$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft File: D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft (raw, json) Hash identifier: U6YhlrnhpiDGiasOFWT/ifkqD2KxOs/NvRT0qbImWNk= Subject key identifier: EC:0E:60:60:E5:22:69:E6:45:25:E3:56:76:AB:64:B8:6C:B3:37:53 Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 Certificate issuer: /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Certificate serial: 01DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft Manifest number: 01CF Signing time: Sun 15 Jun 2025 02:16:07 +0000 Manifest this update: Sun 15 Jun 2025 02:16:06 +0000 Manifest next update: Sun 22 Jun 2025 02:16:06 +0000 Files and hashes: 1: D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl (hash: 5aOZoXYdUZj21BUorkFL5ACt2C4v7rE1hKavFwJquOI=) 2: BC72661A972911ED8CBCA476C4F9AE02.roa (hash: 50hi2vNUebBRUz8ceA03XMTbcW3zeli1X+BmJSriA30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:16:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 476 (0x1dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7C68, serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Validity Not Before: Jun 15 02:16:06 2025 GMT Not After : Jun 22 02:16:06 2025 GMT Subject: CN=684e2ce6-f441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:4e:d1:c0:bf:e2:a7:5d:db:92:7c:16:d5:d6: 0a:5e:05:04:65:82:48:73:3e:1b:ad:1e:be:43:5d: ad:e2:bb:a9:fe:80:13:62:ca:3d:cd:0d:ec:7f:15: 18:4e:65:f4:c3:09:11:2d:39:7a:4e:2d:e5:31:9e: 86:00:2c:5b:87:88:a2:f1:13:3f:73:c9:48:8e:28: c3:27:3b:88:4d:63:c7:94:69:2b:4c:19:aa:7a:de: 79:48:30:37:e1:5a:eb:c3:06:37:f5:0c:00:ca:e7: af:cc:56:66:e8:e6:a0:f2:b6:c6:57:5f:55:20:04: d1:10:33:f4:ea:91:9e:2d:67:dd:9d:90:21:b6:1b: 61:f5:71:40:ef:5a:72:6d:db:e2:8e:b2:4c:c1:f9: d2:fe:c9:e3:75:32:b6:61:2f:ae:85:96:ed:ed:dc: ef:12:34:2c:79:98:43:7d:15:ac:d3:3a:b9:0b:a9: 12:3b:d5:1f:ad:bf:da:bc:9a:02:99:5e:64:3b:cb: e6:da:12:68:e7:0c:33:cc:89:be:65:c1:5a:64:50: e1:be:e0:17:11:2c:70:81:77:9b:04:ec:6d:10:80: 56:b9:c2:61:f3:f1:5c:62:f6:47:a2:a4:c5:21:a6: 1c:b9:e0:3d:bb:d5:73:12:88:f5:2a:93:f2:f3:1f: 5f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:0E:60:60:E5:22:69:E6:45:25:E3:56:76:AB:64:B8:6C:B3:37:53 X509v3 Authority Key Identifier: keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:4d:f5:26:ba:73:99:ed:05:50:64:3a:24:6f:02:cf:c1:f7: ba:ac:a6:1e:c5:36:6b:66:a0:cc:5d:dd:6f:ef:c2:9a:11:50: 7b:72:44:e1:48:21:f0:63:12:5b:01:6a:4f:63:39:82:c9:db: 03:f0:27:d7:de:62:00:c7:05:6e:7f:f3:79:bd:9f:7a:cc:42: 2a:aa:6c:10:bf:ef:83:91:ec:c3:2d:43:d8:c5:cf:44:8b:bb: ab:e6:a8:72:e1:9d:ed:ce:81:9f:c5:a4:64:91:5c:2c:ba:9a: db:79:e7:20:c0:7c:f4:da:54:d9:4e:90:cc:69:a3:18:8c:2d: 7b:9c:56:7d:5c:c8:3c:53:93:20:f1:4e:94:3a:d0:1d:e8:48: 3c:5b:87:68:3f:50:6a:aa:07:2e:02:8d:3c:ea:8b:5b:37:15: f1:cd:f3:e0:cc:8e:ac:e9:be:ea:16:5e:c1:29:92:b2:dc:74: 3b:f3:5a:f5:51:be:d8:a8:77:ba:38:0b:75:a3:1e:b3:e5:4d: 14:5c:bd:89:d6:24:d5:59:63:9c:94:74:c8:cd:7f:48:62:95: 39:4d:5e:e4:97:d9:78:3a:ee:e4:6c:f4:ad:d7:9d:ee:15:ee: 28:87:41:61:70:ee:96:79:d0:77:94:b3:94:bd:f0:1e:ba:a4: 1b:b4:a9:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdDNjgxMTAvBgNVBAUTKDBGNjI2QTMyNjRENkZFQ0NDQkZFQjJEOTlCMURCRjhB RkZFQzNCMzQwHhcNMjUwNjE1MDIxNjA2WhcNMjUwNjIyMDIxNjA2WjAYMRYwFAYD VQQDEw02ODRlMmNlNi1mNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5E7RwL/ip13bknwW1dYKXgUEZYJIcz4brR6+Q12t4rup/oATYso9zQ3sfxUY TmX0wwkRLTl6Ti3lMZ6GACxbh4ii8RM/c8lIjijDJzuITWPHlGkrTBmqet55SDA3 4VrrwwY39QwAyuevzFZm6Oag8rbGV19VIATREDP06pGeLWfdnZAhthth9XFA71py bdvijrJMwfnS/snjdTK2YS+uhZbt7dzvEjQseZhDfRWs0zq5C6kSO9Ufrb/avJoC mV5kO8vm2hJo5wwzzIm+ZcFaZFDhvuAXESxwgXebBOxtEIBWucJh8/FcYvZHoqTF IaYcueA9u9VzEoj1KpPy8x9fjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOwOYGDl ImnmRSXjVnarZLhsszdTMB8GA1UdIwQYMBaAFA9iajJk1v7My/6y2Zsdv4r/7Ds0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0M2OC80MjM5ODZGNjk3 MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19zekxfckxabXgyX2l2X3NP elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19z ekxfckxabXgyX2l2X3NPelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/TfUmunOZ7QVQZDokbwLPwfe6rKYexTZrZqDMXd1v78KaEVB7ckTh SCHwYxJbAWpPYzmCydsD8CfX3mIAxwVuf/N5vZ96zEIqqmwQv++DkezDLUPYxc9E i7ur5qhy4Z3tzoGfxaRkkVwsuprbeecgwHz02lTZTpDMaaMYjC17nFZ9XMg8U5Mg 8U6UOtAd6Eg8W4doP1BqqgcuAo086otbNxXxzfPgzI6s6b7qFl7BKZKy3HQ781r1 Ub7YqHe6OAt1ox6z5U0UXL2J1iTVWWOclHTIzX9IYpU5TV7kl9l4Ou7kbPSt153u Fe4oh0FhcO6WedB3lLOUvfAeuqQbtKkr -----END CERTIFICATE-----Generated at Sun Jun 15 09:43:00 2025 by rpki-client