$ rpki-client -vvf rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft File: D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft (raw, json) Hash identifier: qSXYwVrPaR9xL23DT1mV5NNqkKJCH6GJWpfAuChfZcI= Subject key identifier: 6F:7C:6A:99:E2:2F:D7:CF:00:05:EF:90:D4:B8:B2:D1:A1:4E:AB:88 Authority key identifier: 0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 Certificate issuer: /CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Certificate serial: 0185 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft Manifest number: 0181 Signing time: Tue 01 Jul 2025 04:04:49 +0000 Manifest this update: Tue 01 Jul 2025 04:04:48 +0000 Manifest next update: Tue 08 Jul 2025 04:04:48 +0000 Files and hashes: 1: D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl (hash: 4qaYQgJyzNpWrFI7NXOj14GMisg67RU2CsRbKerx/Bg=) 2: 075B4CC80AC511EEB25A152AC4F9AE02.roa (hash: oHGClGt0Y+/Ca/fTjOnKQ8pJUUYEh+Yq1JxoBHlpH4s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 04:04:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 389 (0x185) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134BB0, serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Validity Not Before: Jul 1 04:04:48 2025 GMT Not After : Jul 8 04:04:48 2025 GMT Subject: CN=68635e61-d702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b7:80:c2:7a:74:85:30:22:76:a3:bc:43:96: e7:ab:b1:01:c1:8c:59:8a:f2:b4:94:d5:15:2c:21: 06:68:7c:cb:08:22:88:49:c7:e8:d2:63:da:69:8a: 34:d4:23:e2:74:7f:c9:da:ba:53:9a:ac:f8:c8:58: 71:b4:ae:98:3e:f9:44:76:c7:f1:dd:fa:42:e8:18: 96:21:01:29:df:bc:a7:d1:02:c3:ab:2a:17:0c:d7: 3b:2d:5c:db:13:b3:28:06:cf:90:e9:44:ce:ef:1d: a3:ea:cd:02:c9:8f:c8:72:65:9d:13:b4:be:ae:11: 8d:ba:a4:6a:1e:3b:6b:cb:0f:8c:4e:eb:0c:3a:4c: cb:a2:90:e1:f8:d7:e5:79:24:b3:6b:0c:f2:5d:17: a3:b5:46:37:af:2e:5b:ca:3b:15:7a:28:1d:31:f5: 64:76:1a:ea:66:e8:ab:4d:e3:53:3b:f0:62:38:99: 1c:15:b9:89:c2:58:87:6f:9f:96:a3:22:35:11:32: 49:59:51:60:8a:c8:12:25:ff:07:4d:9b:20:9b:e0: d6:d1:e6:12:c6:f9:7e:2a:e6:81:be:40:51:39:0a: b1:b0:0a:f5:2a:25:75:fa:23:3d:40:57:1c:5b:ac: a5:61:58:51:06:04:af:e9:b1:58:03:5e:7c:d9:05: b1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:7C:6A:99:E2:2F:D7:CF:00:05:EF:90:D4:B8:B2:D1:A1:4E:AB:88 X509v3 Authority Key Identifier: keyid:0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:39:82:d3:06:7b:c4:e3:93:26:4d:c0:6d:f6:9e:22:de:96: de:27:6a:5a:fb:8b:2a:2f:c3:e3:6c:09:88:61:3a:94:f1:96: 88:df:56:aa:61:db:70:56:e4:c5:b5:f1:c3:fb:fe:c8:c8:73: da:fc:22:c6:c6:07:08:8a:45:71:bb:02:79:8a:af:8a:c6:85: 7c:4d:12:fe:b4:ed:ee:7c:59:e1:24:64:48:09:14:9f:5b:d6: ac:04:dd:1d:dc:16:f8:04:a0:f2:e3:e0:1a:ef:3a:ac:e6:33: 44:64:b9:a3:ad:32:cf:80:c7:1c:fb:68:71:ec:dc:11:9e:69: 22:a6:29:f8:c4:7b:2e:09:a4:34:d1:dc:f7:11:c4:69:9c:2b: 84:f6:23:85:d6:d4:f4:99:9d:bf:62:85:2a:fd:5b:61:ce:de: ae:47:c2:d4:39:1d:5a:3f:fe:66:9e:41:2c:d0:3f:65:8d:ea: 66:0d:b1:d5:00:d5:2a:c2:e4:be:47:48:d5:af:a3:e0:0f:c1: 2e:49:3c:8d:99:16:58:57:6e:a8:94:ac:2b:66:38:e4:6e:00: c3:81:5d:e1:63:d2:f3:aa:c8:94:46:95:85:5f:5c:a7:2d:3b: 1a:dc:84:3e:65:08:dc:3b:0f:be:20:22:11:6e:b8:d9:b8:6e: c9:73:02:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCQjAxMTAvBgNVBAUTKDBGNjE0MkFFNDE2OERGMEIxODA1RkE1ODFEMjAzOTQ3 NjdBQTIyNTgwHhcNMjUwNzAxMDQwNDQ4WhcNMjUwNzA4MDQwNDQ4WjAYMRYwFAYD VQQDEw02ODYzNWU2MS1kNzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbeAwnp0hTAidqO8Q5bnq7EBwYxZivK0lNUVLCEGaHzLCCKIScfo0mPaaYo0 1CPidH/J2rpTmqz4yFhxtK6YPvlEdsfx3fpC6BiWIQEp37yn0QLDqyoXDNc7LVzb E7MoBs+Q6UTO7x2j6s0CyY/IcmWdE7S+rhGNuqRqHjtryw+MTusMOkzLopDh+Nfl eSSzawzyXRejtUY3ry5byjsVeigdMfVkdhrqZuirTeNTO/BiOJkcFbmJwliHb5+W oyI1ETJJWVFgisgSJf8HTZsgm+DW0eYSxvl+KuaBvkBROQqxsAr1KiV1+iM9QFcc W6ylYVhRBgSv6bFYA1582QWxEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG98apni L9fPAAXvkNS4stGhTquIMB8GA1UdIwQYMBaAFA9hQq5BaN8LGAX6WB0gOUdnqiJY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEJCMC9ERDQ3MzhFMDBB QkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3c1lCZnBZSFNBNVIyZXFJ bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QyRkNya0ZvM3dzWUJmcFlIU0E1UjJlcUlsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEJCMC9ERDQ3MzhFMDBBQkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3 c1lCZnBZSFNBNVIyZXFJbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtOYLTBnvE45MmTcBt9p4i3pbeJ2pa+4sqL8PjbAmIYTqU8ZaI31aq YdtwVuTFtfHD+/7IyHPa/CLGxgcIikVxuwJ5iq+KxoV8TRL+tO3ufFnhJGRICRSf W9asBN0d3Bb4BKDy4+Aa7zqs5jNEZLmjrTLPgMcc+2hx7NwRnmkipin4xHsuCaQ0 0dz3EcRpnCuE9iOF1tT0mZ2/YoUq/Vthzt6uR8LUOR1aP/5mnkEs0D9ljepmDbHV ANUqwuS+R0jVr6PgD8EuSTyNmRZYV26olKwrZjjkbgDDgV3hY9LzqsiURpWFX1yn LTsa3IQ+ZQjcOw++ICIRbrjZuG7JcwJh -----END CERTIFICATE-----Generated at Tue Jul 1 22:21:26 2025 by rpki-client