$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft File: aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft (raw, json) Hash identifier: wUmPYlm4SseRse/k2ymOAy80thYQy99r7ayBrlwL/mw= Subject key identifier: 43:4B:A1:C9:BF:F3:15:73:F9:E8:AE:62:FE:16:B5:74:BC:BA:24:EB Authority key identifier: 68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 Certificate issuer: /CN=A91EA9BD/serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Certificate serial: 30D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft Manifest number: 30CF Signing time: Mon 04 Aug 2025 15:30:46 +0000 Manifest this update: Mon 04 Aug 2025 15:30:46 +0000 Manifest next update: Mon 11 Aug 2025 15:30:46 +0000 Files and hashes: 1: aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl (hash: 04NrWflQWq9XlKsyfSnP2BqzuDyG2jZIzruzshNosdQ=) 2: 93C0837AA52911EC9D2DAE83C4F9AE02.roa (hash: QijzfOAskdpqspHv2hl6DWJmVGpVIoUXprNfU2Pxi8k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:30:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12499 (0x30d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9BD, serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Validity Not Before: Aug 4 15:30:46 2025 GMT Not After : Aug 11 15:30:46 2025 GMT Subject: CN=6890d226-d1d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:1b:ed:d8:b1:0c:79:c4:bd:f9:b5:b2:9e:00: 55:97:cb:e4:01:df:90:f7:4c:fa:8d:a8:60:85:04: 5d:b0:fe:98:fc:0f:b0:15:2b:9d:68:e1:fe:ad:ff: 29:e2:eb:dc:3c:f2:b2:db:cc:9c:a9:9e:72:ab:3b: 46:a3:67:ff:55:da:20:b7:73:91:b5:b7:13:ba:32: 56:2f:bf:87:bb:f7:c9:74:36:bf:9d:33:a6:cc:19: 63:e7:bd:fb:4f:ef:1b:bc:61:64:46:aa:f0:33:43: b2:30:ac:d0:62:bf:3a:a1:64:6b:10:38:2d:59:83: 07:f7:d7:03:5d:11:3c:69:63:72:af:ce:c7:71:28: 38:d9:4c:ed:21:8c:e9:38:bc:ee:b1:43:ba:f6:80: d1:a1:52:be:3f:2a:b0:40:b2:ea:e8:c3:ad:b2:87: 21:8c:66:7a:b4:0d:93:0b:6f:42:c9:cd:1c:54:a5: 52:58:ac:2c:00:81:75:09:f2:95:b2:91:5d:27:69: 7e:52:b8:6f:ee:6a:ad:50:be:d5:ca:db:0d:a8:e9: 70:53:9a:42:c6:a5:23:bf:38:44:90:67:0f:5f:91: e1:0c:df:88:38:ee:6d:b9:40:4a:7f:1c:58:5b:70: fc:e0:63:30:8e:e8:88:e4:32:d0:b4:8d:6c:d7:80: be:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:4B:A1:C9:BF:F3:15:73:F9:E8:AE:62:FE:16:B5:74:BC:BA:24:EB X509v3 Authority Key Identifier: keyid:68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:cf:fb:2a:a1:4a:41:c2:4d:e3:bd:a9:38:0c:6d:ab:db:61: fa:a3:0c:32:9f:f5:f4:63:35:c7:c1:23:0e:84:11:3b:27:ed: e0:e4:66:14:b3:46:e4:76:ef:63:a5:73:72:60:f0:30:f2:47: 9d:39:9d:f8:cd:a9:4a:b0:d7:86:c0:c2:83:4f:ed:c3:76:ec: 60:e8:6e:73:d9:8f:29:ef:77:ac:63:00:70:7b:3a:74:1a:4e: ec:44:db:b2:52:6a:96:6c:5f:fa:17:ef:2d:30:7f:47:92:bf: 20:61:13:30:a4:f0:13:40:24:e8:ec:58:0b:f6:fb:16:67:97: c2:30:f1:4b:7c:78:0a:6d:a4:07:0e:7d:15:e1:39:39:a2:89: cb:b6:18:79:2b:09:48:0d:5f:0a:bf:44:4a:b5:ac:94:b0:c5: bf:23:cc:67:75:49:65:bb:1a:7d:44:30:0a:f4:c6:1c:f8:f2: 90:ed:ec:ae:3e:68:f2:c1:17:d6:32:d7:5b:33:c7:33:05:a9: fd:44:bb:c2:1c:49:04:de:e7:fb:59:68:69:3d:b5:9d:22:b0: 0a:bd:43:67:e7:65:17:d0:54:6e:a6:25:89:02:67:39:99:9f: e5:33:cf:f6:96:2a:e2:6d:59:a9:31:6a:ec:c3:51:f7:1c:82: e4:08:aa:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMNMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5QkQxMTAvBgNVBAUTKDY4NkEwMDU3MTY0RDE0MzhFQzU5NTg2REE4QkFBNTQ2 NUZEODI5QzcwHhcNMjUwODA0MTUzMDQ2WhcNMjUwODExMTUzMDQ2WjAYMRYwFAYD VQQDEw02ODkwZDIyNi1kMWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5hvt2LEMecS9+bWyngBVl8vkAd+Q90z6jahghQRdsP6Y/A+wFSudaOH+rf8p 4uvcPPKy28ycqZ5yqztGo2f/Vdogt3ORtbcTujJWL7+Hu/fJdDa/nTOmzBlj5737 T+8bvGFkRqrwM0OyMKzQYr86oWRrEDgtWYMH99cDXRE8aWNyr87HcSg42UztIYzp OLzusUO69oDRoVK+PyqwQLLq6MOtsochjGZ6tA2TC29Cyc0cVKVSWKwsAIF1CfKV spFdJ2l+Urhv7mqtUL7VytsNqOlwU5pCxqUjvzhEkGcPX5HhDN+IOO5tuUBKfxxY W3D84GMwjuiI5DLQtI1s14C+BwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFENLocm/ 8xVz+eiuYv4WtXS8uiTrMB8GA1UdIwQYMBaAFGhqAFcWTRQ47FlYbai6pUZf2CnH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wM0I4MEYzOERG NUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZEanNXVmh0cUxxbFJsX1lL Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FHb0FWeFpORkRqc1dWaHRxTHFsUmxfWUtjYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTlCRC8wM0I4MEYzOERGNUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZE anNXVmh0cUxxbFJsX1lLY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7z/sqoUpBwk3jvak4DG2r22H6owwyn/X0YzXHwSMOhBE7J+3g5GYU s0bkdu9jpXNyYPAw8kedOZ34zalKsNeGwMKDT+3Dduxg6G5z2Y8p73esYwBwezp0 Gk7sRNuyUmqWbF/6F+8tMH9Hkr8gYRMwpPATQCTo7FgL9vsWZ5fCMPFLfHgKbaQH Dn0V4Tk5oonLthh5KwlIDV8Kv0RKtayUsMW/I8xndUlluxp9RDAK9MYc+PKQ7eyu PmjywRfWMtdbM8czBan9RLvCHEkE3uf7WWhpPbWdIrAKvUNn52UX0FRupiWJAmc5 mZ/lM8/2liribVmpMWrsw1H3HILkCKq+ -----END CERTIFICATE-----Generated at Wed Aug 6 10:58:53 2025 by rpki-client