$ rpki-client -vvf rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.mft File: lS9xLfEYQSCKO0qHRiDFn-7XcLA.mft (raw, json) Hash identifier: fc8H3LZpTIZSGDHUn8b5TZISQSGUShzgKEVk3GkmG6k= Subject key identifier: C3:D2:8B:30:9A:C7:9D:3C:20:21:B4:C9:A1:61:E5:83:E3:55:71:30 Authority key identifier: 95:2F:71:2D:F1:18:41:20:8A:3B:4A:87:46:20:C5:9F:EE:D7:70:B0 Certificate issuer: /CN=A9110F1F/serialNumber=952F712DF11841208A3B4A874620C59FEED770B0 Certificate serial: 0260 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lS9xLfEYQSCKO0qHRiDFn-7XcLA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.mft Manifest number: 025C Signing time: Tue 01 Jul 2025 02:30:16 +0000 Manifest this update: Tue 01 Jul 2025 02:30:15 +0000 Manifest next update: Tue 08 Jul 2025 02:30:15 +0000 Files and hashes: 1: lS9xLfEYQSCKO0qHRiDFn-7XcLA.crl (hash: FZsBpzJFs6QQgm3whTYVM+CbmUo+GeNDWE2IYEunElQ=) 2: AF6A12881EBB11EDB35A2561C4F9AE02.roa (hash: 27aLcYczZ5MYFXDnhdewNPk3kbRzrioX5es/1Wn4iNI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.crl rsync://rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lS9xLfEYQSCKO0qHRiDFn-7XcLA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:30:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 608 (0x260) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9110F1F, serialNumber=952F712DF11841208A3B4A874620C59FEED770B0 Validity Not Before: Jul 1 02:30:15 2025 GMT Not After : Jul 8 02:30:15 2025 GMT Subject: CN=68634838-673e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7d:82:31:5b:28:75:37:91:20:af:16:64:80: 31:ad:6e:40:a8:b4:ea:29:c5:1c:cc:73:87:ae:44: 25:c8:81:a4:94:d6:1d:59:57:b9:35:7e:a5:9e:e5: 81:72:ec:50:ce:d3:a9:b8:d4:79:89:a8:28:59:4e: a8:8d:45:0c:7f:69:0b:47:28:e2:1b:ab:3c:74:cb: a5:f6:5f:cd:d5:73:0e:8b:d0:a3:a8:4f:b1:a0:d9: 43:a2:a6:16:2f:56:7e:36:d3:61:96:da:cc:75:c4: e0:60:13:c5:37:6d:75:5a:6b:93:30:71:4a:30:25: 4e:76:78:2a:17:10:fc:cd:f9:fe:d0:90:03:a8:56: c6:4b:9d:2b:b0:78:df:45:6e:3c:65:38:ce:d3:61: 0a:fb:3c:d7:5c:c8:1f:db:05:d3:bc:05:5e:06:d1: 65:3a:d5:1d:76:5f:78:43:66:87:23:22:34:7c:f6: 03:cb:43:e5:54:9c:f4:48:83:60:b1:81:65:26:21: cc:86:64:76:d2:a1:38:fb:40:19:54:a6:d4:3a:93: 66:36:88:32:e8:3b:63:72:f3:b1:e3:ee:87:6b:fa: a9:00:3a:fd:e9:f7:12:af:c3:76:d6:b6:0c:5b:36: 31:00:d6:2a:50:02:a8:37:5a:e0:e5:c6:ed:99:ff: ac:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:D2:8B:30:9A:C7:9D:3C:20:21:B4:C9:A1:61:E5:83:E3:55:71:30 X509v3 Authority Key Identifier: keyid:95:2F:71:2D:F1:18:41:20:8A:3B:4A:87:46:20:C5:9F:EE:D7:70:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lS9xLfEYQSCKO0qHRiDFn-7XcLA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110F1F/6C0FEF5A1EB911ED9FC68760C4F9AE02/lS9xLfEYQSCKO0qHRiDFn-7XcLA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:96:38:80:ce:5a:11:78:ed:65:e3:1e:cc:de:ca:43:83:7e: f1:e2:23:13:b1:42:3a:1b:86:59:03:6f:fb:5a:29:d4:0b:f4: 27:1a:c5:07:38:62:8b:ee:73:6d:f6:de:fa:f9:24:3c:ff:0d: fc:5f:81:f2:5a:88:7b:12:63:66:4b:53:f4:2e:00:7d:61:00: 92:b5:e8:c7:ec:e9:a1:d2:f9:de:53:e2:3f:1f:4f:0a:83:5c: 1d:15:3d:3a:59:82:c4:16:ce:4d:3f:e2:74:f3:58:88:82:ce: 55:dd:e5:a2:79:42:5b:1f:f5:02:ab:2e:b8:f0:fe:ea:e1:ac: 9a:c8:ef:f4:da:3e:8f:0e:1a:d6:94:6e:80:f5:71:dd:7f:9e: a3:34:58:d9:53:c0:56:bc:a1:e9:94:e7:c6:6b:c2:23:a4:5e: fe:ac:47:b3:f7:ed:3a:b1:3c:d4:27:8a:5c:ad:01:a5:69:63: 4b:38:9b:d6:2c:0e:cf:a7:28:64:e8:07:00:9d:6e:b8:93:83: b2:f2:0a:ae:73:6f:6e:e0:38:f2:5d:0c:00:52:28:99:f4:bc: 58:e5:a6:7f:ea:9f:ab:a2:5a:34:b0:1e:50:b2:7b:0e:e0:2d: a1:ee:62:1f:56:8e:d6:2d:08:1b:50:68:af:7e:8f:2d:51:9e: d8:4f:69:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTBGMUYxMTAvBgNVBAUTKDk1MkY3MTJERjExODQxMjA4QTNCNEE4NzQ2MjBDNTlG RUVENzcwQjAwHhcNMjUwNzAxMDIzMDE1WhcNMjUwNzA4MDIzMDE1WjAYMRYwFAYD VQQDEw02ODYzNDgzOC02NzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAon2CMVsodTeRIK8WZIAxrW5AqLTqKcUczHOHrkQlyIGklNYdWVe5NX6lnuWB cuxQztOpuNR5iagoWU6ojUUMf2kLRyjiG6s8dMul9l/N1XMOi9CjqE+xoNlDoqYW L1Z+NtNhltrMdcTgYBPFN211WmuTMHFKMCVOdngqFxD8zfn+0JADqFbGS50rsHjf RW48ZTjO02EK+zzXXMgf2wXTvAVeBtFlOtUddl94Q2aHIyI0fPYDy0PlVJz0SINg sYFlJiHMhmR20qE4+0AZVKbUOpNmNogy6DtjcvOx4+6Ha/qpADr96fcSr8N21rYM WzYxANYqUAKoN1rg5cbtmf+s5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMPSizCa x508ICG0yaFh5YPjVXEwMB8GA1UdIwQYMBaAFJUvcS3xGEEgijtKh0YgxZ/u13Cw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEYxRi82QzBGRUY1QTFF QjkxMUVEOUZDNjg3NjBDNEY5QUUwMi9sUzl4TGZFWVFTQ0tPMHFIUmlERm4tN1hj TEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xTOXhMZkVZUVNDS08wcUhSaURGbi03WGNMQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MEYxRi82QzBGRUY1QTFFQjkxMUVEOUZDNjg3NjBDNEY5QUUwMi9sUzl4TGZFWVFT Q0tPMHFIUmlERm4tN1hjTEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBcljiAzloReO1l4x7M3spDg37x4iMTsUI6G4ZZA2/7WinUC/QnGsUH OGKL7nNt9t76+SQ8/w38X4HyWoh7EmNmS1P0LgB9YQCStejH7Omh0vneU+I/H08K g1wdFT06WYLEFs5NP+J081iIgs5V3eWieUJbH/UCqy648P7q4ayayO/02j6PDhrW lG6A9XHdf56jNFjZU8BWvKHplOfGa8IjpF7+rEez9+06sTzUJ4pcrQGlaWNLOJvW LA7Ppyhk6AcAnW64k4Oy8gquc29u4DjyXQwAUiiZ9LxY5aZ/6p+rolo0sB5QsnsO 4C2h7mIfVo7WLQgbUGivfo8tUZ7YT2l0 -----END CERTIFICATE-----Generated at Tue Jul 1 18:06:13 2025 by rpki-client