$ rpki-client -vvf rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.mft File: _Ern2eP0GafSBKVMedHz76mn1sg.mft (raw, json) Hash identifier: 1Jhza+fP0SCf/uN7j56D5jAiHvt5YUM4vpUBN4/D6V0= Subject key identifier: D6:29:D7:A9:78:F6:FB:05:D3:B2:BF:46:4F:D9:5D:4B:40:42:77:0B Authority key identifier: FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8 Certificate issuer: /CN=A91262F0/serialNumber=FC4AE7D9E3F419A7D204A54C79D1F3EFA9A7D6C8 Certificate serial: 01C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.mft Manifest number: 01C2 Signing time: Tue 01 Jul 2025 03:22:40 +0000 Manifest this update: Tue 01 Jul 2025 03:22:40 +0000 Manifest next update: Tue 08 Jul 2025 03:22:40 +0000 Files and hashes: 1: _Ern2eP0GafSBKVMedHz76mn1sg.crl (hash: kLwJIm+B9bDCG6o/aWKEo7a3q5OmE36BLFkj4ZAqP4M=) 2: 8E412748A33311EDA2CB2420C4F9AE02.roa (hash: VYee2tDfZOJDgRSyvh9847Isyru0Slu6wYlhlW9JZCM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.crl rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:22:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 455 (0x1c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91262F0, serialNumber=FC4AE7D9E3F419A7D204A54C79D1F3EFA9A7D6C8 Validity Not Before: Jul 1 03:22:40 2025 GMT Not After : Jul 8 03:22:40 2025 GMT Subject: CN=68635480-c340 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:77:32:79:59:2c:ce:ae:4d:67:b4:8e:8e:9b: 29:94:5d:cc:91:14:5c:b3:1f:77:ee:25:7c:d0:b1: 51:ec:9c:30:05:09:73:ed:c3:00:37:34:06:af:a6: b9:8b:5f:f6:0f:6a:e0:ab:f3:25:45:4b:62:5c:74: 71:7d:57:45:5b:55:ba:35:47:5e:d9:b0:14:e4:a6: 95:2d:3a:ad:b4:4f:18:9c:37:22:6f:df:e3:e7:b3: c5:2f:d4:37:6e:18:07:af:0f:08:05:24:e6:ef:dd: 03:aa:dc:ce:c7:59:26:fc:da:a9:75:74:94:a5:6c: dc:d4:46:e0:36:6a:ad:8a:60:9c:4f:56:a0:01:fc: 85:17:54:92:27:b2:6a:19:39:b1:2a:b3:23:7c:28: 40:30:0a:0b:69:e5:40:92:e8:32:e0:cf:f1:66:a8: 1b:15:2b:db:4e:89:32:9d:f8:9e:04:35:f4:2d:48: 83:f3:e9:0c:d2:88:00:b4:b2:6f:f5:bd:84:19:f9: ef:60:bd:7c:dd:f6:61:35:38:a5:12:0c:41:82:7a: 21:a9:c9:52:d4:0c:8b:18:77:3e:c2:e0:b0:90:9e: 25:27:14:6a:17:af:82:15:69:fb:0c:3c:58:f6:1b: 35:ac:11:bd:01:23:a7:d1:75:c1:90:d6:10:1e:9a: 14:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:29:D7:A9:78:F6:FB:05:D3:B2:BF:46:4F:D9:5D:4B:40:42:77:0B X509v3 Authority Key Identifier: keyid:FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:07:cb:96:25:19:05:98:58:5c:41:00:18:27:65:a7:97:f4: c2:b0:ca:49:28:88:4a:01:dd:27:9b:46:0d:c8:7e:07:38:d6: 00:bc:78:bf:ac:a6:16:3d:47:55:95:c7:1f:ed:04:7d:dd:f7: c9:b9:0e:4b:45:66:f8:ee:76:96:5f:ea:3e:ad:45:8e:aa:c6: 13:57:65:d5:b7:85:95:9a:6e:6e:94:d9:32:f2:f7:2d:cf:fb: 09:38:54:40:5b:86:c7:62:26:ab:40:b7:78:f5:71:cd:d8:dd: bd:d4:55:f4:ab:bd:3e:b6:7a:21:6b:3b:15:2a:ec:23:21:0f: 00:ad:a3:7f:1c:c5:9f:27:f2:db:1d:7e:b6:18:af:65:1b:19: 53:0e:65:ce:d8:a5:90:a1:3c:75:ce:ec:15:f2:4b:53:fb:50: b9:4b:b3:17:ea:b7:f8:23:9a:7b:00:4b:70:ee:b3:44:3c:d7: fd:51:81:aa:f9:4d:22:9d:5b:ed:3b:d2:9a:89:c3:89:38:cb: 09:94:eb:6c:a4:1d:94:6b:22:e6:77:39:18:68:c7:10:6f:6f: 25:16:3a:6d:28:70:e8:bb:e3:25:7d:fc:e2:d0:99:fe:ac:78: f0:4f:08:d5:a4:80:c7:ab:71:80:2f:77:f4:e3:f2:3a:77:ec: 76:c5:7e:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjYyRjAxMTAvBgNVBAUTKEZDNEFFN0Q5RTNGNDE5QTdEMjA0QTU0Qzc5RDFGM0VG QTlBN0Q2QzgwHhcNMjUwNzAxMDMyMjQwWhcNMjUwNzA4MDMyMjQwWjAYMRYwFAYD VQQDEw02ODYzNTQ4MC1jMzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu3cyeVkszq5NZ7SOjpsplF3MkRRcsx937iV80LFR7JwwBQlz7cMANzQGr6a5 i1/2D2rgq/MlRUtiXHRxfVdFW1W6NUde2bAU5KaVLTqttE8YnDcib9/j57PFL9Q3 bhgHrw8IBSTm790DqtzOx1km/NqpdXSUpWzc1EbgNmqtimCcT1agAfyFF1SSJ7Jq GTmxKrMjfChAMAoLaeVAkugy4M/xZqgbFSvbTokynfieBDX0LUiD8+kM0ogAtLJv 9b2EGfnvYL183fZhNTilEgxBgnohqclS1AyLGHc+wuCwkJ4lJxRqF6+CFWn7DDxY 9hs1rBG9ASOn0XXBkNYQHpoUMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNYp16l4 9vsF07K/Rk/ZXUtAQncLMB8GA1UdIwQYMBaAFPxK59nj9Bmn0gSlTHnR8++pp9bI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJGMC8zM0FEMEE2MkEz MEMxMUVEQjMzODhDMENDNEY5QUUwMi9fRXJuMmVQMEdhZlNCS1ZNZWRIejc2bW4x c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19Fcm4yZVAwR2FmU0JLVk1lZEh6NzZtbjFzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NjJGMC8zM0FEMEE2MkEzMEMxMUVEQjMzODhDMENDNEY5QUUwMi9fRXJuMmVQMEdh ZlNCS1ZNZWRIejc2bW4xc2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+B8uWJRkFmFhcQQAYJ2Wnl/TCsMpJKIhKAd0nm0YNyH4HONYAvHi/ rKYWPUdVlccf7QR93ffJuQ5LRWb47naWX+o+rUWOqsYTV2XVt4WVmm5ulNky8vct z/sJOFRAW4bHYiarQLd49XHN2N291FX0q70+tnohazsVKuwjIQ8AraN/HMWfJ/Lb HX62GK9lGxlTDmXO2KWQoTx1zuwV8ktT+1C5S7MX6rf4I5p7AEtw7rNEPNf9UYGq +U0inVvtO9KaicOJOMsJlOtspB2UayLmdzkYaMcQb28lFjptKHDou+Mlffzi0Jn+ rHjwTwjVpIDHq3GAL3f04/I6d+x2xX69 -----END CERTIFICATE-----Generated at Tue Jul 1 08:57:17 2025 by rpki-client