$ rpki-client -vvf rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.mft File: Gbq7z0yZmTAKwFnGU8KQhC9qZg0.mft (raw, json) Hash identifier: 3TzjBC5uB5m90aWAyH4omDC7F8Ewkl3mTOkEaUjanBM= Subject key identifier: B8:EB:B6:4D:B7:E7:AA:C2:ED:E0:2C:A2:00:4E:8A:3C:D0:25:EB:CC Authority key identifier: 19:BA:BB:CF:4C:99:99:30:0A:C0:59:C6:53:C2:90:84:2F:6A:66:0D Certificate issuer: /CN=A913E0D7/serialNumber=19BABBCF4C9999300AC059C653C290842F6A660D Certificate serial: 020D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.mft Manifest number: 020A Signing time: Thu 03 Jul 2025 02:23:37 +0000 Manifest this update: Thu 03 Jul 2025 02:23:37 +0000 Manifest next update: Thu 10 Jul 2025 02:23:37 +0000 Files and hashes: 1: Gbq7z0yZmTAKwFnGU8KQhC9qZg0.crl (hash: 70DaF8t3Zta6RlxjFez5pml/DchYcuu2FoNeP0GHY9U=) 2: 12326B1E3ED211EDAE00DB18C4F9AE02.roa (hash: zW5H6X8uqPfx0Xsy4TR9o3a+IpV9YO9mu4z+ktesoLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.crl rsync://rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:23:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 525 (0x20d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E0D7, serialNumber=19BABBCF4C9999300AC059C653C290842F6A660D Validity Not Before: Jul 3 02:23:37 2025 GMT Not After : Jul 10 02:23:37 2025 GMT Subject: CN=6865e9a9-a371 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ad:d3:31:9c:cc:e9:71:9a:9a:0b:fb:b2:41: 6c:4a:6c:a6:6d:bd:f7:a7:30:1d:31:df:dd:c6:cd: 96:5f:86:4f:3c:cb:4e:00:c6:fd:f2:fb:02:75:95: 6a:4d:c1:59:6c:99:08:7d:c9:5f:71:94:ac:8c:0c: 0f:f6:04:97:66:16:23:ea:20:4e:f5:14:24:80:a4: 65:e0:ab:4a:a7:4b:10:40:63:f7:ce:90:18:f5:64: 9c:ae:82:2f:a4:77:ad:60:02:d9:2d:4e:65:d0:a3: ae:97:7c:7a:a9:4a:8b:47:2d:20:1c:88:94:77:cb: 9f:72:04:e5:ca:fe:21:9d:ea:f1:14:50:46:a3:f5: 0a:73:e1:f1:26:db:72:54:c2:c5:13:d1:88:40:19: 42:0a:ea:bd:de:e1:ba:94:01:ce:cd:39:2a:39:88: 02:67:f4:36:fc:fe:f3:22:07:c6:4b:41:87:00:5e: 9e:e3:15:9a:ca:a0:2e:85:09:4d:34:d6:e8:3a:29: b2:6d:82:94:5f:8f:a5:89:4b:77:36:dd:3f:30:fd: cc:0d:14:69:15:91:1f:2f:7c:f3:67:f0:58:6c:ae: 2f:19:62:51:6e:8b:76:7d:54:cd:8d:78:d8:d1:39: e4:97:84:6e:e1:df:55:21:7c:86:d0:a3:95:0b:d3: c9:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:EB:B6:4D:B7:E7:AA:C2:ED:E0:2C:A2:00:4E:8A:3C:D0:25:EB:CC X509v3 Authority Key Identifier: keyid:19:BA:BB:CF:4C:99:99:30:0A:C0:59:C6:53:C2:90:84:2F:6A:66:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E0D7/8FEF84043ECF11EDA5F1FA17C4F9AE02/Gbq7z0yZmTAKwFnGU8KQhC9qZg0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:be:d0:e7:79:dc:8a:8f:d9:49:e7:f2:e6:f5:02:e0:96:72: 9a:2a:90:82:7a:3e:55:db:f4:43:1e:b2:ab:cc:43:68:fd:8e: b5:84:86:d6:9b:c7:01:6b:e6:64:d4:96:18:8e:1f:e2:b1:27: 89:64:6c:33:19:27:6e:c1:1e:3f:a2:81:00:d1:f9:b5:49:31: d8:55:03:2c:d5:73:16:e9:e6:e6:8f:78:cc:be:e5:a8:07:9d: c1:6e:e8:68:1b:be:27:69:ff:a1:8d:33:c6:60:ca:dc:1d:ac: 3b:42:89:5a:8e:fc:ad:47:ca:54:a1:ec:1b:62:76:4c:2a:f5: a4:7d:98:1a:ff:24:18:dd:0b:d4:61:25:f0:05:bf:e8:dc:10: 6f:4a:0f:f8:d0:c4:5a:84:be:e3:33:8d:47:b7:27:77:fe:fa: e2:1b:c5:4c:80:ff:7d:d7:00:c6:d0:ba:ca:ba:b2:7d:29:9d: d8:10:e0:f3:a8:11:45:34:8b:c6:80:f3:e7:f4:db:3b:98:bb: 78:2b:a0:bc:3a:98:a6:a8:bd:0c:d0:73:2c:3f:24:68:eb:28: d7:c6:73:b2:2a:81:ac:05:65:3d:b9:87:ab:ec:fa:32:5c:cd: ba:35:2a:cf:ae:92:76:c9:d1:a7:ab:1f:6e:ab:76:d3:9b:a0: 30:cd:eb:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0UwRDcxMTAvBgNVBAUTKDE5QkFCQkNGNEM5OTk5MzAwQUMwNTlDNjUzQzI5MDg0 MkY2QTY2MEQwHhcNMjUwNzAzMDIyMzM3WhcNMjUwNzEwMDIyMzM3WjAYMRYwFAYD VQQDEw02ODY1ZTlhOS1hMzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAva3TMZzM6XGamgv7skFsSmymbb33pzAdMd/dxs2WX4ZPPMtOAMb98vsCdZVq TcFZbJkIfclfcZSsjAwP9gSXZhYj6iBO9RQkgKRl4KtKp0sQQGP3zpAY9WScroIv pHetYALZLU5l0KOul3x6qUqLRy0gHIiUd8ufcgTlyv4hnerxFFBGo/UKc+HxJtty VMLFE9GIQBlCCuq93uG6lAHOzTkqOYgCZ/Q2/P7zIgfGS0GHAF6e4xWayqAuhQlN NNboOimybYKUX4+liUt3Nt0/MP3MDRRpFZEfL3zzZ/BYbK4vGWJRbot2fVTNjXjY 0Tnkl4Ru4d9VIXyG0KOVC9PJbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLjrtk23 56rC7eAsogBOijzQJevMMB8GA1UdIwQYMBaAFBm6u89MmZkwCsBZxlPCkIQvamYN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTBENy84RkVGODQwNDNF Q0YxMUVEQTVGMUZBMTdDNEY5QUUwMi9HYnE3ejB5Wm1UQUt3Rm5HVThLUWhDOXFa ZzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dicTd6MHlabVRBS3dGbkdVOEtRaEM5cVpnMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTBENy84RkVGODQwNDNFQ0YxMUVEQTVGMUZBMTdDNEY5QUUwMi9HYnE3ejB5Wm1U QUt3Rm5HVThLUWhDOXFaZzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhvtDnedyKj9lJ5/Lm9QLglnKaKpCCej5V2/RDHrKrzENo/Y61hIbW m8cBa+Zk1JYYjh/isSeJZGwzGSduwR4/ooEA0fm1STHYVQMs1XMW6ebmj3jMvuWo B53BbuhoG74naf+hjTPGYMrcHaw7QolajvytR8pUoewbYnZMKvWkfZga/yQY3QvU YSXwBb/o3BBvSg/40MRahL7jM41Htyd3/vriG8VMgP991wDG0LrKurJ9KZ3YEODz qBFFNIvGgPPn9Ns7mLt4K6C8OpimqL0M0HMsPyRo6yjXxnOyKoGsBWU9uYer7Poy XM26NSrPrpJ2ydGnqx9uq3bTm6AwzevS -----END CERTIFICATE-----Generated at Thu Jul 3 11:24:10 2025 by rpki-client