$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: Br41eotuQ0bJkwP5/IWKK1dzFdu+Q10Wyj/oMbGpqRg= Subject key identifier: A6:F0:B7:FE:EE:83:AF:5A:82:BF:A9:EC:C8:19:9D:7D:C7:64:EE:0F Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CB0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CAA Signing time: Sat 02 Aug 2025 18:23:11 +0000 Manifest this update: Sat 02 Aug 2025 18:23:10 +0000 Manifest next update: Sat 09 Aug 2025 18:23:10 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: XWLu9zx4nwWHmQUey3VyBUKNLQt2IuNo1Oe9KZ0H5Ns=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 18:23:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3248 (0xcb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Aug 2 18:23:10 2025 GMT Not After : Aug 9 18:23:10 2025 GMT Subject: CN=688e578f-1f6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b9:7c:d9:6b:16:91:db:85:6d:ee:46:da:21: fd:c0:49:bc:29:ba:46:bd:82:5b:47:f6:65:34:a6: 37:d3:58:90:da:ee:5e:e7:72:1e:9b:46:bf:d3:f7: 91:3b:12:51:71:f4:04:52:2f:ff:42:ec:42:09:83: 92:a0:5f:f3:ef:1d:00:41:de:39:18:cd:07:16:da: c9:68:6b:5b:00:63:b6:18:54:a8:8a:fe:45:44:7c: 0f:cb:2b:57:a4:67:f7:c8:0f:d7:5a:a6:f6:7f:73: d6:d3:22:16:aa:68:27:18:5f:48:18:19:c7:47:89: 48:1d:83:f2:0d:8b:06:15:ee:44:95:74:0e:43:3c: a2:60:40:06:3a:65:1e:2b:b0:c8:49:e9:d9:9e:7e: 18:6d:c8:16:a8:31:5a:73:42:b4:ff:c1:7f:54:24: 05:d0:a2:ff:29:8d:cf:35:c5:08:9d:72:be:e6:ef: 37:a4:cd:d5:17:c8:72:c9:e8:27:3e:0b:ae:d0:15: 7c:70:22:9d:6c:b8:92:0c:06:a4:cd:4a:ba:bf:43: 0f:db:11:86:78:02:1b:08:c9:94:3d:e7:54:98:c9: 64:df:27:b6:72:21:d0:5d:ff:b8:8b:2e:2c:25:bf: 7b:08:37:cc:13:3f:9b:b9:e6:7a:bb:d2:6b:c3:76: c8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:F0:B7:FE:EE:83:AF:5A:82:BF:A9:EC:C8:19:9D:7D:C7:64:EE:0F X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:37:ad:df:ae:cf:34:b0:71:9b:d0:07:43:8d:d2:53:c0:61: f7:a6:a7:a9:d7:53:97:5f:56:fd:a5:02:7f:f9:c7:31:18:d1: 75:81:a0:84:e2:c6:c9:c2:7b:58:9b:9b:7d:27:3c:8a:ce:9c: 0f:d4:02:a0:24:fc:b7:f3:f2:2f:5a:50:c4:ab:5d:ba:82:64: 5a:48:38:68:2f:10:88:6b:36:92:93:30:75:0d:fe:94:8e:8a: 1e:07:40:48:81:e0:78:86:c8:c0:e4:1d:fa:18:fe:bd:62:ea: e1:09:55:d7:c4:2c:c8:32:8a:8f:f7:08:6e:91:6b:5a:02:18: 08:a7:e5:28:ff:85:3f:6e:c3:c7:ce:23:62:7d:3f:30:3f:e3: 29:04:6c:8b:e4:e8:d5:c2:b4:27:18:17:b5:38:66:34:ce:fd: 06:c8:35:06:20:ff:95:f5:83:23:7a:f5:46:1a:1a:77:64:e8: 71:51:9a:01:ad:be:e2:c2:bf:a0:98:a8:c1:c8:4d:1b:c5:7a: 43:69:a2:95:b6:ae:b8:1e:73:37:55:8a:87:58:ea:32:17:9c: 7b:ff:95:0e:28:3d:72:d5:a7:64:64:5f:f2:88:d7:a5:5e:af: a4:74:e6:b4:2e:89:32:d9:67:5f:dd:ac:34:44:f2:31:ba:34: e6:5d:ce:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUwODAyMTgyMzEwWhcNMjUwODA5MTgyMzEwWjAYMRYwFAYD VQQDEw02ODhlNTc4Zi0xZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqrl82WsWkduFbe5G2iH9wEm8KbpGvYJbR/ZlNKY301iQ2u5e53Iem0a/0/eR OxJRcfQEUi//QuxCCYOSoF/z7x0AQd45GM0HFtrJaGtbAGO2GFSoiv5FRHwPyytX pGf3yA/XWqb2f3PW0yIWqmgnGF9IGBnHR4lIHYPyDYsGFe5ElXQOQzyiYEAGOmUe K7DISenZnn4YbcgWqDFac0K0/8F/VCQF0KL/KY3PNcUInXK+5u83pM3VF8hyyegn Pguu0BV8cCKdbLiSDAakzUq6v0MP2xGGeAIbCMmUPedUmMlk3ye2ciHQXf+4iy4s Jb97CDfMEz+bueZ6u9Jrw3bISwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKbwt/7u g69agr+p7MgZnX3HZO4PMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpN63frs80sHGb0AdDjdJTwGH3pqep11OXX1b9pQJ/+ccxGNF1gaCE 4sbJwntYm5t9JzyKzpwP1AKgJPy38/IvWlDEq126gmRaSDhoLxCIazaSkzB1Df6U jooeB0BIgeB4hsjA5B36GP69YurhCVXXxCzIMoqP9whukWtaAhgIp+Uo/4U/bsPH ziNifT8wP+MpBGyL5OjVwrQnGBe1OGY0zv0GyDUGIP+V9YMjevVGGhp3ZOhxUZoB rb7iwr+gmKjByE0bxXpDaaKVtq64HnM3VYqHWOoyF5x7/5UOKD1y1adkZF/yiNel Xq+kdOa0Loky2Wdf3aw0RPIxujTmXc5y -----END CERTIFICATE-----Generated at Mon Aug 4 16:02:02 2025 by rpki-client