$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft File: 71OR8qIt1l9IQxoyJt3MZbdllqk.mft (raw, json) Hash identifier: aWwVAGyoOmYbzesd7iBi3Mx0oYqzZUIuDVY9wUdTVHc= Subject key identifier: A0:13:2E:22:AF:26:79:DF:5D:C7:81:25:A0:AE:B1:0D:B3:95:B8:57 Authority key identifier: EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 Certificate issuer: /CN=A9157DA9/serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft Manifest number: A2 Signing time: Sat 21 Jun 2025 05:15:39 +0000 Manifest this update: Sat 21 Jun 2025 05:15:38 +0000 Manifest next update: Sat 28 Jun 2025 05:15:38 +0000 Files and hashes: 1: 71OR8qIt1l9IQxoyJt3MZbdllqk.crl (hash: tbjZZMMNGFibwnser3Vy24hmhjbPbl66dFr0C82SVjA=) 2: 897F96FC5A1811EFAF24E138C4F9AE02.roa (hash: V/66FKVQueBWCxe2q60voG68SskFvIkojTU44XWkp4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA9, serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Validity Not Before: Jun 21 05:15:38 2025 GMT Not After : Jun 28 05:15:38 2025 GMT Subject: CN=68563ffb-8dcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:bf:cb:95:c3:5f:73:d8:8a:4c:7d:00:9b:a2: 94:ad:d0:4f:b6:01:8d:46:9b:65:bc:4a:49:5e:dd: 56:4c:f0:ee:fa:3c:3c:6f:0a:1e:cc:b6:61:5f:d4: 24:f3:49:e8:b2:f3:5a:fa:81:1e:59:54:48:1b:53: f9:d1:48:87:fe:66:ed:55:ed:ba:fb:7f:5e:a6:2d: b7:02:ae:fd:90:4e:47:51:23:94:44:dd:f3:0f:3f: 04:02:ba:ca:6d:76:c6:cf:92:67:bb:79:1f:5c:e4: 46:ce:6b:3b:33:63:88:7f:52:8f:4b:9e:39:bc:e1: c7:db:96:cc:9f:62:4a:61:07:43:dc:28:8b:bb:d8: 62:51:bd:d8:f5:0d:64:f6:35:04:1d:be:e2:3f:90: 92:0e:23:44:c4:3a:16:08:9a:d4:c3:33:25:26:f7: 73:70:40:c6:23:c7:ce:f9:9b:65:ba:5a:53:17:77: 7b:66:df:ce:de:af:40:30:0a:40:33:04:86:19:91: c1:88:30:03:81:6c:69:b9:66:bf:bb:d6:1e:d6:c6: e6:4f:5c:0d:50:34:d9:99:3f:21:65:13:78:88:de: 5c:bd:1d:48:2a:01:8e:8c:c5:14:e0:04:b6:14:cd: 0d:58:eb:89:03:ea:c9:b9:06:eb:89:62:87:f6:c4: 14:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:13:2E:22:AF:26:79:DF:5D:C7:81:25:A0:AE:B1:0D:B3:95:B8:57 X509v3 Authority Key Identifier: keyid:EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:af:9a:b6:84:b3:13:f3:d9:c3:e9:4e:1f:02:f1:43:07:1d: 61:ea:c6:72:3f:12:79:b3:68:f9:2e:22:4b:9f:00:f8:c2:5a: 26:f2:c5:82:31:da:7a:0e:23:4f:da:19:8c:13:53:ba:2d:fc: 5d:12:0b:12:78:54:d2:c2:c9:48:5b:9c:7a:0f:82:72:30:ee: 05:6e:ea:49:f1:cc:ee:21:3e:a6:2f:d4:0b:c8:6a:be:75:7f: ab:f3:43:2f:22:50:e5:e0:ab:b8:36:de:a9:49:83:45:ce:ea: a7:02:01:e4:b7:f3:4f:ce:b0:d0:6c:d5:df:d0:2c:12:e8:35: ac:66:6b:ac:c4:4d:1d:45:86:a2:11:ca:66:38:a9:7a:1c:b4: c2:7d:f9:13:71:55:71:c6:99:55:d0:12:33:72:1c:e4:8a:cd: 53:98:b1:db:59:f6:c1:0b:83:c2:41:4b:12:d8:5e:d6:73:d9: 6d:15:f9:f8:77:0d:fc:03:2c:46:25:e8:41:0f:75:1b:dc:df: b8:dd:df:df:8b:e0:78:f2:02:59:98:82:b1:21:ae:27:6f:82: f9:fb:7d:07:84:ab:fc:75:77:19:d8:75:bc:b6:36:67:93:62: 8c:78:97:fe:24:03:77:1d:27:4b:3d:95:b3:d2:8d:bd:0e:97: 6a:9c:b1:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTkxMTAvBgNVBAUTKEVGNTM5MUYyQTIyREQ2NUY0ODQzMUEzMjI2RERDQzY1 Qjc2NTk2QTkwHhcNMjUwNjIxMDUxNTM4WhcNMjUwNjI4MDUxNTM4WjAYMRYwFAYD VQQDEw02ODU2M2ZmYi04ZGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA27/LlcNfc9iKTH0Am6KUrdBPtgGNRptlvEpJXt1WTPDu+jw8bwoezLZhX9Qk 80nosvNa+oEeWVRIG1P50UiH/mbtVe26+39epi23Aq79kE5HUSOURN3zDz8EArrK bXbGz5Jnu3kfXORGzms7M2OIf1KPS545vOHH25bMn2JKYQdD3CiLu9hiUb3Y9Q1k 9jUEHb7iP5CSDiNExDoWCJrUwzMlJvdzcEDGI8fO+ZtlulpTF3d7Zt/O3q9AMApA MwSGGZHBiDADgWxpuWa/u9Ye1sbmT1wNUDTZmT8hZRN4iN5cvR1IKgGOjMUU4AS2 FM0NWOuJA+rJuQbriWKH9sQU2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKATLiKv JnnfXceBJaCusQ2zlbhXMB8GA1UdIwQYMBaAFO9TkfKiLdZfSEMaMibdzGW3ZZap MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBOS80MjNFMUFENDVB MTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFsOUlReG95SnQzTVpiZGxs cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcxT1I4cUl0MWw5SVF4b3lKdDNNWmJkbGxxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBOS80MjNFMUFENDVBMTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFs OUlReG95SnQzTVpiZGxscWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTr5q2hLMT89nD6U4fAvFDBx1h6sZyPxJ5s2j5LiJLnwD4wlom8sWC Mdp6DiNP2hmME1O6LfxdEgsSeFTSwslIW5x6D4JyMO4FbupJ8czuIT6mL9QLyGq+ dX+r80MvIlDl4Ku4Nt6pSYNFzuqnAgHkt/NPzrDQbNXf0CwS6DWsZmusxE0dRYai EcpmOKl6HLTCffkTcVVxxplV0BIzchzkis1TmLHbWfbBC4PCQUsS2F7Wc9ltFfn4 dw38AyxGJehBD3Ub3N+43d/fi+B48gJZmIKxIa4nb4L5+30HhKv8dXcZ2HW8tjZn k2KMeJf+JAN3HSdLPZWz0o29DpdqnLH2 -----END CERTIFICATE-----Generated at Sat Jun 21 07:17:41 2025 by rpki-client