$ rpki-client -vvf rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.mft File: 0KCTtlEHkzVIStC6HXZhX1w2aIo.mft (raw, json) Hash identifier: X+yqWQNApCWXTSqef4I5d+ZLDEbKrsK9IfMiZ3dCg98= Subject key identifier: A8:CB:40:99:5C:87:C4:2D:7E:86:8E:21:D5:C9:36:0F:16:6E:42:D9 Authority key identifier: D0:A0:93:B6:51:07:93:35:48:4A:D0:BA:1D:76:61:5F:5C:36:68:8A Certificate issuer: /CN=A91E275B/serialNumber=D0A093B651079335484AD0BA1D76615F5C36688A Certificate serial: 3322 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0KCTtlEHkzVIStC6HXZhX1w2aIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.mft Manifest number: 9A3C Signing time: Mon 16 Jun 2025 15:19:15 +0000 Manifest this update: Mon 16 Jun 2025 15:19:14 +0000 Manifest next update: Mon 23 Jun 2025 15:19:14 +0000 Files and hashes: 1: 0KCTtlEHkzVIStC6HXZhX1w2aIo.crl (hash: X3vwdbO4VBw16KV2ZUD4OkKXyLiew5LirDyQkXe6isI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.crl rsync://rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0KCTtlEHkzVIStC6HXZhX1w2aIo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 15:19:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13090 (0x3322) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E275B, serialNumber=D0A093B651079335484AD0BA1D76615F5C36688A Validity Not Before: Jun 16 15:19:14 2025 GMT Not After : Jun 23 15:19:14 2025 GMT Subject: CN=685035f3-5413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:06:c6:32:7c:0e:aa:84:8f:6b:8d:4a:0e:65: f2:6b:ea:43:b2:f5:e9:70:36:db:2d:57:34:22:53: e5:36:29:cb:f1:6c:68:93:7e:72:ec:dc:45:cf:4a: a5:0d:64:4b:a1:f2:48:f4:2b:19:d5:b0:21:66:7f: b1:08:a8:10:9a:00:45:55:81:68:77:b4:54:50:1f: 12:bc:b5:68:6c:b1:8c:fa:28:81:55:93:ca:46:4f: c4:2c:de:71:1d:f3:c9:ab:bb:95:f3:af:f5:c9:58: cc:6a:6b:10:ba:a1:9e:3d:05:cf:7e:88:86:68:a2: b2:07:9b:5c:bc:d8:b3:51:60:3f:a7:83:82:1a:bb: 0b:e9:14:c9:ed:4a:4b:61:7f:e5:44:7d:5d:74:d9: c4:85:2d:39:c8:6f:8f:cb:b7:41:fa:9c:45:0e:b4: 6e:35:01:73:15:1a:20:14:9a:2c:29:93:85:12:dc: 16:5a:82:9c:41:aa:f2:6b:f6:da:cb:ec:dc:09:4c: ce:0b:72:7a:3f:11:75:a8:c8:6e:36:94:4e:a3:31: a5:f5:53:ef:36:bd:6f:ce:35:e5:ad:ab:80:1a:33: e9:59:68:f1:0b:3b:48:e5:5c:54:51:cb:c4:38:3d: 78:a6:be:4f:49:ff:21:7f:9e:10:f1:dd:08:02:b0: 17:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:CB:40:99:5C:87:C4:2D:7E:86:8E:21:D5:C9:36:0F:16:6E:42:D9 X509v3 Authority Key Identifier: keyid:D0:A0:93:B6:51:07:93:35:48:4A:D0:BA:1D:76:61:5F:5C:36:68:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0KCTtlEHkzVIStC6HXZhX1w2aIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E275B/AB2022301DA911E2B095C4A408B02CD2/0KCTtlEHkzVIStC6HXZhX1w2aIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:e9:51:ff:88:b7:5f:8d:bb:23:de:de:87:66:c3:66:d1:5c: bb:94:fd:fb:a4:37:69:a6:3a:03:62:4f:20:b4:a7:c9:ce:92: f1:3f:bd:a3:d2:e5:17:9f:cd:97:d3:52:32:4f:5e:ad:b9:69: 3b:1c:cf:1d:a9:78:0c:1d:e2:e0:8b:3c:5d:22:49:92:5d:4c: be:c8:d1:39:12:a4:db:28:b3:8b:e4:c1:ae:ce:92:f4:6a:27: 86:93:55:39:f3:fe:e8:77:22:79:94:f5:f0:c5:dd:60:27:b1: 7e:a3:97:7f:62:14:0d:ec:b2:b7:a3:64:b6:ee:58:ee:d2:8d: 58:81:aa:a5:cc:0d:8f:ed:99:a4:7f:8d:cd:64:72:a4:3a:42: f5:d5:35:29:a4:90:a0:28:9a:0b:71:ce:fc:b3:ff:36:6e:aa: cd:1c:f1:f4:a5:4f:f3:1b:86:cd:76:3b:a7:e2:e2:36:04:3b: 15:3d:6d:ee:c8:74:f4:5f:b7:32:14:aa:ab:84:47:dc:92:19: 6c:87:3a:68:2f:86:ab:d3:56:2d:5a:cf:35:de:b6:0f:01:07: b8:dc:c7:15:a0:bf:66:9a:f9:46:87:06:4f:68:4d:76:e2:24: 39:5f:ec:b5:64:72:0b:56:74:07:71:79:5e:64:1e:a7:87:07: 7c:b5:40:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMyIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3NUIxMTAvBgNVBAUTKEQwQTA5M0I2NTEwNzkzMzU0ODRBRDBCQTFENzY2MTVG NUMzNjY4OEEwHhcNMjUwNjE2MTUxOTE0WhcNMjUwNjIzMTUxOTE0WjAYMRYwFAYD VQQDEw02ODUwMzVmMy01NDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2AbGMnwOqoSPa41KDmXya+pDsvXpcDbbLVc0IlPlNinL8Wxok35y7NxFz0ql DWRLofJI9CsZ1bAhZn+xCKgQmgBFVYFod7RUUB8SvLVobLGM+iiBVZPKRk/ELN5x HfPJq7uV86/1yVjMamsQuqGePQXPfoiGaKKyB5tcvNizUWA/p4OCGrsL6RTJ7UpL YX/lRH1ddNnEhS05yG+Py7dB+pxFDrRuNQFzFRogFJosKZOFEtwWWoKcQarya/ba y+zcCUzOC3J6PxF1qMhuNpROozGl9VPvNr1vzjXlrauAGjPpWWjxCztI5VxUUcvE OD14pr5PSf8hf54Q8d0IArAXywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKjLQJlc h8QtfoaOIdXJNg8WbkLZMB8GA1UdIwQYMBaAFNCgk7ZRB5M1SErQuh12YV9cNmiK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjc1Qi9BQjIwMjIzMDFE QTkxMUUyQjA5NUM0QTQwOEIwMkNEMi8wS0NUdGxFSGt6VklTdEM2SFhaaFgxdzJh SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBLQ1R0bEVIa3pWSVN0QzZIWFpoWDF3MmFJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Mjc1Qi9BQjIwMjIzMDFEQTkxMUUyQjA5NUM0QTQwOEIwMkNEMi8wS0NUdGxFSGt6 VklTdEM2SFhaaFgxdzJhSW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBp6VH/iLdfjbsj3t6HZsNm0Vy7lP37pDdppjoDYk8gtKfJzpLxP72j 0uUXn82X01IyT16tuWk7HM8dqXgMHeLgizxdIkmSXUy+yNE5EqTbKLOL5MGuzpL0 aieGk1U58/7odyJ5lPXwxd1gJ7F+o5d/YhQN7LK3o2S27lju0o1YgaqlzA2P7Zmk f43NZHKkOkL11TUppJCgKJoLcc78s/82bqrNHPH0pU/zG4bNdjun4uI2BDsVPW3u yHT0X7cyFKqrhEfckhlshzpoL4ar01YtWs813rYPAQe43McVoL9mmvlGhwZPaE12 4iQ5X+y1ZHILVnQHcXleZB6nhwd8tUDc -----END CERTIFICATE-----Generated at Mon Jun 16 18:49:20 2025 by rpki-client