GCe9cG4McfbuQ8YLBNei EYhrAXgZtWatV9zT6Jnf2BP9NAPXiPVkiZwtdkuou9SHhrUVrurnxsgTUirqnz3H aVhpI+nbMhnQqNJjQPBNew94aYFhWjMNM7ufLrX3nAKjPq99n2xcwhh/lLXqcx9h aDY+8clUvCEWBh0ZWZvV8tOKbN9Gjpr5QdGuP3y/wu6VCszVJQq/qKX53SsByaFQ lDCwydgE5U3xe9FGSOxsR4Us2Mua6aoseiD2c897dj3fkPWs8LU80a3UuFgkZgOs d5qEBZ6SQi9guiTYdc4dhWAx8a1GX8L4 -----END CERTIFICATE-----Generated at Wed Jul 23 05:35:37 2025 by rpki-client