$ rpki-client -vvf rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft File: keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft (raw, json) Hash identifier: 4I5/0Tgi/Mn7Gijvva0zAL2ycRXmH+WvHK4sg2X7000= Subject key identifier: 06:1B:1A:28:98:FC:94:B3:32:3C:58:ED:0D:ED:46:C5:F1:56:73:B6 Authority key identifier: 91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A Certificate issuer: /CN=A911ACAC/serialNumber=91E679721ED1E0927EBB7E461C80580D2393592A Certificate serial: 04CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft Manifest number: 04C2 Signing time: Thu 03 Jul 2025 00:14:03 +0000 Manifest this update: Thu 03 Jul 2025 00:14:03 +0000 Manifest next update: Thu 10 Jul 2025 00:14:03 +0000 Files and hashes: 1: keZ5ch7R4JJ-u35GHIBYDSOTWSo.crl (hash: SYY5lg71H2S/zzA9VypehcbNq+r2jD5teCt9gnztdTI=) 2: C52B4E0A3FE011EF88794913C4F9AE02.roa (hash: BHc0YO4uerOV3pChxVjG7O544zd2LrVw+gOJhxCdrB0=) 3: 1295B5943FA611EF94664041C4F9AE02.roa (hash: FuWrvkmDIg3mxhyAWWbi/ukBRQacmBTwsE71FX0nX8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.crl rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:14:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1230 (0x4ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911ACAC, serialNumber=91E679721ED1E0927EBB7E461C80580D2393592A Validity Not Before: Jul 3 00:14:03 2025 GMT Not After : Jul 10 00:14:03 2025 GMT Subject: CN=6865cb4b-4789 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:51:7d:5c:82:cd:b5:8d:58:da:51:e7:ab:49: e7:e3:22:af:f1:9c:08:2a:14:4f:a2:c8:dc:05:9f: 08:97:55:68:9b:3d:63:4e:4a:77:48:68:29:4b:7e: f2:db:77:ef:b0:57:ac:18:5c:ac:b5:b6:72:47:8c: ca:a8:55:9d:b2:03:4f:e0:28:46:6b:4e:99:88:0c: 80:14:42:79:68:b4:65:ae:fa:cf:61:bb:2c:9c:47: 4f:0b:cd:0f:41:53:25:ee:49:a8:f0:ae:21:47:8c: 31:27:35:63:d4:e4:c3:53:74:8f:33:9e:33:fe:fe: e3:1c:3c:42:27:37:34:ae:f3:a1:52:09:94:b5:1f: ee:d2:40:db:3e:f5:9e:98:a1:24:e2:ef:94:6a:23: 48:e9:d5:30:68:c0:08:f1:83:a1:38:07:44:70:f7: 56:5b:4e:ad:a6:51:a4:ae:23:55:19:00:0a:8f:26: c7:55:1e:61:35:00:49:6e:30:c8:64:3d:97:b6:4b: 48:c2:63:4d:29:25:1d:e8:2b:44:45:da:5a:b5:b4: 50:e8:95:9c:de:21:b8:c4:7e:25:85:ab:02:ba:ab: 59:32:e0:7a:c2:4d:5a:b3:b1:17:fc:bb:ba:df:32: 6d:43:58:de:7c:a2:c6:75:67:fc:86:66:1c:00:48: 4b:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:1B:1A:28:98:FC:94:B3:32:3C:58:ED:0D:ED:46:C5:F1:56:73:B6 X509v3 Authority Key Identifier: keyid:91:E6:79:72:1E:D1:E0:92:7E:BB:7E:46:1C:80:58:0D:23:93:59:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/keZ5ch7R4JJ-u35GHIBYDSOTWSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ACAC/B3BDA56431D311EC8D3BBF30C4F9AE02/keZ5ch7R4JJ-u35GHIBYDSOTWSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:b3:6e:8b:95:d7:8a:84:55:39:0a:75:e4:c8:2f:8b:58:2e: a0:d0:eb:21:33:49:ae:83:f5:86:e1:93:d4:5b:11:cc:40:99: b3:55:fb:25:b6:ef:77:95:62:fe:67:0a:f5:56:e4:6d:30:13: 17:94:2e:19:0c:23:24:76:e4:e9:48:4c:20:fa:9a:72:78:00: 15:b0:19:cb:9c:ca:a5:69:09:c3:5c:a1:5d:b3:27:c6:0a:c3: 98:d2:0c:49:da:50:52:6a:3a:ec:85:87:4c:70:62:7d:ea:73: 19:84:f0:45:cc:08:f9:0d:1b:e8:16:67:fc:a5:eb:13:ee:9f: b1:fa:86:ef:f7:88:93:48:08:e4:e7:71:60:1d:75:4c:66:85: 4c:ff:27:51:bc:ad:7d:96:d0:bd:eb:59:50:30:da:2a:fa:f8: 73:2e:1f:31:ad:fa:cc:72:e8:6b:5d:51:28:35:a9:92:75:42: 6b:98:79:58:51:d6:86:50:37:20:03:a1:2a:76:67:87:37:e2: 1d:64:23:13:35:71:00:6f:85:46:7c:f7:e0:bc:f4:ac:a0:70: 91:15:0a:77:00:d6:f4:b9:c7:da:ff:56:cb:b9:2a:a7:72:b0: 48:02:42:d8:28:de:99:6d:69:a8:b9:90:81:91:3c:63:2c:9f: 4d:26:56:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFDQUMxMTAvBgNVBAUTKDkxRTY3OTcyMUVEMUUwOTI3RUJCN0U0NjFDODA1ODBE MjM5MzU5MkEwHhcNMjUwNzAzMDAxNDAzWhcNMjUwNzEwMDAxNDAzWjAYMRYwFAYD VQQDEw02ODY1Y2I0Yi00Nzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm1F9XILNtY1Y2lHnq0nn4yKv8ZwIKhRPosjcBZ8Il1Vomz1jTkp3SGgpS37y 23fvsFesGFystbZyR4zKqFWdsgNP4ChGa06ZiAyAFEJ5aLRlrvrPYbssnEdPC80P QVMl7kmo8K4hR4wxJzVj1OTDU3SPM54z/v7jHDxCJzc0rvOhUgmUtR/u0kDbPvWe mKEk4u+UaiNI6dUwaMAI8YOhOAdEcPdWW06tplGkriNVGQAKjybHVR5hNQBJbjDI ZD2XtktIwmNNKSUd6CtERdpatbRQ6JWc3iG4xH4lhasCuqtZMuB6wk1as7EX/Lu6 3zJtQ1jefKLGdWf8hmYcAEhLAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAYbGiiY /JSzMjxY7Q3tRsXxVnO2MB8GA1UdIwQYMBaAFJHmeXIe0eCSfrt+RhyAWA0jk1kq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUNBQy9CM0JEQTU2NDMx RDMxMUVDOEQzQkJGMzBDNEY5QUUwMi9rZVo1Y2g3UjRKSi11MzVHSElCWURTT1RX U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tlWjVjaDdSNEpKLXUzNUdISUJZRFNPVFdTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QUNBQy9CM0JEQTU2NDMxRDMxMUVDOEQzQkJGMzBDNEY5QUUwMi9rZVo1Y2g3UjRK Si11MzVHSElCWURTT1RXU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvs26LldeKhFU5CnXkyC+LWC6g0OshM0mug/WG4ZPUWxHMQJmzVfsl tu93lWL+Zwr1VuRtMBMXlC4ZDCMkduTpSEwg+ppyeAAVsBnLnMqlaQnDXKFdsyfG CsOY0gxJ2lBSajrshYdMcGJ96nMZhPBFzAj5DRvoFmf8pesT7p+x+obv94iTSAjk 53FgHXVMZoVM/ydRvK19ltC961lQMNoq+vhzLh8xrfrMcuhrXVEoNamSdUJrmHlY UdaGUDcgA6EqdmeHN+IdZCMTNXEAb4VGfPfgvPSsoHCRFQp3ANb0ucfa/1bLuSqn crBIAkLYKN6ZbWmouZCBkTxjLJ9NJlZc -----END CERTIFICATE-----Generated at Fri Jul 4 14:27:01 2025 by rpki-client