$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: NR+uS89VCCFVCA9HQx+Xb51a8cqCmi3qSQ/BoyUGyTs= Subject key identifier: D0:52:B5:33:C8:80:D1:09:C7:05:5E:2D:83:61:E1:9A:1E:AB:9F:F4 Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 1480 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 146C Signing time: Sat 14 Jun 2025 16:52:17 +0000 Manifest this update: Sat 14 Jun 2025 16:52:17 +0000 Manifest next update: Sat 21 Jun 2025 16:52:17 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: tOupWH+KsdIaL0fcv7vLcR+jI3UiWnPrL9KllOgtBkM=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 16:52:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5248 (0x1480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Jun 14 16:52:17 2025 GMT Not After : Jun 21 16:52:17 2025 GMT Subject: CN=684da8c1-6d25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ef:0f:6f:dc:28:ca:50:3d:ef:86:c6:a1:7e: 76:45:f4:15:8f:67:76:13:61:9a:00:b8:aa:32:35: ad:1c:43:26:d6:75:1a:ad:eb:b2:7d:2d:8f:ed:17: 7d:d6:8f:49:3f:fa:be:5d:32:20:0b:fa:c1:72:d7: 45:68:35:7d:65:0d:d5:f8:e4:e2:f7:03:b9:44:37: 39:fc:e6:26:b1:ad:af:87:0a:66:cb:ab:64:5e:00: cc:7f:ec:03:8c:61:cb:c8:b9:c4:89:2a:09:8a:ef: 37:5f:78:ee:1a:92:c4:7a:ad:e0:34:e0:b0:08:94: 3b:83:84:3d:1f:2b:5c:b6:78:f9:0e:c0:be:4b:c3: b5:b5:ba:e1:4e:2b:8a:35:0c:ae:c7:24:81:b4:05: 62:d3:06:9e:87:1c:8a:0e:60:1c:5c:58:18:80:a8: 71:7e:6c:d1:f5:da:22:47:47:b3:70:7c:48:08:64: d5:69:0f:7d:dc:1d:d4:b3:97:b7:91:98:c7:a0:23: 31:bc:ab:e8:e2:cc:fa:1d:3f:59:8f:0c:0e:e0:45: 79:6f:48:a2:16:62:a2:bc:22:42:c5:08:eb:02:0d: f1:94:39:2d:f6:73:f7:94:0d:10:89:08:06:45:44: 9b:f5:eb:20:d7:02:d2:1d:57:3c:a3:63:ad:2a:69: 78:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:52:B5:33:C8:80:D1:09:C7:05:5E:2D:83:61:E1:9A:1E:AB:9F:F4 X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:f1:37:69:fb:54:6f:dc:bd:f5:d8:74:0a:0c:41:47:2a:d8: 9f:d5:9f:c6:06:92:16:45:59:08:81:96:6c:05:42:a7:19:60: 48:c8:61:ed:54:a9:a5:e6:0e:e6:47:ea:54:68:e7:53:62:5b: af:9f:f1:19:db:7e:d6:72:92:c6:dd:ae:e6:24:ba:d9:59:e9: 0e:3d:e8:26:64:8e:25:7c:f0:00:a2:3b:8c:fb:88:5b:68:32: e9:49:3c:0f:2d:44:03:9a:ca:fa:dd:2f:71:f6:6b:a1:07:c4: 10:e7:7f:bc:49:cd:30:ce:8c:21:73:8e:38:5f:97:86:8a:81: c4:e6:fa:99:50:d0:59:e4:ff:88:85:06:29:a0:a2:70:24:d1: 2d:ba:a5:71:ad:77:ba:fd:8a:52:35:33:73:7d:1d:68:77:87: b5:00:92:71:63:85:27:17:02:49:c5:df:87:83:4e:89:c7:c9: c2:99:50:17:8e:63:01:3a:00:05:72:f1:c6:f2:f6:56:d3:6e: 00:09:9a:e6:63:3d:28:46:d1:f6:fe:bc:a2:7a:c2:fd:25:f6: a4:82:da:81:aa:e5:7e:6b:08:2d:48:ab:36:7f:f0:25:e2:33: c0:ea:7c:b6:0d:0f:3c:64:c9:92:45:ff:53:7d:a8:38:bd:be: 69:21:58:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUwNjE0MTY1MjE3WhcNMjUwNjIxMTY1MjE3WjAYMRYwFAYD VQQDEw02ODRkYThjMS02ZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0u8Pb9woylA974bGoX52RfQVj2d2E2GaALiqMjWtHEMm1nUareuyfS2P7Rd9 1o9JP/q+XTIgC/rBctdFaDV9ZQ3V+OTi9wO5RDc5/OYmsa2vhwpmy6tkXgDMf+wD jGHLyLnEiSoJiu83X3juGpLEeq3gNOCwCJQ7g4Q9Hytctnj5DsC+S8O1tbrhTiuK NQyuxySBtAVi0waehxyKDmAcXFgYgKhxfmzR9doiR0ezcHxICGTVaQ993B3Us5e3 kZjHoCMxvKvo4sz6HT9ZjwwO4EV5b0iiFmKivCJCxQjrAg3xlDkt9nP3lA0QiQgG RUSb9esg1wLSHVc8o2OtKml4bQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNBStTPI gNEJxwVeLYNh4Zoeq5/0MB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAp8Tdp+1Rv3L312HQKDEFHKtif1Z/GBpIWRVkIgZZsBUKnGWBIyGHt VKml5g7mR+pUaOdTYluvn/EZ237WcpLG3a7mJLrZWekOPegmZI4lfPAAojuM+4hb aDLpSTwPLUQDmsr63S9x9muhB8QQ53+8Sc0wzowhc444X5eGioHE5vqZUNBZ5P+I hQYpoKJwJNEtuqVxrXe6/YpSNTNzfR1od4e1AJJxY4UnFwJJxd+Hg06Jx8nCmVAX jmMBOgAFcvHG8vZW024ACZrmYz0oRtH2/ryiesL9JfakgtqBquV+awgtSKs2f/Al 4jPA6ny2DQ88ZMmSRf9Tfag4vb5pIVj8 -----END CERTIFICATE-----Generated at Sun Jun 15 17:47:33 2025 by rpki-client