$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft File: epYXaVSeCq0Km_mSVoO673M6Lxo.mft (raw, json) Hash identifier: PLLyKJURO89TkqwdrtrlBn07K4JcRZlY4zmXmpna3Bc= Subject key identifier: E0:4C:AB:49:06:0B:6A:F2:05:07:41:26:E7:05:9E:D9:98:91:ED:25 Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Certificate serial: 34F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft Manifest number: 34C8 Signing time: Mon 30 Jun 2025 14:24:36 +0000 Manifest this update: Mon 30 Jun 2025 14:24:35 +0000 Manifest next update: Mon 07 Jul 2025 14:24:35 +0000 Files and hashes: 1: epYXaVSeCq0Km_mSVoO673M6Lxo.crl (hash: v7QCe9M96pivN6u9TpI+QJA68+uDM2PNt4SNGQHxJEs=) 2: A9B6556E064311F0BA61C549C4F9AE02.roa (hash: a++99V+BelZ0iNzzfjfyt9kuXC1AHrcrB38W/RxxJBg=) 3: 1F5CD892C35111EE9D744F36C4F9AE02.roa (hash: jIXmhGTsHnOLM/8Oki3QEi8c2FlMLFZ5ltRb0SYd+ig=) 4: 1A83389CC35211EE8CE04C38C4F9AE02.roa (hash: qt+b79qUZeUfV9aMLkK2Vf0knDB1FC/92rGPVNLCE5Y=) 5: DA202262C34F11EE93BC8317C4F9AE02.roa (hash: MRIxoftDwmp6WRJIoO9F8Xfh6zfeqVoYT85Plhiizjg=) 6: 61A65BF2C35011EE95366E18C4F9AE02.roa (hash: lJX0Rj0D2pXCWqSqPGBLqRXobNJsOmj1xve2tbokkqo=) 7: 1EEE3E0AC35111EE9D744F36C4F9AE02.roa (hash: ucV0kVixfHpuy12BVYVN62sGm8utgsjQ/0NVbfikRis=) 8: A50EE218C34D11EEBC95A913C4F9AE02.roa (hash: 1HeD3vEPTet+037gaAO1k2WACoSTrjT1BrLUthDQvck=) 9: 8C9959CE060A11F08CBBE511C4F9AE02.roa (hash: Y12eqR4kENble50Bxruc9jwO/MdOCmjFkivTDaJk12E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:24:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13560 (0x34f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Validity Not Before: Jun 30 14:24:35 2025 GMT Not After : Jul 7 14:24:35 2025 GMT Subject: CN=68629e23-c337 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4b:19:43:68:9e:ea:8e:d0:5f:99:68:9f:b8: e1:82:b6:a9:a2:ff:62:e1:5b:dd:9e:3e:3d:33:24: 70:71:82:e5:bf:19:8a:a2:b9:92:a2:24:1e:06:c9: cc:8e:63:50:29:2d:72:54:d1:70:d4:6a:a6:9e:20: 0e:99:0b:91:5b:b8:2c:17:63:97:b8:f3:ae:d1:8d: 47:90:06:45:f3:9a:fe:86:42:7f:5b:e1:c5:0a:97: 3a:21:35:c8:83:7e:7d:22:55:4c:a4:35:c1:b9:79: ae:b1:26:1b:a5:4f:73:e8:45:f3:b8:5b:ad:d1:ea: c5:a3:14:f7:10:69:d7:ac:44:70:97:e9:b6:28:1f: 96:43:c1:06:8f:9b:e4:3d:8c:d0:c2:d4:fb:b4:26: 61:59:19:ff:88:be:29:85:66:50:c7:6e:e2:6a:3f: a9:2f:ef:e8:b0:c0:2f:a3:6f:2f:cc:70:46:17:83: e9:60:17:01:8a:31:ec:c0:ed:45:97:61:c8:96:a7: bf:bc:9b:c4:5d:3c:c1:2a:db:52:ab:9d:ea:a4:f1: 9e:b4:54:4d:d6:50:3b:3b:68:66:27:d6:ef:b1:43: 6f:73:73:a7:8e:e7:be:eb:b0:80:a5:c5:80:af:3b: b2:99:b3:b7:62:f6:a7:87:3f:c6:26:ad:4c:e7:fb: 2a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:4C:AB:49:06:0B:6A:F2:05:07:41:26:E7:05:9E:D9:98:91:ED:25 X509v3 Authority Key Identifier: keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:bb:cf:18:48:d9:17:40:bb:6e:3a:f1:26:53:7e:6e:1e:35: 90:f9:85:f1:79:54:35:ed:2d:72:01:9d:06:4b:88:c9:3c:78: 2b:8f:2e:7b:61:b3:07:b1:05:e0:4b:16:d9:4e:79:f2:7d:bd: 9b:28:92:4c:59:b9:f0:5a:a4:0e:d6:ba:68:7c:bd:5f:aa:8f: da:a1:22:94:cd:b5:50:a0:41:8d:3d:25:eb:04:57:ff:20:fd: f9:fd:ec:b9:c6:1e:b1:65:42:c2:07:2a:22:57:95:b5:cd:20: 0f:63:d4:b5:76:f4:71:ea:6b:05:14:3b:39:14:ba:91:b7:a7: 3d:d9:98:33:14:4c:e5:55:e4:94:3c:bb:c4:72:70:0c:6d:bf: f1:3a:75:69:ce:93:c6:46:27:c9:d6:bb:2a:c5:cd:58:fb:0b: 75:a9:6f:0d:08:f0:c0:b7:c3:dd:b3:90:bb:20:d0:98:78:76: 05:70:8a:67:c0:ba:4a:f5:d9:a9:0b:f9:a7:34:82:7c:f5:24: 89:11:b7:5c:70:ea:fe:5e:c0:fb:f3:0c:db:69:a3:00:bc:14: 26:6d:29:e4:2c:fc:99:30:9b:61:43:e9:ce:ef:86:f3:cf:71: c8:51:e5:f5:05:43:20:ce:e1:4f:2b:14:b5:67:66:d6:46:af: 3b:b6:fc:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG NzMzQTJGMUEwHhcNMjUwNjMwMTQyNDM1WhcNMjUwNzA3MTQyNDM1WjAYMRYwFAYD VQQDEw02ODYyOWUyMy1jMzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuEsZQ2ie6o7QX5lon7jhgrapov9i4Vvdnj49MyRwcYLlvxmKormSoiQeBsnM jmNQKS1yVNFw1GqmniAOmQuRW7gsF2OXuPOu0Y1HkAZF85r+hkJ/W+HFCpc6ITXI g359IlVMpDXBuXmusSYbpU9z6EXzuFut0erFoxT3EGnXrERwl+m2KB+WQ8EGj5vk PYzQwtT7tCZhWRn/iL4phWZQx27iaj+pL+/osMAvo28vzHBGF4PpYBcBijHswO1F l2HIlqe/vJvEXTzBKttSq53qpPGetFRN1lA7O2hmJ9bvsUNvc3Onjue+67CApcWA rzuymbO3Yvanhz/GJq1M5/sqfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOBMq0kG C2ryBQdBJucFntmYke0lMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzVCMC80MEM4RDVBNjFEODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNx MEttX21TVm9PNjczTTZMeG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdu88YSNkXQLtuOvEmU35uHjWQ+YXxeVQ17S1yAZ0GS4jJPHgrjy57 YbMHsQXgSxbZTnnyfb2bKJJMWbnwWqQO1rpofL1fqo/aoSKUzbVQoEGNPSXrBFf/ IP35/ey5xh6xZULCByoiV5W1zSAPY9S1dvRx6msFFDs5FLqRt6c92ZgzFEzlVeSU PLvEcnAMbb/xOnVpzpPGRifJ1rsqxc1Y+wt1qW8NCPDAt8Pds5C7INCYeHYFcIpn wLpK9dmpC/mnNIJ89SSJEbdccOr+XsD78wzbaaMAvBQmbSnkLPyZMJthQ+nO74bz z3HIUeX1BUMgzuFPKxS1Z2bWRq87tvw1 -----END CERTIFICATE-----Generated at Tue Jul 1 05:41:55 2025 by rpki-client