$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft File: 5D3SMzFr8OKboG0g3sJdtMwRbgg.mft (raw, json) Hash identifier: 01Mi/AcYkZ0gCL35joRmwTIslLFsfmWRGuCn/xq5D5o= Subject key identifier: D3:1A:7D:36:41:27:2F:89:6A:42:6F:5D:0D:BE:55:F0:01:5B:3C:98 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 04CD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft Manifest number: 04C2 Signing time: Thu 03 Jul 2025 00:11:58 +0000 Manifest this update: Thu 03 Jul 2025 00:11:57 +0000 Manifest next update: Thu 10 Jul 2025 00:11:57 +0000 Files and hashes: 1: 5D3SMzFr8OKboG0g3sJdtMwRbgg.crl (hash: ZTcfsJ5j1x/aXqNKvX+3uXFAs9kJR6tVBzSERquMqd8=) 2: 3A2A80AE3C8311ECA86D031EC4F9AE02.roa (hash: aUDrwRtGsUzrY00Rmj3XgznPDP2fmFZxHTp5GIqGdmE=) 3: ECC109EA3C8811EC889B9D78C4F9AE02.roa (hash: qsT6gdrcrYiz10awZz/5+uahx1IUYSEl585Lltn+07o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:11:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1229 (0x4cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1, serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Validity Not Before: Jul 3 00:11:57 2025 GMT Not After : Jul 10 00:11:57 2025 GMT Subject: CN=6865cacd-2dce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e9:1c:3c:25:9b:85:8d:39:45:69:ca:99:bd: 04:95:6e:4c:7f:b8:83:ff:1c:71:ee:67:b2:be:5c: 08:43:37:60:b7:53:42:f5:39:bb:2e:a2:c9:7c:73: 92:34:05:56:30:0c:d2:6f:09:67:33:74:f4:fd:ac: 0f:48:ca:7f:f2:39:25:d0:fb:4e:88:49:19:cc:b9: 89:c6:24:01:9f:40:3d:1a:b9:a5:cf:59:ae:5c:96: 9b:93:a4:7f:0c:16:ea:1d:36:40:51:ef:24:a2:76: 7c:d4:0e:62:9c:a4:50:84:5f:68:44:e6:d0:9d:b5: 35:be:73:e3:69:88:1f:ea:8a:7a:01:88:7d:cb:6c: 24:85:9b:a9:ca:47:c9:a8:36:01:b6:a6:16:f1:51: 71:bb:df:57:aa:46:1b:0a:20:af:68:5e:34:31:fa: a1:59:11:dd:8f:d1:53:bf:28:a7:9a:e6:f2:77:6e: 7e:79:6e:95:9b:11:02:25:63:d8:aa:85:3d:6b:39: 04:6d:54:e8:f8:db:9e:f2:f7:69:45:1b:33:a4:4d: a5:99:09:c1:9e:ad:b3:4a:b7:5a:81:84:66:c8:5d: 4a:19:8d:48:53:45:56:61:71:1e:61:f8:e5:da:33: 56:fc:46:c0:0a:ab:cb:fa:a7:a4:ae:0b:22:32:99: 19:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:1A:7D:36:41:27:2F:89:6A:42:6F:5D:0D:BE:55:F0:01:5B:3C:98 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:3a:f4:18:12:54:79:6c:35:14:f2:0b:37:2b:ec:3d:bf:dd: a1:41:88:62:de:76:ad:75:4b:10:7a:28:4e:a5:94:d1:2e:a9: 02:6e:cb:d5:d0:5e:15:6a:66:1d:c0:07:0b:84:d1:d7:ea:f7: 21:15:34:c5:8c:af:50:36:d2:4e:4b:49:58:99:70:72:32:22: 53:48:3e:77:2d:a6:3b:bf:be:c2:cd:6e:06:2f:6a:f2:a6:a7: e3:01:df:81:b6:ba:49:d2:b7:60:e8:db:c4:13:50:b1:56:d3: 6b:52:30:0f:43:82:ac:c0:98:5f:b2:29:2b:bf:75:c2:d2:7a: ce:57:1f:11:2e:ab:64:9a:93:f9:de:87:b0:90:cb:b4:72:9c: fd:e6:c9:05:3a:99:f6:fe:e3:95:b7:1e:28:9c:a3:ef:7d:75: 34:6f:0b:8e:72:6f:dc:f2:ef:20:2a:75:aa:be:ee:98:7b:c0: 4c:64:b8:2f:51:8e:49:39:a0:8b:46:d0:f0:2e:a4:5e:85:31: a2:4a:06:aa:07:c2:58:28:c3:cb:cc:9f:f0:97:8e:f3:fd:c7: 04:3d:8c:f2:40:10:79:d9:4d:1a:1d:63:0e:93:35:41:c8:4f: 4c:e0:d9:95:ae:2f:85:9d:9d:43:6c:3b:81:06:e5:4c:2d:59: eb:02:a1:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjUwNzAzMDAxMTU3WhcNMjUwNzEwMDAxMTU3WjAYMRYwFAYD VQQDEw02ODY1Y2FjZC0yZGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtOkcPCWbhY05RWnKmb0ElW5Mf7iD/xxx7meyvlwIQzdgt1NC9Tm7LqLJfHOS NAVWMAzSbwlnM3T0/awPSMp/8jkl0PtOiEkZzLmJxiQBn0A9Grmlz1muXJabk6R/ DBbqHTZAUe8konZ81A5inKRQhF9oRObQnbU1vnPjaYgf6op6AYh9y2wkhZupykfJ qDYBtqYW8VFxu99XqkYbCiCvaF40MfqhWRHdj9FTvyinmubyd25+eW6VmxECJWPY qoU9azkEbVTo+Nue8vdpRRszpE2lmQnBnq2zSrdagYRmyF1KGY1IU0VWYXEeYfjl 2jNW/EbACqvL+qekrgsiMpkZ2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNMafTZB Jy+JakJvXQ2+VfABWzyYMB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEFDMS8zRTlBNEFFMDMwOTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhP S2JvRzBnM3NKZHRNd1JiZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6OvQYElR5bDUU8gs3K+w9v92hQYhi3natdUsQeihOpZTRLqkCbsvV 0F4VamYdwAcLhNHX6vchFTTFjK9QNtJOS0lYmXByMiJTSD53LaY7v77CzW4GL2ry pqfjAd+BtrpJ0rdg6NvEE1CxVtNrUjAPQ4KswJhfsikrv3XC0nrOVx8RLqtkmpP5 3oewkMu0cpz95skFOpn2/uOVtx4onKPvfXU0bwuOcm/c8u8gKnWqvu6Ye8BMZLgv UY5JOaCLRtDwLqRehTGiSgaqB8JYKMPLzJ/wl47z/ccEPYzyQBB52U0aHWMOkzVB yE9M4NmVri+FnZ1DbDuBBuVMLVnrAqGR -----END CERTIFICATE-----Generated at Thu Jul 3 23:19:24 2025 by rpki-client