$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft File: nTwzrLEQPnH6H_PmAT6dwxEiafw.mft (raw, json) Hash identifier: KPiplM2hfNJJX7XbtT6wR5iGQNSgnQbmyYVdYdI1OM4= Subject key identifier: 2C:F9:AE:8D:4C:05:DD:88:D0:CE:79:0D:2B:44:21:82:1E:8A:FE:E5 Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Certificate serial: B1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft Manifest number: AF Signing time: Sat 21 Jun 2025 05:09:45 +0000 Manifest this update: Sat 21 Jun 2025 05:09:44 +0000 Manifest next update: Sat 28 Jun 2025 05:09:44 +0000 Files and hashes: 1: nTwzrLEQPnH6H_PmAT6dwxEiafw.crl (hash: erqVZt7zB169X51je0aYQNK2Fxqyz9JzS3e283Eqcl8=) 2: DD76C09AB16711EFBD483568C4F9AE02.roa (hash: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Jun 2025 05:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 177 (0xb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Validity Not Before: Jun 21 05:09:44 2025 GMT Not After : Jun 28 05:09:44 2025 GMT Subject: CN=68563e99-05a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:3a:05:50:d8:71:8a:b2:ad:a0:f9:77:c4:2f: ee:2d:0e:5b:a2:78:ff:df:3b:78:49:8f:30:60:e0: 67:d6:09:e6:f8:30:6a:c6:98:03:5e:b7:4d:6f:cc: 5d:63:32:c6:49:d2:f8:32:68:a4:08:b6:36:ad:73: d2:1f:53:87:5e:61:b4:d1:54:b8:38:55:17:48:57: ac:6f:9e:a3:3d:72:6c:d7:12:65:cc:04:87:a8:f6: 0a:65:87:78:c4:04:fc:6b:6c:6d:02:36:1d:b2:03: 49:74:da:75:b3:fa:37:12:70:03:9e:f3:f1:3a:4c: 51:d3:35:07:6c:a0:57:0d:d5:d2:52:a5:6a:50:24: 55:c0:7c:46:a4:c8:53:21:a9:65:b0:ec:d0:20:ef: d9:4c:8f:6c:3c:4f:16:8a:f6:8c:dd:98:76:1e:38: 7a:59:92:5a:a1:87:11:83:e3:b0:58:11:f9:dd:4e: dd:76:1c:0a:12:7c:5f:ee:cc:87:54:4f:8d:7d:9f: 4b:5c:14:59:32:2d:50:c7:88:8d:3c:fe:7d:61:44: bb:b5:be:fe:cf:b1:ea:7d:95:3f:7a:bd:cf:5d:4f: fe:de:86:88:e7:64:43:c5:ba:73:07:87:d9:04:e4: 7d:2c:15:c5:5b:f7:1d:d3:32:e3:33:4d:94:54:87: 21:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:F9:AE:8D:4C:05:DD:88:D0:CE:79:0D:2B:44:21:82:1E:8A:FE:E5 X509v3 Authority Key Identifier: keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:30:a7:d6:dc:1a:c0:e7:fb:de:dc:2c:7f:84:0f:6b:af:cc: bc:67:58:d1:a0:5b:43:2b:86:2a:28:c5:e0:f2:9b:7f:f4:4c: 0e:65:7b:2f:e7:cb:d2:13:fa:e5:eb:89:41:33:bb:63:fa:ad: 97:21:3b:ed:5d:77:48:7e:e8:b7:eb:50:2b:23:f8:e4:e7:0d: 3e:82:37:fe:dd:ac:2e:11:26:5d:51:cb:8e:87:d7:64:d4:76: 8f:40:12:29:60:22:09:d5:a8:32:3c:28:bc:0d:19:1a:ed:6a: c5:9a:8c:b1:8a:bf:01:9a:fd:a5:1d:69:7f:79:51:d0:44:91: c8:5f:b5:9a:57:ab:41:56:69:9c:bc:71:93:8e:8c:f9:c1:9b: d0:d9:3c:e4:b1:5f:88:b5:cd:f6:8e:f5:c3:d5:8f:0a:57:2f: 60:1e:96:2b:e8:96:2b:6d:79:db:a3:f7:f2:84:62:6b:b3:9e: da:03:af:9d:1a:10:c0:91:6b:e0:38:f9:0f:25:98:d7:eb:64: 20:52:9a:2d:67:47:c3:b9:f1:a5:71:f7:cf:15:9d:0b:f1:12: 06:5a:97:80:34:71:13:ea:24:d3:37:47:55:5e:e6:60:d2:36: f3:d5:0e:0d:22:aa:e0:cd:96:e9:3f:d5:0a:25:87:68:9e:ab: a4:3e:f4:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDlEM0MzM0FDQjExMDNFNzFGQTFGRjNFNjAxM0U5REMz MTEyMjY5RkMwHhcNMjUwNjIxMDUwOTQ0WhcNMjUwNjI4MDUwOTQ0WjAYMRYwFAYD VQQDEw02ODU2M2U5OS0wNWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7DoFUNhxirKtoPl3xC/uLQ5bonj/3zt4SY8wYOBn1gnm+DBqxpgDXrdNb8xd YzLGSdL4MmikCLY2rXPSH1OHXmG00VS4OFUXSFesb56jPXJs1xJlzASHqPYKZYd4 xAT8a2xtAjYdsgNJdNp1s/o3EnADnvPxOkxR0zUHbKBXDdXSUqVqUCRVwHxGpMhT IallsOzQIO/ZTI9sPE8WivaM3Zh2Hjh6WZJaoYcRg+OwWBH53U7ddhwKEnxf7syH VE+NfZ9LXBRZMi1Qx4iNPP59YUS7tb7+z7HqfZU/er3PXU/+3oaI52RDxbpzB4fZ BOR9LBXFW/cd0zLjM02UVIchAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCz5ro1M Bd2I0M55DStEIYIeiv7lMB8GA1UdIwQYMBaAFJ08M6yxED5x+h/z5gE+ncMRImn8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82MjkxNzY0NDQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBuSDZIX1BtQVQ2ZHd4RWlh ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBu SDZIX1BtQVQ2ZHd4RWlhZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChMKfW3BrA5/ve3Cx/hA9rr8y8Z1jRoFtDK4YqKMXg8pt/9EwOZXsv 58vSE/rl64lBM7tj+q2XITvtXXdIfui361ArI/jk5w0+gjf+3awuESZdUcuOh9dk 1HaPQBIpYCIJ1agyPCi8DRka7WrFmoyxir8Bmv2lHWl/eVHQRJHIX7WaV6tBVmmc vHGTjoz5wZvQ2TzksV+Itc32jvXD1Y8KVy9gHpYr6JYrbXnbo/fyhGJrs57aA6+d GhDAkWvgOPkPJZjX62QgUpotZ0fDufGlcffPFZ0L8RIGWpeANHET6iTTN0dVXuZg 0jbz1Q4NIqrgzZbpP9UKJYdonqukPvRp -----END CERTIFICATE-----Generated at Sun Jun 22 21:55:59 2025 by rpki-client