$ rpki-client -vvf rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft File: DDegHLYzYjRPtzlnYP2U2cm5fHo.mft (raw, json) Hash identifier: THP4mPmRpIGRWUKdNoW3plheXrQUk+QkTrUP+SLk28A= Subject key identifier: 3B:38:D4:2A:30:F4:5B:3C:16:B4:A7:41:35:10:F2:E1:B1:C2:81:A5 Authority key identifier: 0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A Certificate issuer: /CN=A912B64D/serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Certificate serial: 015A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft Manifest number: 0158 Signing time: Tue 01 Jul 2025 04:31:29 +0000 Manifest this update: Tue 01 Jul 2025 04:31:28 +0000 Manifest next update: Tue 08 Jul 2025 04:31:28 +0000 Files and hashes: 1: DDegHLYzYjRPtzlnYP2U2cm5fHo.crl (hash: 2YsIs3ywCOfGZtbnMcXhHvMDHQWG8/NEzv7eLUDmvIo=) 2: 865B3F7C467C11EEBDE3D43CC4F9AE02.roa (hash: MTq717nmucrc35Yd/8a9v/UNjUpnghaYXRqZ7x8/L7U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 04:31:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 346 (0x15a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B64D, serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Validity Not Before: Jul 1 04:31:28 2025 GMT Not After : Jul 8 04:31:28 2025 GMT Subject: CN=686364a1-fae0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b9:5b:6a:d5:36:ec:d4:2c:e5:51:13:5c:0d: 13:78:2b:c1:ae:d5:97:3d:7d:93:c6:d9:50:d2:32: f7:9b:ac:2b:5d:f3:ae:55:30:a9:7f:8f:b5:33:23: 4f:c3:c7:2a:fc:0f:83:6f:a7:ea:72:27:99:70:a4: 66:29:58:ba:d5:10:8f:bb:01:cb:e2:8c:18:24:92: a5:84:1c:8c:c5:94:55:9a:e4:89:ee:32:2c:91:9a: d3:22:f7:4c:2c:2f:57:38:b2:a4:2c:f4:93:a8:73: 81:8e:22:88:db:48:87:4c:6b:57:ff:9f:31:7d:58: de:ab:2e:38:2c:ba:c2:1e:9b:e7:6a:4c:0a:19:54: 46:58:98:6b:4c:35:f7:f0:37:98:2a:bc:e6:a1:21: 3d:c1:27:43:de:7a:66:a9:af:5b:53:f3:6c:88:09: 36:1b:58:37:1e:1f:fd:31:77:c5:72:0d:f2:98:94: b1:cd:0b:bc:db:47:d5:00:d8:7e:f2:0c:24:d5:d4: 4c:a4:44:e7:4b:cd:1f:48:36:83:e7:65:0d:42:cd: 46:f2:1a:df:e1:d6:c2:15:10:bb:35:3c:56:7c:e9: 4a:b2:18:c0:bf:2b:f9:b4:1a:75:a4:d2:ea:ac:74: ea:e2:66:60:1c:8a:28:26:73:1b:1d:3c:6c:60:f5: 15:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:38:D4:2A:30:F4:5B:3C:16:B4:A7:41:35:10:F2:E1:B1:C2:81:A5 X509v3 Authority Key Identifier: keyid:0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:16:17:b1:38:a6:3d:8c:31:77:22:aa:cb:5c:f8:46:7f:84: bc:26:1b:76:a0:d0:c1:08:f5:0f:45:f5:8a:fd:00:11:2c:87: 60:dc:67:6d:af:39:bd:ea:ba:63:a6:68:fc:a3:55:93:b8:40: 38:10:ab:bd:d0:b8:99:0f:c8:10:92:d6:9b:b6:43:02:4c:54: 62:47:43:04:76:cf:39:57:3a:15:8b:d6:c9:e4:b6:ca:b7:8f: 81:1c:e6:9a:55:a1:2d:ae:fa:6d:85:e0:6f:06:73:d1:f5:31: f6:91:b6:55:c8:ee:61:f3:0d:11:0a:1f:09:bf:f3:33:54:a3: 05:70:3b:cf:ca:35:dd:f1:93:84:e7:9a:59:97:55:bf:27:ce: 85:bd:b1:17:d0:4b:72:77:34:b9:73:a3:21:3b:84:40:ee:d3: 97:22:47:05:ea:b4:33:76:0d:5a:b9:e0:b7:14:ef:2b:26:15: 7d:c9:30:c1:7e:bb:b4:3c:5d:61:f4:5e:02:ca:fb:2b:a2:8c: 0f:b7:48:ea:48:67:64:e1:4b:3c:e0:36:ca:77:ba:68:f2:08: 53:4a:61:a3:18:f9:af:b5:85:04:8e:a9:2e:b4:5d:e3:a7:4e: 5a:be:cd:0e:01:cc:cf:01:db:54:a5:6e:e0:36:c6:ab:1c:03: c7:9c:bc:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkI2NEQxMTAvBgNVBAUTKDBDMzdBMDFDQjYzMzYyMzQ0RkI3Mzk2NzYwRkQ5NEQ5 QzlCOTdDN0EwHhcNMjUwNzAxMDQzMTI4WhcNMjUwNzA4MDQzMTI4WjAYMRYwFAYD VQQDEw02ODYzNjRhMS1mYWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzrlbatU27NQs5VETXA0TeCvBrtWXPX2TxtlQ0jL3m6wrXfOuVTCpf4+1MyNP w8cq/A+Db6fqcieZcKRmKVi61RCPuwHL4owYJJKlhByMxZRVmuSJ7jIskZrTIvdM LC9XOLKkLPSTqHOBjiKI20iHTGtX/58xfVjeqy44LLrCHpvnakwKGVRGWJhrTDX3 8DeYKrzmoSE9wSdD3npmqa9bU/NsiAk2G1g3Hh/9MXfFcg3ymJSxzQu820fVANh+ 8gwk1dRMpETnS80fSDaD52UNQs1G8hrf4dbCFRC7NTxWfOlKshjAvyv5tBp1pNLq rHTq4mZgHIooJnMbHTxsYPUVZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDs41Cow 9Fs8FrSnQTUQ8uGxwoGlMB8GA1UdIwQYMBaAFAw3oBy2M2I0T7c5Z2D9lNnJuXx6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjY0RC8yQkJFNDAxNDQ2 N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellqUlB0emxuWVAyVTJjbTVm SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0REZWdITFl6WWpSUHR6bG5ZUDJVMmNtNWZIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjY0RC8yQkJFNDAxNDQ2N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellq UlB0emxuWVAyVTJjbTVmSG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVFhexOKY9jDF3IqrLXPhGf4S8Jht2oNDBCPUPRfWK/QARLIdg3Gdt rzm96rpjpmj8o1WTuEA4EKu90LiZD8gQktabtkMCTFRiR0MEds85VzoVi9bJ5LbK t4+BHOaaVaEtrvptheBvBnPR9TH2kbZVyO5h8w0RCh8Jv/MzVKMFcDvPyjXd8ZOE 55pZl1W/J86FvbEX0EtydzS5c6MhO4RA7tOXIkcF6rQzdg1aueC3FO8rJhV9yTDB fru0PF1h9F4CyvsroowPt0jqSGdk4Us84DbKd7po8ghTSmGjGPmvtYUEjqkutF3j p05avs0OAczPAdtUpW7gNsarHAPHnLxy -----END CERTIFICATE-----Generated at Wed Jul 2 15:57:26 2025 by rpki-client