$ rpki-client -vvf rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft File: thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft (raw, json) Hash identifier: WMhEaUpemVd0xmF0q6j7SFXtu7oCVGauDpo2UEHSKTE= Subject key identifier: 63:E5:37:41:C1:9E:CB:95:AA:C7:3D:FB:4A:06:14:79:B4:55:25:94 Authority key identifier: B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 Certificate issuer: /CN=A9118B32/serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Certificate serial: 03AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft Manifest number: 03AA Signing time: Tue 01 Jul 2025 01:19:15 +0000 Manifest this update: Tue 01 Jul 2025 01:19:14 +0000 Manifest next update: Tue 08 Jul 2025 01:19:14 +0000 Files and hashes: 1: thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl (hash: 5GKGvC1LxHqhzIpzZaC5HO8EWTEQGDQFZXQXemkZcAM=) 2: 0F291AFE9D2811EC83448E6FC4F9AE02.roa (hash: p2rd5X9PRaHj3dg5SJAK0M8GBgiGK7ul3HPfe5PMkz4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:19:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118B32, serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Validity Not Before: Jul 1 01:19:14 2025 GMT Not After : Jul 8 01:19:14 2025 GMT Subject: CN=68633793-55f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c8:a5:6b:af:58:db:8e:b3:6d:bf:8a:86:88: 5a:18:26:25:46:f2:57:45:ca:f2:8f:90:a5:0f:cd: b8:1b:60:c0:28:17:3f:7a:69:2d:7e:b2:5e:fd:87: f9:9f:92:78:13:71:e7:d2:69:d2:da:ac:92:a9:1f: 82:cc:a5:24:ee:85:53:ae:99:69:a8:db:30:f8:4b: b5:b0:b7:a2:99:c8:2a:59:48:ad:d0:ae:44:68:fe: 48:16:66:37:73:70:17:bc:97:4c:4b:e2:24:74:fb: 04:f3:bd:ad:91:70:0e:19:d0:b7:36:af:9c:08:69: db:93:82:f5:81:e1:75:25:d8:28:78:fa:86:9f:b3: f8:99:c4:90:69:a7:db:18:4b:48:a4:18:a4:bd:f0: a2:a5:01:9c:74:f2:39:e6:69:50:2c:2f:63:fa:ac: dc:4d:1e:2f:9e:98:ad:8d:c1:0b:cd:25:96:34:0f: f3:86:d1:11:b3:a8:50:40:05:29:4d:a5:d2:12:d6: c9:f5:eb:b2:cb:25:e2:f5:4c:4b:42:72:76:96:57: 52:eb:35:3b:13:55:01:ad:99:c1:ba:92:b4:4f:eb: 83:01:c4:d3:2e:9f:3d:e5:ab:17:5f:a8:ea:eb:99: f2:e1:54:de:5e:c4:32:66:7d:59:be:7d:9f:d3:c5: fe:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:E5:37:41:C1:9E:CB:95:AA:C7:3D:FB:4A:06:14:79:B4:55:25:94 X509v3 Authority Key Identifier: keyid:B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:6e:0a:e7:52:2f:9c:81:28:ea:b0:b4:4a:f8:ca:9f:b1:da: 37:c7:9c:0c:6a:8d:4e:a5:32:46:85:67:74:3e:3f:f8:fd:6e: 99:df:d7:48:8f:87:f8:37:72:09:cb:d5:24:26:82:d0:16:99: b3:e6:64:b9:bc:d2:7c:84:c1:e7:25:9b:db:7b:ad:19:0e:a0: c7:17:52:3a:e8:40:2c:9a:08:fe:2f:d0:71:38:8e:80:62:55: 67:1f:fc:50:0c:34:bb:ec:e7:3e:9b:5c:8e:ca:df:75:2c:86: 48:8a:98:b1:40:14:5e:70:64:2e:54:45:ba:62:69:3b:25:af: c4:e2:4b:97:5a:9f:d1:f2:c7:fb:19:8b:a6:5f:bf:8b:80:fa: 77:98:8c:cb:97:29:2d:2c:56:bd:2a:69:b1:a7:f9:12:fa:ca: c8:ac:61:6d:74:e3:fb:cf:34:7b:c3:bc:8f:55:e3:66:41:a6: 9f:ae:37:cf:85:12:b4:cd:da:b1:ba:d1:24:4d:fc:98:37:99: 68:72:04:ef:d0:44:20:25:fd:5f:60:54:dc:28:79:2b:e5:74: 01:41:fc:eb:11:64:cf:64:7e:7c:95:5d:aa:38:84:c0:ed:cd: 2d:18:f9:42:59:52:0e:a6:2f:ac:55:25:c8:59:47:b4:d6:ff: a9:d8:b6:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThCMzIxMTAvBgNVBAUTKEI2MTEwM0E1QzlDQzYwRUFEMTg4QTJGOUZEMTFFNjNE NTIzM0Q5OTUwHhcNMjUwNzAxMDExOTE0WhcNMjUwNzA4MDExOTE0WjAYMRYwFAYD VQQDEw02ODYzMzc5My01NWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3sila69Y246zbb+KhohaGCYlRvJXRcryj5ClD824G2DAKBc/emktfrJe/Yf5 n5J4E3Hn0mnS2qySqR+CzKUk7oVTrplpqNsw+Eu1sLeimcgqWUit0K5EaP5IFmY3 c3AXvJdMS+IkdPsE872tkXAOGdC3Nq+cCGnbk4L1geF1JdgoePqGn7P4mcSQaafb GEtIpBikvfCipQGcdPI55mlQLC9j+qzcTR4vnpitjcELzSWWNA/zhtERs6hQQAUp TaXSEtbJ9euyyyXi9UxLQnJ2lldS6zU7E1UBrZnBupK0T+uDAcTTLp895asXX6jq 65ny4VTeXsQyZn1Zvn2f08X+PwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGPlN0HB nsuVqsc9+0oGFHm0VSWUMB8GA1UdIwQYMBaAFLYRA6XJzGDq0Yii+f0R5j1SM9mV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEIzMi9GRjc3MUJCQzlE MjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlPclJpS0w1X1JIbVBWSXoy WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RoRURwY25NWU9yUmlLTDVfUkhtUFZJejJaVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEIzMi9GRjc3MUJCQzlEMjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlP clJpS0w1X1JIbVBWSXoyWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAebgrnUi+cgSjqsLRK+Mqfsdo3x5wMao1OpTJGhWd0Pj/4/W6Z39dI j4f4N3IJy9UkJoLQFpmz5mS5vNJ8hMHnJZvbe60ZDqDHF1I66EAsmgj+L9BxOI6A YlVnH/xQDDS77Oc+m1yOyt91LIZIipixQBRecGQuVEW6Ymk7Ja/E4kuXWp/R8sf7 GYumX7+LgPp3mIzLlyktLFa9Kmmxp/kS+srIrGFtdOP7zzR7w7yPVeNmQaafrjfP hRK0zdqxutEkTfyYN5locgTv0EQgJf1fYFTcKHkr5XQBQfzrEWTPZH58lV2qOITA 7c0tGPlCWVIOpi+sVSXIWUe01v+p2LZb -----END CERTIFICATE-----Generated at Wed Jul 2 10:57:43 2025 by rpki-client