$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json) Hash identifier: 3XuHXJlZVUAuDWjJzO/XM3eawfLYlFyrNZB3AcDwDKk= Subject key identifier: 11:98:A2:9B:2E:B7:C4:EC:FF:54:F2:47:FA:DA:69:E6:52:1F:64:37 Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0B73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft Manifest number: 0B68 Signing time: Sat 14 Jun 2025 18:55:56 +0000 Manifest this update: Sat 14 Jun 2025 18:55:56 +0000 Manifest next update: Sat 21 Jun 2025 18:55:56 +0000 Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: OXpqT4lQlqcaWOIqMKsS0uk21LYvtUgjYT+FQ1VpUX4=) 2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: dZqvR0xqd13+DRj0vsCnaFuawrKyEqpLXk81wck6o3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:55:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2931 (0xb73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Jun 14 18:55:56 2025 GMT Not After : Jun 21 18:55:56 2025 GMT Subject: CN=684dc5bc-2fec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4d:aa:bc:85:2a:f6:ca:6a:a8:bf:b9:c9:da: 79:a2:9e:b3:4e:72:64:33:cd:61:b2:78:3a:25:be: 2b:06:b9:7a:3e:b0:fd:69:5b:bc:89:42:ba:96:47: 93:21:08:ab:e2:cd:89:0f:da:43:b3:47:f2:82:be: 7d:43:a8:6f:d7:9d:66:8d:ff:19:1a:59:5d:af:62: 67:bb:d2:30:36:ef:2e:4d:ee:ea:48:89:64:52:21: e0:15:52:be:a8:a9:9d:51:32:16:56:7d:6d:cc:10: c4:00:3e:80:ac:58:d9:f7:c1:cd:6d:b7:24:e1:5d: 42:57:ba:3c:5a:82:f4:b8:40:d4:af:b9:3d:ea:7f: 2c:eb:57:28:f7:6d:bd:5c:bd:ab:01:a3:e6:72:a2: 48:d5:6a:05:85:36:18:63:0d:d0:af:ce:4e:88:bb: 34:81:8a:53:b9:48:00:2f:dd:34:19:5b:c1:96:96: b5:cc:1a:b7:92:cb:5b:9e:4a:b0:81:42:b2:50:ed: 5c:25:ae:c7:36:c9:90:c4:34:0f:87:28:a3:24:e1: 05:0c:7d:33:df:d2:47:ca:ad:e2:60:6f:1b:1f:62: 56:10:be:af:69:f6:b5:63:a4:d6:df:10:92:b4:b9: ac:5b:12:b2:03:61:47:07:9d:d0:50:18:ea:65:36: 0d:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:98:A2:9B:2E:B7:C4:EC:FF:54:F2:47:FA:DA:69:E6:52:1F:64:37 X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:95:7a:f4:37:02:cc:41:1d:60:0a:4e:8e:c0:7e:ea:2b:44: e5:01:26:09:71:43:53:bd:65:f4:6f:99:8d:93:4e:27:5f:48: 4a:2b:aa:42:1b:2f:2b:fb:52:47:6d:88:f2:92:56:ff:d1:87: e3:c0:92:cb:ff:e2:b6:5d:3d:2f:30:7c:4f:f7:07:df:11:14: 39:6f:35:1e:7a:8a:f3:f4:05:4f:77:c7:05:a2:f0:71:90:db: 0c:3d:f7:a8:7e:d4:31:c6:e1:20:5d:84:7d:c9:43:a8:0f:28: 78:72:fd:a0:78:c9:df:aa:b2:f8:c6:70:15:96:95:56:e7:76: c5:09:c9:b4:96:d4:27:de:11:b3:af:d6:69:0a:5d:f9:87:05: a0:a2:bc:88:f5:e2:1f:99:e0:78:f0:cf:ca:1e:93:6f:78:0a: 22:0f:12:74:2e:ff:b6:bb:bc:6f:a4:68:e2:8f:e4:0c:87:36: c4:96:6d:0e:b5:f4:e2:90:33:84:ba:bb:40:06:a3:e3:e2:b0: 29:bb:ef:a8:86:b3:e3:45:ad:52:8f:75:db:91:2d:01:32:bc: 43:c9:87:71:32:ff:bd:61:64:2f:e7:d6:fb:78:d1:4f:0b:b4: 3a:12:60:11:9a:3f:f9:1d:44:1c:a6:6b:3a:f6:88:8e:6f:71: 9e:1c:13:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjUwNjE0MTg1NTU2WhcNMjUwNjIxMTg1NTU2WjAYMRYwFAYD VQQDEw02ODRkYzViYy0yZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApE2qvIUq9spqqL+5ydp5op6zTnJkM81hsng6Jb4rBrl6PrD9aVu8iUK6lkeT IQir4s2JD9pDs0fygr59Q6hv151mjf8ZGlldr2Jnu9IwNu8uTe7qSIlkUiHgFVK+ qKmdUTIWVn1tzBDEAD6ArFjZ98HNbbck4V1CV7o8WoL0uEDUr7k96n8s61co9229 XL2rAaPmcqJI1WoFhTYYYw3Qr85OiLs0gYpTuUgAL900GVvBlpa1zBq3kstbnkqw gUKyUO1cJa7HNsmQxDQPhyijJOEFDH0z39JHyq3iYG8bH2JWEL6vafa1Y6TW3xCS tLmsWxKyA2FHB53QUBjqZTYNJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBGYopsu t8Ts/1TyR/raaeZSH2Q3MB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQlXr0NwLMQR1gCk6OwH7qK0TlASYJcUNTvWX0b5mNk04nX0hKK6pC Gy8r+1JHbYjyklb/0YfjwJLL/+K2XT0vMHxP9wffERQ5bzUeeorz9AVPd8cFovBx kNsMPfeoftQxxuEgXYR9yUOoDyh4cv2geMnfqrL4xnAVlpVW53bFCcm0ltQn3hGz r9ZpCl35hwWgoryI9eIfmeB48M/KHpNveAoiDxJ0Lv+2u7xvpGjij+QMhzbElm0O tfTikDOEurtABqPj4rApu++ohrPjRa1Sj3XbkS0BMrxDyYdxMv+9YWQv59b7eNFP C7Q6EmARmj/5HUQcpms69oiOb3GeHBMH -----END CERTIFICATE-----Generated at Sun Jun 15 08:17:52 2025 by rpki-client