$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: uHpUe4GY27DDcGH0lckxwDriv47N5hST3Cxb6ylPj0o= Subject key identifier: 2F:99:ED:88:59:97:2C:84:87:0E:8D:88:7B:95:2B:F1:90:16:23:84 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 77 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 75 Signing time: Tue 17 Jun 2025 05:44:00 +0000 Manifest this update: Tue 17 Jun 2025 05:44:00 +0000 Manifest next update: Tue 24 Jun 2025 05:44:00 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: nFilDzgkq22/fGqiPB88G4SHI0jj87i0b+/fcWjKDWk=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 05:43:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 119 (0x77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Jun 17 05:44:00 2025 GMT Not After : Jun 24 05:44:00 2025 GMT Subject: CN=685100a0-0d1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0c:d4:ea:9b:96:c2:db:5d:59:1c:6d:35:ac: 49:8c:8c:c3:89:c4:e3:d9:d4:24:b6:90:de:ab:7d: 9e:fb:73:0c:90:2a:8e:2d:6d:54:57:b9:33:29:f6: ca:37:84:c3:4d:9e:66:b7:ff:34:be:38:e4:00:d6: e2:1d:58:e6:81:11:d3:5e:39:21:b2:92:bb:52:fb: ea:71:b9:72:14:da:6a:c9:78:fe:ad:0c:0c:4e:94: 7f:1b:35:1f:34:59:13:31:14:9d:72:a3:86:10:9d: 6b:97:e6:4c:8c:08:4c:88:25:2c:02:72:9c:1a:82: 92:44:83:1a:7b:cf:54:22:7f:0c:09:62:56:dd:0f: 76:9f:f5:4c:cd:07:c9:6a:52:2a:1e:9f:9a:fd:9a: c3:b5:4a:9a:10:4a:6d:28:6b:2e:40:34:11:c6:3c: 55:02:59:59:1a:58:54:ce:75:d9:b8:8b:91:a8:af: f2:2f:4b:28:2d:bd:bb:2e:06:5a:4a:52:47:42:b3: e9:62:27:42:6e:fe:6f:a5:e4:66:c6:33:3a:ba:fa: 32:ab:9e:03:53:d3:c1:22:2a:0c:90:37:e1:fb:07: 13:71:a2:98:4a:f6:60:bb:9a:d9:53:ec:0b:5c:38: f6:fc:f2:bf:cc:87:06:92:32:80:39:55:98:bd:1f: 16:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:99:ED:88:59:97:2C:84:87:0E:8D:88:7B:95:2B:F1:90:16:23:84 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:e9:02:7c:81:69:8a:b8:2a:3c:2f:c2:2c:ef:41:38:90:ce: e8:91:1a:79:19:d9:b5:e9:5e:52:90:21:4b:15:b3:ee:9d:e8: 7b:cf:19:f2:cb:81:1a:04:1b:21:48:5a:c9:ab:a8:8e:c6:d9: eb:85:ea:d4:1e:a6:72:90:86:01:5e:2c:a5:07:ca:61:6f:b9: 36:5a:91:5f:36:e2:bf:39:14:b7:70:ea:7e:c0:00:65:a9:17: e5:68:42:03:4c:15:dd:45:85:16:08:22:23:50:90:5c:ad:e8: b2:73:97:96:1a:6c:e0:2f:56:db:85:b9:2b:df:0f:c0:c6:80: 6b:ba:c6:f9:f7:f6:55:be:8c:7f:63:f1:31:71:03:aa:c3:e5: ee:c6:21:74:99:7a:83:5c:44:7d:9b:7c:c0:77:46:52:d4:17: c4:6a:98:39:54:63:c0:2e:08:61:97:b5:02:16:9c:ff:01:db: b8:ac:be:7b:d9:34:5a:4f:0c:72:30:0d:0f:b8:1c:dc:ed:0a: cd:0d:47:11:eb:b6:6d:95:b6:b2:0e:a3:1d:e0:fd:f0:6d:73: e0:83:d1:a2:ca:93:d6:9a:ac:14:5d:17:28:41:87:19:d7:10: fc:32:9c:73:9d:aa:ac:6f:6a:7a:e6:ce:e6:de:79:a3:22:8c: 1c:93:bd:be -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA2MTcwNTQ0MDBaFw0yNTA2MjQwNTQ0MDBaMBgxFjAUBgNV BAMTDTY4NTEwMGEwLTBkMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYDNTqm5bC211ZHG01rEmMjMOJxOPZ1CS2kN6rfZ77cwyQKo4tbVRXuTMp9so3 hMNNnma3/zS+OOQA1uIdWOaBEdNeOSGykrtS++pxuXIU2mrJeP6tDAxOlH8bNR80 WRMxFJ1yo4YQnWuX5kyMCEyIJSwCcpwagpJEgxp7z1QifwwJYlbdD3af9UzNB8lq Uioen5r9msO1SpoQSm0oay5ANBHGPFUCWVkaWFTOddm4i5Gor/IvSygtvbsuBlpK UkdCs+liJ0Ju/m+l5GbGMzq6+jKrngNT08EiKgyQN+H7BxNxophK9mC7mtlT7Atc OPb88r/MhwaSMoA5VZi9HxZDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUL5ntiFmX LISHDo2Ie5Ur8ZAWI4QwHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADXpAnyBaYq4KjwvwizvQTiQzuiRGnkZ2bXpXlKQIUsVs+6d6HvPGfLL gRoEGyFIWsmrqI7G2euF6tQepnKQhgFeLKUHymFvuTZakV824r85FLdw6n7AAGWp F+VoQgNMFd1FhRYIIiNQkFyt6LJzl5YabOAvVtuFuSvfD8DGgGu6xvn39lW+jH9j 8TFxA6rD5e7GIXSZeoNcRH2bfMB3RlLUF8RqmDlUY8AuCGGXtQIWnP8B27isvnvZ NFpPDHIwDQ+4HNztCs0NRxHrtm2VtrIOox3g/fBtc+CD0aLKk9aarBRdFyhBhxnX EPwynHOdqqxvanrmzubeeaMijByTvb4= -----END CERTIFICATE-----Generated at Wed Jun 18 23:43:35 2025 by rpki-client