$ rpki-client -vvf rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft File: J3d5rGk2otMhSl8XQCE_25JWxqM.mft (raw, json) Hash identifier: 38hZffKaGMrs3Hu4aNnj6NCfCVFR3wlM7/QJZWHRkZs= Subject key identifier: 29:63:E6:AF:C2:AC:DE:04:F5:68:E3:E1:5A:FC:7F:65:72:72:6C:AC Authority key identifier: 27:77:79:AC:69:36:A2:D3:21:4A:5F:17:40:21:3F:DB:92:56:C6:A3 Certificate issuer: /CN=A91770B7/serialNumber=277779AC6936A2D3214A5F1740213FDB9256C6A3 Certificate serial: 02A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft Manifest number: 02A0 Signing time: Sun 03 Aug 2025 02:09:08 +0000 Manifest this update: Sun 03 Aug 2025 02:09:08 +0000 Manifest next update: Sun 10 Aug 2025 02:09:08 +0000 Files and hashes: 1: J3d5rGk2otMhSl8XQCE_25JWxqM.crl (hash: sv0ZKqr1RzhFAegDq6mfW9m3FBPd0Pndmp3OfvR+FiI=) 2: 2841A0CE0BE111ED9E3AA135C4F9AE02.roa (hash: hJkxXQfC6FPhKQvUl8F7nqWwJZPrWQsil7QshGWSWw0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.crl rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 02:09:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 677 (0x2a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91770B7, serialNumber=277779AC6936A2D3214A5F1740213FDB9256C6A3 Validity Not Before: Aug 3 02:09:08 2025 GMT Not After : Aug 10 02:09:08 2025 GMT Subject: CN=688ec4c4-8417 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b1:14:9a:58:1d:4d:28:ca:ad:06:b2:45:1d: d3:51:6d:48:14:c5:d0:6a:7f:52:f3:d4:4c:b7:c0: 99:8c:59:ec:dd:8f:9d:aa:4f:8f:05:a8:ee:2a:aa: da:65:92:59:bb:c2:72:3e:47:1b:db:e7:1c:b7:0a: e3:8b:40:c2:79:21:dc:f6:e2:74:ee:0e:2f:e0:1a: 26:7a:73:75:05:2d:b3:ab:19:92:20:d8:34:ac:d7: db:8e:70:f7:4a:60:61:f1:7a:a2:a3:c6:59:ac:1e: 9f:0e:ae:c4:1d:4a:d6:ce:3a:9b:53:56:17:7f:8a: 24:26:43:65:94:63:52:32:9f:0b:2f:27:16:c5:85: d3:05:2f:62:f4:74:dd:31:11:7b:62:b1:d3:8e:66: 05:a0:ee:03:42:19:8a:1c:fe:6a:8e:18:97:63:ed: 4d:fd:e1:bf:c4:27:4c:3d:00:cb:62:56:b5:0a:dd: 96:e8:61:f8:26:50:33:5c:74:ff:c4:26:30:e2:0e: f8:f9:c4:03:9a:7d:a4:4e:76:ef:02:4f:2b:0b:e8: 69:bb:5f:94:86:e7:6f:e5:85:6d:fc:14:7d:32:a1: 62:d4:a5:72:da:95:05:f0:a1:f3:f3:c2:8e:e0:74: 67:3a:b7:e0:bd:71:e0:cf:fc:81:9b:de:77:be:f6: b7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:63:E6:AF:C2:AC:DE:04:F5:68:E3:E1:5A:FC:7F:65:72:72:6C:AC X509v3 Authority Key Identifier: keyid:27:77:79:AC:69:36:A2:D3:21:4A:5F:17:40:21:3F:DB:92:56:C6:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J3d5rGk2otMhSl8XQCE_25JWxqM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91770B7/A5264EE00BDD11ED9AB9EC2BC4F9AE02/J3d5rGk2otMhSl8XQCE_25JWxqM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:7a:40:ee:25:13:06:83:f8:82:fa:aa:69:8d:ae:0b:84:ea: b6:d7:0a:d4:70:d9:e8:07:b3:87:6b:5b:4c:94:c4:3d:81:1e: b3:ea:3e:78:99:a3:df:d7:c7:01:5c:af:1e:23:e4:f5:f6:9d: fd:b5:02:c0:cc:fa:7c:5e:b5:82:61:28:21:19:1f:09:c1:24: df:1d:b2:fb:21:67:a2:a0:ba:8f:f9:63:c7:c6:3a:8e:cc:83: d4:5f:f5:bb:bf:10:5a:53:0c:b6:8b:0b:23:43:00:ba:3c:6e: 31:00:67:b8:52:0a:5b:c1:f2:96:32:b2:42:52:21:25:13:6c: ba:22:77:20:4c:69:05:4c:74:ca:25:97:90:f2:1b:e9:2d:5e: 13:d2:bc:b5:df:80:b9:f1:e6:1b:58:98:fa:b1:36:13:d3:ae: a9:06:33:30:93:d5:44:6a:66:17:1f:ab:58:35:81:73:3a:da: 9e:06:f7:c3:fb:56:b0:85:68:11:87:ee:78:c0:f6:22:e8:91: 3a:dd:02:fe:72:a4:b8:ff:c9:c4:f0:ca:94:21:f8:ad:9f:82: 16:d0:41:d3:64:b3:f3:1f:d8:70:23:ea:ca:23:09:29:39:27: 3f:ec:24:78:68:1f:dd:2a:10:36:b6:c1:2f:c3:1e:0b:4e:12: bc:a7:8c:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcwQjcxMTAvBgNVBAUTKDI3Nzc3OUFDNjkzNkEyRDMyMTRBNUYxNzQwMjEzRkRC OTI1NkM2QTMwHhcNMjUwODAzMDIwOTA4WhcNMjUwODEwMDIwOTA4WjAYMRYwFAYD VQQDEw02ODhlYzRjNC04NDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsLEUmlgdTSjKrQayRR3TUW1IFMXQan9S89RMt8CZjFns3Y+dqk+PBajuKqra ZZJZu8JyPkcb2+cctwrji0DCeSHc9uJ07g4v4BomenN1BS2zqxmSINg0rNfbjnD3 SmBh8Xqio8ZZrB6fDq7EHUrWzjqbU1YXf4okJkNllGNSMp8LLycWxYXTBS9i9HTd MRF7YrHTjmYFoO4DQhmKHP5qjhiXY+1N/eG/xCdMPQDLYla1Ct2W6GH4JlAzXHT/ xCYw4g74+cQDmn2kTnbvAk8rC+hpu1+Uhudv5YVt/BR9MqFi1KVy2pUF8KHz88KO 4HRnOrfgvXHgz/yBm953vva32wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFClj5q/C rN4E9Wjj4Vr8f2VycmysMB8GA1UdIwQYMBaAFCd3eaxpNqLTIUpfF0AhP9uSVsaj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzBCNy9BNTI2NEVFMDBC REQxMUVEOUFCOUVDMkJDNEY5QUUwMi9KM2Q1ckdrMm90TWhTbDhYUUNFXzI1Sld4 cU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ozZDVyR2syb3RNaFNsOFhRQ0VfMjVKV3hxTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzBCNy9BNTI2NEVFMDBCREQxMUVEOUFCOUVDMkJDNEY5QUUwMi9KM2Q1ckdrMm90 TWhTbDhYUUNFXzI1Sld4cU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdekDuJRMGg/iC+qppja4LhOq21wrUcNnoB7OHa1tMlMQ9gR6z6j54 maPf18cBXK8eI+T19p39tQLAzPp8XrWCYSghGR8JwSTfHbL7IWeioLqP+WPHxjqO zIPUX/W7vxBaUwy2iwsjQwC6PG4xAGe4UgpbwfKWMrJCUiElE2y6IncgTGkFTHTK JZeQ8hvpLV4T0ry134C58eYbWJj6sTYT066pBjMwk9VEamYXH6tYNYFzOtqeBvfD +1awhWgRh+54wPYi6JE63QL+cqS4/8nE8MqUIfitn4IW0EHTZLPzH9hwI+rKIwkp OSc/7CR4aB/dKhA2tsEvwx4LThK8p4zj -----END CERTIFICATE-----Generated at Mon Aug 4 15:39:27 2025 by rpki-client