$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: TcRLsDQFEtBGJxMAnpIgVxZqkz6Inw5Ng3vfBoq3jrc= Subject key identifier: 3A:C0:AA:0E:81:C5:C8:AE:3C:A7:FD:1F:F0:0B:1B:30:1B:CA:2D:4B Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0C1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0C15 Signing time: Wed 02 Jul 2025 18:12:14 +0000 Manifest this update: Wed 02 Jul 2025 18:12:13 +0000 Manifest next update: Wed 09 Jul 2025 18:12:13 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: B9kcM8VgBnGQ26GKrAEA8vfNnUN7Oo2Occi2C7OrL8A=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: fJj5V7B0tj2U/amxOYn7MfT1h8cR0RvRgHTxKdHbOM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3099 (0xc1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624, serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: Jul 2 18:12:13 2025 GMT Not After : Jul 9 18:12:13 2025 GMT Subject: CN=6865767d-c490 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:6a:d7:14:c7:97:27:5f:84:c8:d1:eb:be:d1: fa:3e:ea:b3:d5:4e:68:75:f6:4b:fb:f7:eb:12:74: 8b:f4:5b:c8:55:ca:a9:8e:db:3c:b6:44:29:4d:2a: ef:57:00:70:46:ad:b8:ab:61:d8:7e:24:00:8d:cd: d5:bc:8a:37:cc:55:99:31:fe:00:5a:e3:3d:46:ef: 56:e9:0a:62:bf:01:e9:5b:08:60:46:44:57:88:78: 8c:c4:7d:eb:93:81:e9:95:8f:f1:1d:00:7e:91:31: 8e:33:d9:17:a1:54:ea:34:b8:3d:98:47:5f:50:ce: 2a:9b:82:88:d1:48:d2:56:c2:98:fa:39:53:e1:f8: f5:25:02:28:29:fd:fb:d1:ff:fd:65:d4:24:dd:29: c7:c0:67:53:68:dc:48:3f:e0:27:0d:3a:e9:6b:f0: 5e:2c:ba:71:9d:8e:df:a3:ed:de:87:89:48:97:d2: 5d:c3:e7:36:8c:c0:db:f1:d4:f5:56:18:f1:6a:fd: 4e:e9:ae:8e:84:d5:ce:bf:a8:a2:64:5d:8f:25:03: 84:5b:ba:21:b9:91:8c:27:4a:c4:8e:3d:6c:23:8b: 7d:0c:d3:9c:30:e4:a7:cf:7e:dc:51:2e:be:0c:72: e1:e9:43:d5:c6:4e:d5:0b:aa:60:5f:a0:9b:77:36: e7:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:C0:AA:0E:81:C5:C8:AE:3C:A7:FD:1F:F0:0B:1B:30:1B:CA:2D:4B X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:ce:bb:d6:b7:1f:85:16:3e:f3:69:f4:16:92:96:b1:cd:87: 9a:cd:33:b6:60:bf:d4:fb:c6:c3:72:6c:1b:6c:c4:e3:90:7b: 7f:2b:f5:e7:d8:c5:bc:46:e9:03:14:d1:54:fc:be:6f:be:cf: 6a:6b:70:fc:21:3d:36:4d:6f:cb:e7:86:e6:fb:be:13:a8:43: b0:97:af:d4:7e:39:01:15:a0:d9:ef:90:55:90:c8:aa:7f:39: 17:cb:29:37:44:58:cb:e4:be:b6:ef:5c:d7:0b:29:14:8d:01: 12:18:08:9a:c8:1b:3c:f5:87:6f:ed:e5:1f:34:a4:de:18:19: cd:35:48:e2:80:05:5b:0f:6f:18:c8:f0:f7:3b:37:30:1a:30: 4e:68:ee:68:b8:cf:65:c0:19:e8:5d:bc:12:ae:e4:1e:59:94: 2a:dd:4e:db:69:cf:13:ca:f4:35:b4:66:fe:c0:1f:f0:9e:9d: cd:13:5a:62:10:be:4a:13:88:90:9c:f4:24:06:61:a8:49:9e: fc:82:1c:47:0b:57:4e:74:0d:a2:e4:f5:d6:fb:cd:c0:e5:61: 1b:8c:f5:56:2d:8b:5e:4e:17:67:c0:42:b0:6c:1f:fa:7e:66: c3:66:0c:42:d1:c3:ab:4b:dd:6f:a9:3f:18:d1:e7:01:d8:e5: 0a:e0:b6:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjUwNzAyMTgxMjEzWhcNMjUwNzA5MTgxMjEzWjAYMRYwFAYD VQQDEw02ODY1NzY3ZC1jNDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4mrXFMeXJ1+EyNHrvtH6Puqz1U5odfZL+/frEnSL9FvIVcqpjts8tkQpTSrv VwBwRq24q2HYfiQAjc3VvIo3zFWZMf4AWuM9Ru9W6QpivwHpWwhgRkRXiHiMxH3r k4HplY/xHQB+kTGOM9kXoVTqNLg9mEdfUM4qm4KI0UjSVsKY+jlT4fj1JQIoKf37 0f/9ZdQk3SnHwGdTaNxIP+AnDTrpa/BeLLpxnY7fo+3eh4lIl9Jdw+c2jMDb8dT1 Vhjxav1O6a6OhNXOv6iiZF2PJQOEW7ohuZGMJ0rEjj1sI4t9DNOcMOSnz37cUS6+ DHLh6UPVxk7VC6pgX6CbdzbntwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDrAqg6B xciuPKf9H/ALGzAbyi1LMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvzrvWtx+FFj7zafQWkpaxzYeazTO2YL/U+8bDcmwbbMTjkHt/K/Xn 2MW8RukDFNFU/L5vvs9qa3D8IT02TW/L54bm+74TqEOwl6/UfjkBFaDZ75BVkMiq fzkXyyk3RFjL5L6271zXCykUjQESGAiayBs89Ydv7eUfNKTeGBnNNUjigAVbD28Y yPD3OzcwGjBOaO5ouM9lwBnoXbwSruQeWZQq3U7bac8TyvQ1tGb+wB/wnp3NE1pi EL5KE4iQnPQkBmGoSZ78ghxHC1dOdA2i5PXW+83A5WEbjPVWLYteThdnwEKwbB/6 fmbDZgxC0cOrS91vqT8Y0ecB2OUK4LZB -----END CERTIFICATE-----Generated at Thu Jul 3 23:31:04 2025 by rpki-client