$ rpki-client -vvf rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.mft File: Ph9iZenSFMnhbLM4JUDUYiNgIVg.mft (raw, json) Hash identifier: bo/P1JaHITkPW8XGPBfLJ1rrkcun8M5nghJZpQHVW94= Subject key identifier: FD:F9:32:D2:ED:86:84:0E:D2:D6:2F:8A:3D:AF:31:0B:CF:47:E0:1F Authority key identifier: 3E:1F:62:65:E9:D2:14:C9:E1:6C:B3:38:25:40:D4:62:23:60:21:58 Certificate issuer: /CN=A913CB8B/serialNumber=3E1F6265E9D214C9E16CB3382540D46223602158 Certificate serial: 01D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ph9iZenSFMnhbLM4JUDUYiNgIVg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.mft Manifest number: 01D3 Signing time: Tue 01 Jul 2025 03:12:36 +0000 Manifest this update: Tue 01 Jul 2025 03:12:36 +0000 Manifest next update: Tue 08 Jul 2025 03:12:36 +0000 Files and hashes: 1: Ph9iZenSFMnhbLM4JUDUYiNgIVg.crl (hash: BveqcA4YIWx/sYwKuwamq71pVZi90Ki5YkaQERHvk/o=) 2: F56B35708C0011ED836F0539C4F9AE02.roa (hash: UfZMrxaB0qz4pcGB9q6XltymVUTNDZVQp2pT7h14Zqo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.crl rsync://rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ph9iZenSFMnhbLM4JUDUYiNgIVg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:12:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 471 (0x1d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913CB8B, serialNumber=3E1F6265E9D214C9E16CB3382540D46223602158 Validity Not Before: Jul 1 03:12:36 2025 GMT Not After : Jul 8 03:12:36 2025 GMT Subject: CN=68635224-0b72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6b:0a:3a:51:38:77:11:7d:61:f2:d0:36:61: 71:f6:12:6b:84:b2:8c:91:ff:b7:b7:bd:1f:d0:34: cd:76:31:70:71:d2:e6:9c:e8:aa:80:22:1b:d1:40: cc:0e:1a:b5:c9:b4:5f:db:89:39:b6:b5:a3:18:dc: 3b:9b:b8:4f:12:b8:28:f3:a6:5b:eb:99:8b:a7:cb: d6:ba:28:cf:af:83:66:7a:0f:95:19:bd:12:fc:e3: ba:34:35:fa:c1:88:76:36:39:fa:0d:f7:5a:d7:6d: 73:3f:cf:a3:11:cb:00:2e:b9:a4:71:27:35:c3:e6: 43:6e:ea:eb:85:7c:b9:ee:16:7b:88:cc:38:98:99: 30:b2:9e:fd:61:d1:54:71:e8:57:98:53:d1:5b:bc: 84:0d:60:31:c8:4f:74:dd:69:d6:29:6e:e0:df:4b: ba:3d:c8:d1:8c:30:d2:70:91:14:7f:c9:38:f8:65: 7b:26:40:a3:53:be:83:f7:5e:fc:e1:b8:20:ef:12: 31:f6:5e:fb:47:ac:0b:5e:18:a8:81:b5:46:a4:27: 21:25:b8:4d:56:44:55:85:a7:fc:f5:5c:66:66:71: 00:92:56:e4:3b:2b:ea:6a:97:91:b4:b5:97:42:ec: 06:1c:bc:1a:a5:69:b4:db:59:74:ee:87:9b:06:92: 83:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:F9:32:D2:ED:86:84:0E:D2:D6:2F:8A:3D:AF:31:0B:CF:47:E0:1F X509v3 Authority Key Identifier: keyid:3E:1F:62:65:E9:D2:14:C9:E1:6C:B3:38:25:40:D4:62:23:60:21:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ph9iZenSFMnhbLM4JUDUYiNgIVg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CB8B/DD0473FA8BFD11ED983E5C32C4F9AE02/Ph9iZenSFMnhbLM4JUDUYiNgIVg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:2a:5e:80:dd:2a:ff:90:e7:3f:69:43:b9:af:16:91:7e:c7: 64:22:83:3f:de:b0:71:0b:a9:a9:a3:57:d1:f6:af:94:d6:8b: 29:85:cc:9f:c4:9a:a3:c8:83:78:11:79:e9:4a:45:f6:a4:84: 99:25:5b:0d:2e:52:01:8d:cc:9a:64:45:8f:83:2c:36:db:a7: 2b:18:92:4d:53:4a:fe:69:4c:9a:fd:7c:01:83:3c:ca:43:9f: f6:dc:67:fb:63:b4:12:6d:d5:71:ae:03:be:e1:c8:dc:e3:d3: 82:5b:f0:c9:5c:10:a9:1b:3a:55:50:8c:27:e8:63:8a:b8:4b: 1d:4c:c2:3a:6c:cf:df:aa:9d:70:a1:84:fe:f1:5e:60:23:06: 0a:55:e7:6d:28:77:3d:da:8e:51:3d:c7:95:8e:8e:02:8b:4e: a6:b9:a9:12:71:fb:e5:82:87:0c:6f:26:46:50:c5:a9:f3:b4: 22:17:6a:bc:8a:5c:14:45:c7:6e:af:31:6e:af:51:1f:48:36: 9e:e0:0f:84:a6:93:71:6f:ea:07:14:76:25:46:98:36:bb:a8: ea:2c:4e:a1:c7:80:54:ab:ba:de:e5:34:2d:ce:39:a4:8d:e3: a8:f0:7a:d9:00:b8:89:df:44:57:de:cf:9e:dc:e9:39:2f:69: 79:97:3f:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0NCOEIxMTAvBgNVBAUTKDNFMUY2MjY1RTlEMjE0QzlFMTZDQjMzODI1NDBENDYy MjM2MDIxNTgwHhcNMjUwNzAxMDMxMjM2WhcNMjUwNzA4MDMxMjM2WjAYMRYwFAYD VQQDEw02ODYzNTIyNC0wYjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsGsKOlE4dxF9YfLQNmFx9hJrhLKMkf+3t70f0DTNdjFwcdLmnOiqgCIb0UDM Dhq1ybRf24k5trWjGNw7m7hPErgo86Zb65mLp8vWuijPr4Nmeg+VGb0S/OO6NDX6 wYh2Njn6Dfda121zP8+jEcsALrmkcSc1w+ZDburrhXy57hZ7iMw4mJkwsp79YdFU cehXmFPRW7yEDWAxyE903WnWKW7g30u6PcjRjDDScJEUf8k4+GV7JkCjU76D9178 4bgg7xIx9l77R6wLXhiogbVGpCchJbhNVkRVhaf89VxmZnEAklbkOyvqapeRtLWX QuwGHLwapWm021l07oebBpKDLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP35MtLt hoQO0tYvij2vMQvPR+AfMB8GA1UdIwQYMBaAFD4fYmXp0hTJ4WyzOCVA1GIjYCFY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0I4Qi9ERDA0NzNGQThC RkQxMUVEOTgzRTVDMzJDNEY5QUUwMi9QaDlpWmVuU0ZNbmhiTE00SlVEVVlpTmdJ VmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BoOWlaZW5TRk1uaGJMTTRKVURVWWlOZ0lWZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz Q0I4Qi9ERDA0NzNGQThCRkQxMUVEOTgzRTVDMzJDNEY5QUUwMi9QaDlpWmVuU0ZN bmhiTE00SlVEVVlpTmdJVmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANKl6A3Sr/kOc/aUO5rxaRfsdkIoM/3rBxC6mpo1fR9q+U1osphcyf xJqjyIN4EXnpSkX2pISZJVsNLlIBjcyaZEWPgyw226crGJJNU0r+aUya/XwBgzzK Q5/23Gf7Y7QSbdVxrgO+4cjc49OCW/DJXBCpGzpVUIwn6GOKuEsdTMI6bM/fqp1w oYT+8V5gIwYKVedtKHc92o5RPceVjo4Ci06muakScfvlgocMbyZGUMWp87QiF2q8 ilwURcdurzFur1EfSDae4A+EppNxb+oHFHYlRpg2u6jqLE6hx4BUq7re5TQtzjmk jeOo8HrZALiJ30RX3s+e3Ok5L2l5lz9E -----END CERTIFICATE-----Generated at Tue Jul 1 20:43:03 2025 by rpki-client