$ rpki-client -vvf rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft File: aEWjVwdX5r8sBIWsIXib_1AFHpo.mft (raw, json) Hash identifier: AY1tQauM+eG1CrF9rG+sgIOM6THAn+rEE/N8NAgubBA= Subject key identifier: 8B:01:81:74:30:1F:C4:52:DF:6F:9A:51:B7:DC:54:71:2C:A8:AD:49 Authority key identifier: 68:45:A3:57:07:57:E6:BF:2C:04:85:AC:21:78:9B:FF:50:05:1E:9A Certificate issuer: /CN=A913500A/serialNumber=6845A3570757E6BF2C0485AC21789BFF50051E9A Certificate serial: 015A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aEWjVwdX5r8sBIWsIXib_1AFHpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft Manifest number: 0157 Signing time: Sun 29 Jun 2025 03:12:01 +0000 Manifest this update: Sun 29 Jun 2025 03:12:01 +0000 Manifest next update: Sun 06 Jul 2025 03:12:01 +0000 Files and hashes: 1: aEWjVwdX5r8sBIWsIXib_1AFHpo.crl (hash: dNdZMQetJu6gG2SYpKpoFFWK12IRIwFTR32zymMga3E=) 2: 0CE4B8C6474911EEA995D74FC4F9AE02.roa (hash: o8XeNpRnuUBlVWA6mPKxdSovFEQUWjBzrI7Rs+4BJAM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.crl rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aEWjVwdX5r8sBIWsIXib_1AFHpo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 03:12:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 346 (0x15a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913500A, serialNumber=6845A3570757E6BF2C0485AC21789BFF50051E9A Validity Not Before: Jun 29 03:12:01 2025 GMT Not After : Jul 6 03:12:01 2025 GMT Subject: CN=6860af01-2459 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b8:bf:73:43:77:63:9e:0a:78:bd:64:d3:88: 40:30:ea:7a:a6:35:eb:21:24:06:15:6c:2f:37:62: d8:81:aa:74:aa:9b:61:c4:93:d7:dd:b3:84:22:12: 37:cb:64:1e:8c:47:9e:1c:02:bd:0d:dd:47:65:16: a9:2d:25:67:86:df:67:2d:5b:c6:4f:15:07:d3:6b: 3c:b5:ae:d8:a2:d4:66:bd:c2:5b:f2:5e:2e:30:93: 37:75:a9:46:5d:bd:7a:f6:fb:8d:82:0b:f9:fb:93: 53:97:d8:11:9b:99:11:cc:3f:68:bc:2a:00:98:56: 62:87:ae:1d:e9:f1:62:cb:01:f6:8b:53:a0:62:5e: 47:86:7b:e1:a9:49:92:94:a5:a0:69:ef:fe:bc:cb: 00:0d:eb:a2:07:9f:25:01:e4:4e:41:9e:13:91:67: 6e:98:58:a1:f0:62:e1:3f:66:90:e8:e0:37:17:99: 9f:7c:0e:6b:10:14:ae:db:d0:15:47:80:b3:8e:13: 55:c2:e8:10:93:a1:fd:b0:5e:4b:2d:c3:c3:36:1a: 5e:08:7f:e5:8b:e2:bf:6a:40:fe:9d:8f:e5:d3:97: 71:dd:bf:d5:dc:3f:b8:c5:97:6a:ff:f6:c4:e6:21: bd:7c:5e:72:10:bc:d0:db:48:94:2c:f1:d5:35:ba: f0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:01:81:74:30:1F:C4:52:DF:6F:9A:51:B7:DC:54:71:2C:A8:AD:49 X509v3 Authority Key Identifier: keyid:68:45:A3:57:07:57:E6:BF:2C:04:85:AC:21:78:9B:FF:50:05:1E:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aEWjVwdX5r8sBIWsIXib_1AFHpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:94:19:35:ed:01:83:bc:15:08:38:e9:ca:ff:7a:a4:9e:62: 56:33:42:e2:9e:4c:4b:0a:de:5f:84:17:03:40:2c:0b:23:5f: b8:86:01:a9:86:8f:15:4c:90:4d:39:fb:18:52:0b:18:76:5c: ee:67:c7:b0:ad:d9:d9:88:87:3f:85:ee:1c:7d:6c:9e:46:d1: ab:66:31:f8:1f:25:0c:82:9a:d9:59:36:bf:78:ef:65:15:38: 90:2a:c5:57:77:dd:fb:7f:f7:33:fe:f1:57:99:40:e3:95:0a: 9a:e1:87:47:9f:8d:9f:4d:80:ba:70:bd:87:1b:b1:a6:d7:f1: 17:41:ac:c1:32:ad:1e:98:61:90:88:6c:69:0a:a5:e8:c1:17: 32:62:84:c7:c6:09:e4:a2:ff:7b:49:b5:82:ca:e0:62:a1:54: 92:d4:7f:29:e2:7a:2b:36:c9:4b:8c:9e:d0:db:41:29:de:0c: dd:78:9d:39:d5:f4:88:f0:65:aa:ad:89:1f:6f:69:ac:5c:a1: e7:eb:4c:ed:fd:6c:25:f7:e6:6c:8d:f0:bd:a1:5e:ea:f3:0c: f3:15:9b:fd:27:32:1f:e8:db:dc:86:b6:57:a3:d5:0e:60:2e: c9:f3:b6:e9:ef:9c:96:da:f1:03:c7:b2:dd:84:f2:0c:52:74: 1e:8a:1b:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzUwMEExMTAvBgNVBAUTKDY4NDVBMzU3MDc1N0U2QkYyQzA0ODVBQzIxNzg5QkZG NTAwNTFFOUEwHhcNMjUwNjI5MDMxMjAxWhcNMjUwNzA2MDMxMjAxWjAYMRYwFAYD VQQDEw02ODYwYWYwMS0yNDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsri/c0N3Y54KeL1k04hAMOp6pjXrISQGFWwvN2LYgap0qpthxJPX3bOEIhI3 y2QejEeeHAK9Dd1HZRapLSVnht9nLVvGTxUH02s8ta7YotRmvcJb8l4uMJM3dalG Xb169vuNggv5+5NTl9gRm5kRzD9ovCoAmFZih64d6fFiywH2i1OgYl5HhnvhqUmS lKWgae/+vMsADeuiB58lAeROQZ4TkWdumFih8GLhP2aQ6OA3F5mffA5rEBSu29AV R4CzjhNVwugQk6H9sF5LLcPDNhpeCH/li+K/akD+nY/l05dx3b/V3D+4xZdq//bE 5iG9fF5yELzQ20iULPHVNbrwmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIsBgXQw H8RS32+aUbfcVHEsqK1JMB8GA1UdIwQYMBaAFGhFo1cHV+a/LASFrCF4m/9QBR6a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTAwQS9DQ0EzRUE5MjQ3 M0YxMUVFODdGNDBBN0VDNEY5QUUwMi9hRVdqVndkWDVyOHNCSVdzSVhpYl8xQUZI cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FFV2pWd2RYNXI4c0JJV3NJWGliXzFBRkhwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NTAwQS9DQ0EzRUE5MjQ3M0YxMUVFODdGNDBBN0VDNEY5QUUwMi9hRVdqVndkWDVy OHNCSVdzSVhpYl8xQUZIcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqlBk17QGDvBUIOOnK/3qknmJWM0LinkxLCt5fhBcDQCwLI1+4hgGp ho8VTJBNOfsYUgsYdlzuZ8ewrdnZiIc/he4cfWyeRtGrZjH4HyUMgprZWTa/eO9l FTiQKsVXd937f/cz/vFXmUDjlQqa4YdHn42fTYC6cL2HG7Gm1/EXQazBMq0emGGQ iGxpCqXowRcyYoTHxgnkov97SbWCyuBioVSS1H8p4norNslLjJ7Q20Ep3gzdeJ05 1fSI8GWqrYkfb2msXKHn60zt/Wwl9+ZsjfC9oV7q8wzzFZv9JzIf6NvchrZXo9UO YC7J87bp75yW2vEDx7LdhPIMUnQeihuo -----END CERTIFICATE-----Generated at Mon Jun 30 06:58:23 2025 by rpki-client