$ rpki-client -vvf rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft File: 0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft (raw, json) Hash identifier: /APlG6+HherdwRDFjWfzzGKv+7MVMMXKKfh2Fikg6Dc= Subject key identifier: 38:8A:40:DC:0D:C9:16:39:E7:B4:42:38:66:AC:6B:1F:A5:79:CD:8C Authority key identifier: D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD Certificate issuer: /CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD Certificate serial: 0B43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft Manifest number: 0B3A Signing time: Wed 02 Jul 2025 19:22:53 +0000 Manifest this update: Wed 02 Jul 2025 19:22:53 +0000 Manifest next update: Wed 09 Jul 2025 19:22:53 +0000 Files and hashes: 1: 0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl (hash: ft9Vlexl69SG2mIfS0zCxXfAN2oBgzRLO5joQzpO+DY=) 2: CD145D246E4E11EDBE02B065C4F9AE02.roa (hash: zSM1B8wSUB+mHKY/5kPPrFTVt9OokOjyYR65igDrdV4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:22:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2883 (0xb43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122219, serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD Validity Not Before: Jul 2 19:22:53 2025 GMT Not After : Jul 9 19:22:53 2025 GMT Subject: CN=6865870d-0cdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:28:24:be:8f:e9:50:36:c4:21:0f:91:03:5f: 1c:13:52:99:a2:b5:5a:71:90:ee:5b:03:f5:b4:92: f1:95:f5:0a:d1:6f:10:64:48:a0:c6:ec:10:65:b3: 3c:83:72:2c:de:20:4a:ac:93:d4:c0:c3:93:b8:91: d0:e7:91:a6:b1:96:69:8b:47:aa:af:9a:ed:89:df: b1:25:76:b3:36:64:3c:43:47:4e:a1:cc:90:04:77: 99:db:c0:ae:0c:0b:1a:06:51:44:07:85:97:d3:fa: e9:f9:a0:52:8e:c3:16:45:47:7b:97:bc:d4:2c:ee: 7f:6a:bb:0c:c5:88:29:4b:8c:93:31:7b:43:fe:a5: 1d:c9:b9:f6:1a:20:7d:b4:88:f6:97:3d:53:8f:44: a9:d2:f6:f0:94:80:4e:95:02:cf:4f:47:50:31:f0: a0:e4:50:4b:c2:8a:6c:80:c5:f1:88:31:84:67:5b: 6c:ba:b4:4b:58:55:46:20:15:22:4b:db:31:39:1f: 36:c2:9f:2c:91:e6:9c:ea:9b:d7:bf:44:b9:d2:a9: 17:56:b3:b4:a3:fd:f2:6b:8e:2f:8b:86:d1:32:02: 80:30:7e:e4:09:60:04:f2:09:00:76:af:f3:b6:bc: 80:0f:21:bc:3f:9c:7f:c8:72:72:e0:77:c4:bf:af: dc:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:8A:40:DC:0D:C9:16:39:E7:B4:42:38:66:AC:6B:1F:A5:79:CD:8C X509v3 Authority Key Identifier: keyid:D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:f2:2c:80:7d:7d:1d:fe:ae:10:85:ac:0f:ca:5a:49:53:7f: a5:fe:3a:23:50:a2:c7:7d:0b:b8:c2:2b:ac:05:ef:58:28:1b: ff:89:90:86:37:dd:36:a6:33:98:8c:89:be:df:a6:e0:f2:16: e6:32:a7:56:e1:78:3f:4a:3c:a7:84:09:44:0a:02:90:14:85: 77:ac:00:41:72:f4:56:56:88:a8:18:33:bd:df:28:d3:33:01: 53:e9:c4:10:a4:8b:90:68:b7:1f:79:aa:f6:cb:93:43:09:66: 48:9b:d5:b1:08:a8:5b:6f:67:f9:ec:97:9e:59:58:4d:43:da: 1f:97:8d:83:51:9a:48:df:4a:1e:a1:11:d5:2b:f7:51:a7:3f: af:81:e8:c1:73:cf:6e:1e:63:26:56:8c:58:87:7a:05:b7:27: 03:3d:40:63:53:ec:66:9f:94:00:0a:61:d1:b0:af:4e:43:b8: bc:3a:a0:0e:93:60:3d:65:df:36:b7:8a:79:a3:42:e7:cf:b4: 73:06:5b:a7:e8:7e:1a:47:52:d9:b9:75:ff:1d:ab:83:be:b5: 07:d3:89:5a:5e:29:35:0c:6e:05:38:a2:bb:a9:49:63:a1:0e: 7f:91:63:2d:11:01:8e:18:93:51:ce:24:29:c1:c4:48:87:00: 79:b1:16:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjIyMTkxMTAvBgNVBAUTKEQwRDJGNDVBNDZEMjY3NjYwMTRCNzg2MDE5QTA5QTgz MzQ4NzNEQUQwHhcNMjUwNzAyMTkyMjUzWhcNMjUwNzA5MTkyMjUzWjAYMRYwFAYD VQQDEw02ODY1ODcwZC0wY2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqSgkvo/pUDbEIQ+RA18cE1KZorVacZDuWwP1tJLxlfUK0W8QZEigxuwQZbM8 g3Is3iBKrJPUwMOTuJHQ55GmsZZpi0eqr5rtid+xJXazNmQ8Q0dOocyQBHeZ28Cu DAsaBlFEB4WX0/rp+aBSjsMWRUd7l7zULO5/arsMxYgpS4yTMXtD/qUdybn2GiB9 tIj2lz1Tj0Sp0vbwlIBOlQLPT0dQMfCg5FBLwopsgMXxiDGEZ1tsurRLWFVGIBUi S9sxOR82wp8skeac6pvXv0S50qkXVrO0o/3ya44vi4bRMgKAMH7kCWAE8gkAdq/z tryADyG8P5x/yHJy4HfEv6/c/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDiKQNwN yRY557RCOGasax+lec2MMB8GA1UdIwQYMBaAFNDS9FpG0mdmAUt4YBmgmoM0hz2t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjIxOS84MkZFODlDQzND MzcxMUVBODczRTE0NjBDNEY5QUUwMi8wTkwwV2tiU1oyWUJTM2hnR2FDYWd6U0hQ YTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBOTDBXa2JTWjJZQlMzaGdHYUNhZ3pTSFBhMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MjIxOS84MkZFODlDQzNDMzcxMUVBODczRTE0NjBDNEY5QUUwMi8wTkwwV2tiU1oy WUJTM2hnR2FDYWd6U0hQYTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCS8iyAfX0d/q4QhawPylpJU3+l/jojUKLHfQu4wiusBe9YKBv/iZCG N902pjOYjIm+36bg8hbmMqdW4Xg/SjynhAlECgKQFIV3rABBcvRWVoioGDO93yjT MwFT6cQQpIuQaLcfear2y5NDCWZIm9WxCKhbb2f57JeeWVhNQ9ofl42DUZpI30oe oRHVK/dRpz+vgejBc89uHmMmVoxYh3oFtycDPUBjU+xmn5QACmHRsK9OQ7i8OqAO k2A9Zd82t4p5o0Lnz7RzBlun6H4aR1LZuXX/HauDvrUH04laXik1DG4FOKK7qUlj oQ5/kWMtEQGOGJNRziQpwcRIhwB5sRYk -----END CERTIFICATE-----Generated at Wed Jul 2 23:29:06 2025 by rpki-client