$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft File: dmXig10WAIXjHsJFIi1LL35IRAk.mft (raw, json) Hash identifier: 385sHylO4ctyBdUfAnKTX/wov3uz82/zt86gf6PDQto= Subject key identifier: B2:7F:14:6A:99:01:A1:BD:CF:02:B2:4F:98:F7:05:7A:46:EF:DA:A0 Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft Manifest number: 1C Signing time: Tue 01 Jul 2025 08:44:00 +0000 Manifest this update: Tue 01 Jul 2025 08:44:00 +0000 Manifest next update: Tue 08 Jul 2025 08:44:00 +0000 Files and hashes: 1: dmXig10WAIXjHsJFIi1LL35IRAk.crl (hash: 256h9yN8T92OZyuIVOjYK/vZgniFZ3w0KtcUIRZ8A4w=) 2: CAE10F4030E111F09B76D311C4F9AE02.roa (hash: 4EnYQ2VSNQD0o3dL265fkKkyLcx5j9mcOc/dYLCsIwo=) 3: 570B12E0562611F09F085F44C4F9AE02.roa (hash: CaHNy+5XgMUOPof5CFjhIu8D1eRPSffz8Arg3q0Y77U=) 4: CA5B991430E111F09B76D311C4F9AE02.roa (hash: KDnCMQ2nRjU0Va+lifX6vSdvj7g5AOqm8qx3ZCAL398=) 5: CB4E186A30E111F09B76D311C4F9AE02.roa (hash: xPkqxoVSxyXeKSaq5jtn4/m5jr8BJckiAgNe5WWb60U=) 6: CC3E7A3A30E111F09B76D311C4F9AE02.roa (hash: qvmxAIblo8LoVtJQCEVB0mOCUBhb2PQ/53hCphSqwWE=) 7: CBDD09E430E111F09B76D311C4F9AE02.roa (hash: fV/0Vo51myrGthfe3wjSyvx/kYCAyZZZpPfFqvBV/w4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:24:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Validity Not Before: Jul 1 08:44:00 2025 GMT Not After : Jul 8 08:44:00 2025 GMT Subject: CN=68639fd0-35fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e5:5e:d9:ec:c6:9e:fc:c3:9e:e8:5e:f1:05: 53:66:12:a2:09:ac:a6:c8:75:82:aa:3e:4a:3a:e2: 59:e2:0b:eb:66:8b:f5:3b:48:82:9a:3f:7b:7d:8c: 87:a1:63:60:c1:a4:28:d9:89:9d:b3:9a:a1:7a:1a: eb:bc:bc:84:d5:b1:94:59:d1:83:d1:ae:c4:8a:b3: 24:1e:de:5c:7f:51:07:17:f0:c9:f9:a0:75:40:96: 2e:e6:bc:ba:63:b1:fe:75:cf:27:04:02:34:10:42: 16:d7:2d:0a:47:8d:67:3d:b4:21:78:95:70:2f:ba: df:e0:f4:f0:4d:a4:ca:0b:08:0e:1f:ec:e9:a3:67: 62:ed:82:a3:64:39:65:eb:74:eb:87:fd:cc:df:54: 91:c6:53:87:3b:86:a1:ed:a3:83:26:9b:b1:05:4b: 3a:ad:a3:fa:95:c2:6c:23:dd:ca:7c:13:78:16:1a: 5d:6d:37:ae:77:59:ba:18:67:d0:04:81:5a:41:2f: ca:28:8f:ff:05:11:bd:ac:4e:a1:e5:5b:f4:71:b0: ef:36:b2:ec:5f:3f:03:c1:79:2d:03:24:0a:be:ed: 1c:40:cd:6d:e0:37:ae:dc:52:4c:b5:72:a3:8e:eb: 1f:a1:e6:57:e7:66:ac:dd:77:83:69:de:e8:95:2c: b9:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:7F:14:6A:99:01:A1:BD:CF:02:B2:4F:98:F7:05:7A:46:EF:DA:A0 X509v3 Authority Key Identifier: keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:bd:21:d1:24:43:c5:05:93:af:4b:be:ca:5d:7d:b9:29:6b: e4:0d:d8:4b:2a:78:0b:49:4f:29:0a:ed:fd:65:43:ef:fd:31: a1:6c:56:cb:da:7f:b4:9e:b9:16:eb:39:de:eb:43:82:d9:74: 11:0b:d2:f0:ec:d9:ca:fc:55:a5:68:e2:83:5c:2c:8f:d4:f5: 77:2d:e1:03:c4:02:cb:b5:bd:dc:88:17:af:e1:35:9b:b5:6a: d5:e0:e6:db:d0:21:bd:28:e5:2c:b4:65:e1:49:28:f5:a9:5b: be:38:fa:84:15:b5:dd:d2:1b:a3:f1:5a:1f:bc:7e:75:59:7b: 69:ff:fb:c9:e0:83:d3:ef:c7:e6:5b:68:1f:03:7b:39:4d:0b: f8:12:8c:1f:64:5d:a7:08:7c:27:d6:26:70:30:52:c8:67:0e: 99:28:4e:f4:2f:79:24:66:22:aa:00:af:5b:b9:b9:8a:89:e5: b3:86:22:1f:de:87:27:70:32:58:46:42:02:f0:37:17:9a:ac: 56:42:a8:f6:88:39:ef:b9:8c:8c:97:8f:12:15:42:0a:ad:55: 7b:e3:d1:0d:6e:2d:30:9e:10:5b:54:82:dc:8e:d6:a0:c0:90: 4e:0c:03:4d:15:6d:66:3e:3b:65:c3:80:0c:fb:d8:7f:e5:3b: 42:b4:cd:3b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3 RTQ4NDQwOTAeFw0yNTA3MDEwODQ0MDBaFw0yNTA3MDgwODQ0MDBaMBgxFjAUBgNV BAMTDTY4NjM5ZmQwLTM1ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDC5V7Z7Mae/MOe6F7xBVNmEqIJrKbIdYKqPko64lniC+tmi/U7SIKaP3t9jIeh Y2DBpCjZiZ2zmqF6Guu8vITVsZRZ0YPRrsSKsyQe3lx/UQcX8Mn5oHVAli7mvLpj sf51zycEAjQQQhbXLQpHjWc9tCF4lXAvut/g9PBNpMoLCA4f7OmjZ2LtgqNkOWXr dOuH/czfVJHGU4c7hqHto4Mmm7EFSzqto/qVwmwj3cp8E3gWGl1tN653WboYZ9AE gVpBL8ooj/8FEb2sTqHlW/RxsO82suxfPwPBeS0DJAq+7RxAzW3gN67cUky1cqOO 6x+h5lfnZqzdd4Np3uiVLLmLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsn8UapkB ob3PArJPmPcFekbv2qAwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE RkM5LzhEMzVFODJFMzAyQzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlY akhzSkZJaTFMTDM1SVJBay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACa9IdEkQ8UFk69Lvspdfbkpa+QN2EsqeAtJTykK7f1lQ+/9MaFsVsva f7SeuRbrOd7rQ4LZdBEL0vDs2cr8VaVo4oNcLI/U9Xct4QPEAsu1vdyIF6/hNZu1 atXg5tvQIb0o5Sy0ZeFJKPWpW744+oQVtd3SG6PxWh+8fnVZe2n/+8ngg9Pvx+Zb aB8DezlNC/gSjB9kXacIfCfWJnAwUshnDpkoTvQveSRmIqoAr1u5uYqJ5bOGIh/e hydwMlhGQgLwNxearFZCqPaIOe+5jIyXjxIVQgqtVXvj0Q1uLTCeEFtUgtyO1qDA kE4MA00VbWY+O2XDgAz72H/lO0K0zTs= -----END CERTIFICATE-----Generated at Tue Jul 1 10:50:55 2025 by rpki-client