$ rpki-client -vvf rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft File: kI54kDTxhBXYdZwmo0brgQ71pBU.mft (raw, json) Hash identifier: PnjirVouijNHQSFNmbXwRXlj+FJB6hetEIHZoe2j9Q8= Subject key identifier: 64:B9:B8:FA:BF:F9:46:F1:0A:F7:96:14:90:99:7D:43:91:9C:5B:30 Authority key identifier: 90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15 Certificate issuer: /CN=A911B4ED/serialNumber=908E789034F18415D8759C26A346EB810EF5A415 Certificate serial: 0180 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft Manifest number: 017D Signing time: Thu 03 Jul 2025 03:45:27 +0000 Manifest this update: Thu 03 Jul 2025 03:45:26 +0000 Manifest next update: Thu 10 Jul 2025 03:45:26 +0000 Files and hashes: 1: kI54kDTxhBXYdZwmo0brgQ71pBU.crl (hash: leDZrp9M3/Lu5yKIC+GdYM9doGenefivA5F+ukeXV1I=) 2: 86A2CEB60F3E11EEA4C55465C4F9AE02.roa (hash: ZLzKJqHR9ccG28xsD3tS0PUqjyHlLmjfaTjR+9dBzcw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.crl rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 384 (0x180) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B4ED, serialNumber=908E789034F18415D8759C26A346EB810EF5A415 Validity Not Before: Jul 3 03:45:26 2025 GMT Not After : Jul 10 03:45:26 2025 GMT Subject: CN=6865fcd7-4e04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:d5:27:29:46:ad:f8:b9:61:85:45:bf:29:30: 31:9e:d9:bd:1b:c5:19:5b:d0:3f:e4:63:e8:7a:9d: 41:f6:1f:8c:dc:12:c0:e4:14:e2:c8:eb:5b:d4:21: 75:ff:b2:90:83:27:f3:9a:24:eb:ea:f8:19:67:46: 14:b9:5a:17:87:90:e5:59:77:ff:a3:ad:04:f7:05: 7d:ef:bb:af:25:2c:b1:bd:a5:ef:0f:72:b6:c2:d9: 64:09:25:e5:31:79:1f:72:21:97:a9:dd:51:0d:c5: 70:b3:0f:12:a8:f1:0a:9a:dc:c5:9e:0e:af:2f:2b: b1:e6:07:ae:1b:ac:cc:28:7e:70:f1:8d:4c:63:73: 02:2e:c2:63:a1:65:be:b8:c3:ad:53:38:7e:91:18: f3:e2:55:b1:b7:83:14:71:a0:03:31:9b:0f:cc:fc: cd:d3:a1:28:1a:e0:0e:67:c8:08:83:23:69:ec:bd: b0:87:1a:3b:83:58:4f:a1:68:ad:f3:0c:67:20:ad: 10:fa:99:86:42:e8:1d:b6:e6:e4:12:e5:e8:2d:c1: fb:fc:db:92:8d:62:d4:74:ce:16:8c:93:a0:65:99: 77:b6:ac:11:e4:44:04:0d:4a:3d:ca:47:a6:d6:c8: f2:11:e3:9c:cd:a2:57:97:70:b9:c3:03:f9:43:24: 15:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:B9:B8:FA:BF:F9:46:F1:0A:F7:96:14:90:99:7D:43:91:9C:5B:30 X509v3 Authority Key Identifier: keyid:90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:0a:f3:be:e4:d5:87:9e:32:e1:56:d7:76:5c:75:6c:c3:e6: c3:ac:26:6e:95:99:45:1f:77:40:05:0f:91:43:a2:7a:ec:f9: bb:cf:64:27:7e:0d:f0:ba:d0:fd:40:31:74:8d:ed:d5:19:b1: f7:d4:46:47:f4:5f:fb:b8:51:2d:5e:6f:47:2c:92:82:55:38: 99:e3:e3:41:ff:22:28:b0:b7:1d:53:b5:28:e1:90:25:18:3a: 19:79:5e:c8:af:f5:55:db:9b:b9:61:2b:59:ef:41:c1:7c:7d: c6:99:01:50:e5:6f:1c:13:18:5f:14:d8:fb:ea:d6:05:18:0c: bd:64:fc:71:b2:69:18:70:31:ed:e3:be:39:31:d3:e3:ea:1d: f7:bd:fe:7d:ad:de:c6:31:2d:93:a8:cf:8c:80:80:d9:20:89: fc:63:a4:dd:71:24:bd:85:a2:38:02:ae:36:a8:ff:07:cb:6e: e2:77:50:0c:a1:05:4a:d8:3c:0e:31:15:23:87:f8:24:fc:42: 4f:6f:74:6c:15:50:b0:de:a2:92:80:f7:0d:87:d1:20:dd:39: b7:14:99:87:fb:ed:c5:42:d3:85:f9:87:4e:a0:a7:da:cf:d5: 1a:bd:cd:12:24:4a:c1:0c:a3:ea:2a:d8:19:27:dd:c7:93:a1: 88:da:b6:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0RUQxMTAvBgNVBAUTKDkwOEU3ODkwMzRGMTg0MTVEODc1OUMyNkEzNDZFQjgx MEVGNUE0MTUwHhcNMjUwNzAzMDM0NTI2WhcNMjUwNzEwMDM0NTI2WjAYMRYwFAYD VQQDEw02ODY1ZmNkNy00ZTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA59UnKUat+LlhhUW/KTAxntm9G8UZW9A/5GPoep1B9h+M3BLA5BTiyOtb1CF1 /7KQgyfzmiTr6vgZZ0YUuVoXh5DlWXf/o60E9wV977uvJSyxvaXvD3K2wtlkCSXl MXkfciGXqd1RDcVwsw8SqPEKmtzFng6vLyux5geuG6zMKH5w8Y1MY3MCLsJjoWW+ uMOtUzh+kRjz4lWxt4MUcaADMZsPzPzN06EoGuAOZ8gIgyNp7L2whxo7g1hPoWit 8wxnIK0Q+pmGQugdtubkEuXoLcH7/NuSjWLUdM4WjJOgZZl3tqwR5EQEDUo9ykem 1sjyEeOczaJXl3C5wwP5QyQVfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGS5uPq/ +UbxCveWFJCZfUORnFswMB8GA1UdIwQYMBaAFJCOeJA08YQV2HWcJqNG64EO9aQV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjRFRC9GQTRCMEFDNDBG MzcxMUVFQUI5RDk0NjhDNEY5QUUwMi9rSTU0a0RUeGhCWFlkWndtbzBicmdRNzFw QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tJNTRrRFR4aEJYWWRad21vMGJyZ1E3MXBCVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjRFRC9GQTRCMEFDNDBGMzcxMUVFQUI5RDk0NjhDNEY5QUUwMi9rSTU0a0RUeGhC WFlkWndtbzBicmdRNzFwQlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApCvO+5NWHnjLhVtd2XHVsw+bDrCZulZlFH3dABQ+RQ6J67Pm7z2Qn fg3wutD9QDF0je3VGbH31EZH9F/7uFEtXm9HLJKCVTiZ4+NB/yIosLcdU7Uo4ZAl GDoZeV7Ir/VV25u5YStZ70HBfH3GmQFQ5W8cExhfFNj76tYFGAy9ZPxxsmkYcDHt 4745MdPj6h33vf59rd7GMS2TqM+MgIDZIIn8Y6TdcSS9haI4Aq42qP8Hy27id1AM oQVK2DwOMRUjh/gk/EJPb3RsFVCw3qKSgPcNh9Eg3Tm3FJmH++3FQtOF+YdOoKfa z9Uavc0SJErBDKPqKtgZJ93Hk6GI2rZ2 -----END CERTIFICATE-----Generated at Thu Jul 3 21:47:43 2025 by rpki-client