$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft File: f7FuQPo8p3_OJMTJpGRWg8OeihE.mft (raw, json) Hash identifier: axky/sfKhdN6ojY4Q0mX3lgh/CjpqYmZhayfusUeVKI= Subject key identifier: 99:A0:8C:3D:3D:EF:E4:4E:3C:80:6F:0C:CB:CD:97:81:5E:D4:0E:37 Authority key identifier: 7F:B1:6E:40:FA:3C:A7:7F:CE:24:C4:C9:A4:64:56:83:C3:9E:8A:11 Certificate issuer: /CN=A91AF83D/serialNumber=7FB16E40FA3CA77FCE24C4C9A4645683C39E8A11 Certificate serial: 01C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft Manifest number: 01BE Signing time: Thu 07 Aug 2025 03:27:14 +0000 Manifest this update: Thu 07 Aug 2025 03:27:13 +0000 Manifest next update: Thu 14 Aug 2025 03:27:13 +0000 Files and hashes: 1: f7FuQPo8p3_OJMTJpGRWg8OeihE.crl (hash: 1Oq12/YwZwDF8JZvae+cJZxHbjuXPERUa2StqEGcPCI=) 2: AB3814CEC85411EDAE5D9322C4F9AE02.roa (hash: hP+l6tFfGRtL/s3PVotLK1C45PriZjz7pB5mLcbuaqE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.crl rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 03:27:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 449 (0x1c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF83D, serialNumber=7FB16E40FA3CA77FCE24C4C9A4645683C39E8A11 Validity Not Before: Aug 7 03:27:13 2025 GMT Not After : Aug 14 03:27:13 2025 GMT Subject: CN=68941d11-5add Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:68:4f:85:d0:e3:61:b7:b0:47:21:52:eb:d3: 1e:e2:5d:2c:97:cf:aa:2e:bf:98:70:68:92:30:eb: fb:be:74:a7:4b:82:77:fd:41:4c:c5:0f:47:df:ee: 68:bb:3b:15:ff:c4:e3:20:d3:0b:ca:f1:75:0d:01: 0a:16:28:22:75:15:94:33:c0:a6:8f:f8:bc:ea:d5: 43:f1:b0:2a:f2:29:10:43:fe:4a:cb:08:d2:d6:b1: 87:28:4e:ff:f9:12:98:e0:12:c3:97:70:9e:20:68: 1e:bf:30:39:ff:65:0e:88:15:61:a4:c2:f7:82:09: b0:74:11:4e:ae:de:ae:3b:64:db:f4:b5:88:ee:22: df:f8:52:ec:ce:b3:c5:b6:73:35:b0:23:00:97:dd: 87:93:69:9b:78:8d:52:01:70:cf:91:72:37:74:3a: d5:dd:98:bd:50:1f:e1:e4:21:37:31:9a:1d:e5:4a: c7:61:ce:1f:12:5c:08:1d:c3:bf:fe:75:cb:a7:0f: 6f:85:f0:c7:7c:f8:a4:8f:4a:c5:ba:45:f0:6a:1d: c2:3f:47:fd:2a:e5:04:17:58:f5:f4:f8:f9:3c:36: bd:a1:71:3d:4a:f4:5b:1f:11:a5:b6:91:c2:cd:3e: 57:ac:09:fa:dd:8b:de:c5:62:dc:b2:56:93:7d:72: dd:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A0:8C:3D:3D:EF:E4:4E:3C:80:6F:0C:CB:CD:97:81:5E:D4:0E:37 X509v3 Authority Key Identifier: keyid:7F:B1:6E:40:FA:3C:A7:7F:CE:24:C4:C9:A4:64:56:83:C3:9E:8A:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:c9:c6:97:33:b8:6d:94:19:39:88:ce:c8:32:f6:bb:42:a2: 6d:bd:cd:8c:78:51:6b:02:27:58:05:54:a5:49:ce:49:4d:59: e8:e3:8e:f6:56:48:15:a0:e0:d8:38:2e:21:8d:69:d6:83:88: 4b:fa:93:b1:cc:24:e2:f5:06:c6:50:a4:e5:a2:1c:06:4d:ae: c8:cc:a6:97:03:ec:21:33:76:91:18:bf:e3:11:08:11:26:8e: 55:ac:00:ac:21:13:88:f5:ed:15:24:ee:41:3f:5d:cc:c0:83: f2:47:21:54:f1:da:f9:b9:12:dc:7f:20:dc:6c:49:1b:7a:b1: 1b:18:f0:63:f5:1c:fe:59:bc:2d:90:81:67:6f:94:87:32:4e: 14:3e:c5:f2:0a:e9:52:d2:e3:14:b3:f8:f2:77:3a:e0:31:39: d5:f5:1b:ef:6e:75:34:c1:ba:87:c7:98:cd:d7:ec:c9:e2:27: f4:0f:ce:24:4d:ec:bc:3e:c6:20:4f:00:38:ec:06:dc:93:b3: 23:02:e8:34:c5:6d:88:24:e3:66:1a:69:5c:50:26:22:e1:ff: e3:23:db:e6:8e:00:9f:fc:87:7c:f5:4a:c0:a0:ba:d2:02:8c: f6:88:eb:b7:51:1c:f1:00:06:0f:51:d4:81:81:57:2e:2e:5c: f2:b6:14:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUY4M0QxMTAvBgNVBAUTKDdGQjE2RTQwRkEzQ0E3N0ZDRTI0QzRDOUE0NjQ1Njgz QzM5RThBMTEwHhcNMjUwODA3MDMyNzEzWhcNMjUwODE0MDMyNzEzWjAYMRYwFAYD VQQDEw02ODk0MWQxMS01YWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxGhPhdDjYbewRyFS69Me4l0sl8+qLr+YcGiSMOv7vnSnS4J3/UFMxQ9H3+5o uzsV/8TjINMLyvF1DQEKFigidRWUM8Cmj/i86tVD8bAq8ikQQ/5KywjS1rGHKE7/ +RKY4BLDl3CeIGgevzA5/2UOiBVhpML3ggmwdBFOrt6uO2Tb9LWI7iLf+FLszrPF tnM1sCMAl92Hk2mbeI1SAXDPkXI3dDrV3Zi9UB/h5CE3MZod5UrHYc4fElwIHcO/ /nXLpw9vhfDHfPikj0rFukXwah3CP0f9KuUEF1j19Pj5PDa9oXE9SvRbHxGltpHC zT5XrAn63YvexWLcslaTfXLdcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJmgjD09 7+ROPIBvDMvNl4Fe1A43MB8GA1UdIwQYMBaAFH+xbkD6PKd/ziTEyaRkVoPDnooR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjgzRC9BM0Q1MkZCOEM4 NTAxMUVEQUY1QkJBODdDNEY5QUUwMi9mN0Z1UVBvOHAzX09KTVRKcEdSV2c4T2Vp aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Y3RnVRUG84cDNfT0pNVEpwR1JXZzhPZWloRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjgzRC9BM0Q1MkZCOEM4NTAxMUVEQUY1QkJBODdDNEY5QUUwMi9mN0Z1UVBvOHAz X09KTVRKcEdSV2c4T2VpaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqycaXM7htlBk5iM7IMva7QqJtvc2MeFFrAidYBVSlSc5JTVno4472 VkgVoODYOC4hjWnWg4hL+pOxzCTi9QbGUKTlohwGTa7IzKaXA+whM3aRGL/jEQgR Jo5VrACsIROI9e0VJO5BP13MwIPyRyFU8dr5uRLcfyDcbEkberEbGPBj9Rz+Wbwt kIFnb5SHMk4UPsXyCulS0uMUs/jydzrgMTnV9RvvbnU0wbqHx5jN1+zJ4if0D84k Tey8PsYgTwA47Abck7MjAug0xW2IJONmGmlcUCYi4f/jI9vmjgCf/Id89UrAoLrS Aoz2iOu3URzxAAYPUdSBgVcuLlzythRD -----END CERTIFICATE-----Generated at Fri Aug 8 10:21:37 2025 by rpki-client