$ rpki-client -vvf rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.mft File: r3H1sWeV-bfPKyRYSAd-EWhbpvA.mft (raw, json) Hash identifier: +I5KlpY6P+q/F3ilI+U/HxjApvF7kEXQ0OgqCNUChVk= Subject key identifier: 2B:82:65:64:FF:C6:4F:78:A7:CF:FB:AE:50:58:CC:84:14:A3:8A:8E Authority key identifier: AF:71:F5:B1:67:95:F9:B7:CF:2B:24:58:48:07:7E:11:68:5B:A6:F0 Certificate issuer: /CN=A9127686/serialNumber=AF71F5B16795F9B7CF2B245848077E11685BA6F0 Certificate serial: 04C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3H1sWeV-bfPKyRYSAd-EWhbpvA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.mft Manifest number: 04C0 Signing time: Tue 01 Jul 2025 00:22:00 +0000 Manifest this update: Tue 01 Jul 2025 00:21:59 +0000 Manifest next update: Tue 08 Jul 2025 00:21:59 +0000 Files and hashes: 1: r3H1sWeV-bfPKyRYSAd-EWhbpvA.crl (hash: k0OBPKCtcYwYFZ60XYqovbZGmAiNl9F8ZPQaJWYCLDY=) 2: 54BBE48A304411EC830F8610C4F9AE02.roa (hash: ES0KtplnGhM27Vh/hroAKpFu+jIJhHlyayZgnN5P/Xk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.crl rsync://rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3H1sWeV-bfPKyRYSAd-EWhbpvA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:21:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1221 (0x4c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127686, serialNumber=AF71F5B16795F9B7CF2B245848077E11685BA6F0 Validity Not Before: Jul 1 00:21:59 2025 GMT Not After : Jul 8 00:21:59 2025 GMT Subject: CN=68632a28-1c55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:df:f5:d3:65:5c:42:35:3c:9a:49:7d:56:ae: bf:ee:0f:81:cc:bf:a0:67:97:ba:fe:0d:d8:1e:84: 9b:b2:85:3e:cf:4a:20:12:d7:46:49:6e:f6:30:01: ec:a1:11:91:ac:3e:09:67:b5:5a:1d:80:89:ee:2a: 38:96:28:89:e7:03:c6:9b:c4:89:b5:fe:4b:5c:12: 16:03:82:53:22:f1:30:51:21:e0:a5:f3:80:33:ee: da:55:f1:9c:5e:2b:04:3f:6b:46:1a:6c:48:c6:37: 55:70:bc:1e:f9:ba:4a:49:2c:68:8b:30:42:7a:c1: 47:2f:05:d6:08:62:08:b8:c1:15:30:8b:3b:c4:7c: de:61:61:71:4f:a3:d7:e6:b5:b0:19:61:54:52:39: 22:bc:74:d9:fa:c1:2d:1a:b4:70:88:9c:34:dd:f6: 66:fa:cb:3c:1f:86:f0:28:4d:af:a8:98:84:a3:f3: bf:d5:ad:5a:87:31:ed:61:ef:a8:37:db:aa:1a:36: f8:d6:23:9e:3c:48:97:9e:0e:c6:6c:e5:bc:1d:85: 32:12:f0:66:e9:aa:d0:ed:7d:d1:4c:6d:3a:f7:68: ce:8c:66:f1:5b:31:42:93:97:1d:f9:8c:cd:ae:da: bb:62:89:79:26:7b:40:09:6a:db:0a:93:b2:6d:6e: 06:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:82:65:64:FF:C6:4F:78:A7:CF:FB:AE:50:58:CC:84:14:A3:8A:8E X509v3 Authority Key Identifier: keyid:AF:71:F5:B1:67:95:F9:B7:CF:2B:24:58:48:07:7E:11:68:5B:A6:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3H1sWeV-bfPKyRYSAd-EWhbpvA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127686/C74B1FFE304211ECAF185A10C4F9AE02/r3H1sWeV-bfPKyRYSAd-EWhbpvA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:04:f2:8c:da:4d:0a:e7:c4:fe:5c:92:d4:63:a3:70:f9:80: f7:ab:42:47:62:ae:57:b4:4f:58:24:07:70:72:ed:5b:47:fc: 88:ed:13:59:c3:8a:16:a4:19:25:83:09:5b:60:82:4b:32:d6: fc:c4:9e:bb:59:d0:57:36:c3:01:e4:b3:e2:d7:b9:ac:31:02: 3d:79:fe:07:68:40:2b:a3:c0:1c:bc:a7:57:a1:f5:4b:61:d7: b1:fd:4a:cb:dd:52:00:9a:99:a4:75:26:26:2d:78:27:88:3b: b8:3e:df:47:5f:9f:87:51:be:b7:17:fb:3d:56:1b:7a:6d:d8: 31:5e:97:ce:ac:d6:a8:06:c6:b1:48:f8:c0:58:c0:fd:cf:6b: 22:23:4c:46:b1:2c:90:d4:74:ef:34:69:3c:aa:b1:f5:c0:dc: 64:8e:4e:ac:3d:ce:10:5d:a3:cb:e5:8c:54:67:28:f1:26:dd: 99:ff:5d:2e:0d:23:cf:2e:7a:45:87:1c:f4:76:47:21:7f:9b: f1:9e:d1:86:05:71:8d:c8:c7:bc:69:79:d6:d6:bc:87:66:5d: 24:ac:71:23:68:a7:27:85:fb:24:ab:0f:17:3d:6d:a0:6b:e4: 3c:3b:d8:7e:31:f5:d6:50:2c:04:1d:b4:39:43:07:e7:fb:c3: b0:74:a4:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc2ODYxMTAvBgNVBAUTKEFGNzFGNUIxNjc5NUY5QjdDRjJCMjQ1ODQ4MDc3RTEx Njg1QkE2RjAwHhcNMjUwNzAxMDAyMTU5WhcNMjUwNzA4MDAyMTU5WjAYMRYwFAYD VQQDEw02ODYzMmEyOC0xYzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvd/102VcQjU8mkl9Vq6/7g+BzL+gZ5e6/g3YHoSbsoU+z0ogEtdGSW72MAHs oRGRrD4JZ7VaHYCJ7io4liiJ5wPGm8SJtf5LXBIWA4JTIvEwUSHgpfOAM+7aVfGc XisEP2tGGmxIxjdVcLwe+bpKSSxoizBCesFHLwXWCGIIuMEVMIs7xHzeYWFxT6PX 5rWwGWFUUjkivHTZ+sEtGrRwiJw03fZm+ss8H4bwKE2vqJiEo/O/1a1ahzHtYe+o N9uqGjb41iOePEiXng7GbOW8HYUyEvBm6arQ7X3RTG0692jOjGbxWzFCk5cd+YzN rtq7Yol5JntACWrbCpOybW4G1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCuCZWT/ xk94p8/7rlBYzIQUo4qOMB8GA1UdIwQYMBaAFK9x9bFnlfm3zyskWEgHfhFoW6bw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzY4Ni9DNzRCMUZGRTMw NDIxMUVDQUYxODVBMTBDNEY5QUUwMi9yM0gxc1dlVi1iZlBLeVJZU0FkLUVXaGJw dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IzSDFzV2VWLWJmUEt5UllTQWQtRVdoYnB2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzY4Ni9DNzRCMUZGRTMwNDIxMUVDQUYxODVBMTBDNEY5QUUwMi9yM0gxc1dlVi1i ZlBLeVJZU0FkLUVXaGJwdkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbBPKM2k0K58T+XJLUY6Nw+YD3q0JHYq5XtE9YJAdwcu1bR/yI7RNZ w4oWpBklgwlbYIJLMtb8xJ67WdBXNsMB5LPi17msMQI9ef4HaEAro8AcvKdXofVL Ydex/UrL3VIAmpmkdSYmLXgniDu4Pt9HX5+HUb63F/s9Vht6bdgxXpfOrNaoBsax SPjAWMD9z2siI0xGsSyQ1HTvNGk8qrH1wNxkjk6sPc4QXaPL5YxUZyjxJt2Z/10u DSPPLnpFhxz0dkchf5vxntGGBXGNyMe8aXnW1ryHZl0krHEjaKcnhfskqw8XPW2g a+Q8O9h+MfXWUCwEHbQ5Qwfn+8OwdKS0 -----END CERTIFICATE-----Generated at Thu Jul 3 01:01:18 2025 by rpki-client