$ rpki-client -vvf rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft File: nQi_OKDTi4yrfP2I9djE7WZ3jME.mft (raw, json) Hash identifier: ThT9hhMx3wYdA6FZXwU8+ritMthEdCly3ndwuIPUNWU= Subject key identifier: 9E:0D:38:79:96:F0:88:18:D3:F6:ED:18:1B:E3:D2:70:11:AD:0B:B7 Authority key identifier: 9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 Certificate issuer: /CN=A913F0DF/serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Certificate serial: 0126 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft Manifest number: 0123 Signing time: Sun 29 Jun 2025 03:49:57 +0000 Manifest this update: Sun 29 Jun 2025 03:49:56 +0000 Manifest next update: Sun 06 Jul 2025 03:49:56 +0000 Files and hashes: 1: nQi_OKDTi4yrfP2I9djE7WZ3jME.crl (hash: kp+rbXivD/pliJMk8T6zNUTgsU79bjO7mfAdIi/pwe8=) 2: 7C7AF8E6E67011EEB76DCB76C4F9AE02.roa (hash: tBwNVvJX12RI1rw1ArvMyaYybwsSqQmw1mHttd1wbm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 03:49:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F0DF, serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Validity Not Before: Jun 29 03:49:56 2025 GMT Not After : Jul 6 03:49:56 2025 GMT Subject: CN=6860b7e4-e16a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c4:cf:de:b0:f6:a8:98:9c:85:3f:96:42:dc: 4d:ed:3d:d1:cf:66:00:14:01:bc:15:7c:97:4b:e3: 0d:2b:cd:6b:ef:20:4b:0e:82:4c:3a:48:9e:4b:fa: 75:43:6a:09:45:12:36:7d:90:4c:fe:fc:d8:14:0b: 75:2d:75:93:2e:9c:a2:72:b3:d7:67:15:7b:8e:f5: c1:26:f3:de:96:8c:de:4d:57:68:c4:17:41:b0:22: 88:5b:75:50:df:ad:68:75:ff:2f:85:20:62:41:f0: 9d:0c:e8:1e:42:7e:66:48:dd:cc:2b:0d:d7:f8:de: e8:af:72:81:4d:ea:e4:f8:9d:ef:8f:12:e4:2e:9b: 9e:52:4c:be:cc:1f:d5:18:bf:f6:44:02:22:96:a3: 5f:e5:61:90:fe:ab:18:5c:5e:89:50:29:e7:75:35: e6:08:96:5e:29:6d:7d:bd:30:8a:23:e8:e4:2d:b4: 25:7c:0e:78:d1:c2:f9:e0:d6:3a:a1:1e:c9:bc:24: 31:f1:2c:6c:fe:ca:ce:5c:ef:f9:fe:c1:01:19:b5: 48:f3:17:9e:9d:15:6e:36:88:89:29:df:d6:c2:14: 59:c6:86:25:1c:89:8f:c8:90:60:5c:61:eb:02:85: 78:d0:a8:98:c7:49:00:5a:52:25:db:e8:af:32:89: 58:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:0D:38:79:96:F0:88:18:D3:F6:ED:18:1B:E3:D2:70:11:AD:0B:B7 X509v3 Authority Key Identifier: keyid:9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:68:fe:d3:ba:d8:76:5a:e8:9a:7a:fc:31:8f:0a:f8:c6:d1: 1b:01:61:ea:d3:c5:02:56:48:7e:fb:90:33:cf:89:d9:8e:15: 9d:92:61:1d:7f:bd:96:16:f0:32:b7:7b:0b:49:c4:da:f3:f9: c9:dc:8e:d7:96:e3:87:1d:90:45:f6:a4:bf:8e:d6:c3:ad:65: 3b:bc:dd:6a:a3:a7:47:ca:1a:8b:61:fd:4d:e4:a1:26:f4:3a: 60:0a:7d:b9:86:e0:9f:7d:a6:48:f6:87:2e:28:71:a2:60:52: ca:b9:fd:6c:c5:9c:46:fc:8d:2c:e2:e3:39:55:10:03:44:29: 6d:1d:54:bf:01:ec:4c:14:b8:20:18:16:31:74:27:a5:99:9a: 28:37:53:c1:53:16:62:94:d9:71:ff:fa:ed:e3:da:7a:04:c1: d6:b6:12:4d:08:22:ff:b2:ab:74:24:dc:31:d8:b1:f0:17:92: 5f:7a:72:18:d7:6d:f6:81:9b:99:a0:ed:75:46:85:31:87:95: 01:ac:dc:c7:b0:91:0c:3e:6b:1e:98:dd:53:75:6e:75:f4:6c: 0a:56:8a:6f:70:a8:14:d0:0f:5d:94:5e:98:d1:e9:f2:b6:59: 17:96:ce:69:0f:6f:5b:8d:92:51:f6:6d:2b:c8:4e:ba:23:aa: 06:56:0c:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0YwREYxMTAvBgNVBAUTKDlEMDhCRjM4QTBEMzhCOENBQjdDRkQ4OEY1RDhDNEVE NjY3NzhDQzEwHhcNMjUwNjI5MDM0OTU2WhcNMjUwNzA2MDM0OTU2WjAYMRYwFAYD VQQDEw02ODYwYjdlNC1lMTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAycTP3rD2qJichT+WQtxN7T3Rz2YAFAG8FXyXS+MNK81r7yBLDoJMOkieS/p1 Q2oJRRI2fZBM/vzYFAt1LXWTLpyicrPXZxV7jvXBJvPelozeTVdoxBdBsCKIW3VQ 361odf8vhSBiQfCdDOgeQn5mSN3MKw3X+N7or3KBTerk+J3vjxLkLpueUky+zB/V GL/2RAIilqNf5WGQ/qsYXF6JUCnndTXmCJZeKW19vTCKI+jkLbQlfA540cL54NY6 oR7JvCQx8Sxs/srOXO/5/sEBGbVI8xeenRVuNoiJKd/WwhRZxoYlHImPyJBgXGHr AoV40KiYx0kAWlIl2+ivMolYJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ4NOHmW 8IgY0/btGBvj0nARrQu3MB8GA1UdIwQYMBaAFJ0Ivzig04uMq3z9iPXYxO1md4zB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjBERi9FNTA4MzY0ODk5 MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0eXJmUDJJOWRqRTdXWjNq TUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25RaV9PS0RUaTR5cmZQMkk5ZGpFN1daM2pNRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjBERi9FNTA4MzY0ODk5MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0 eXJmUDJJOWRqRTdXWjNqTUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1aP7Tuth2Wuiaevwxjwr4xtEbAWHq08UCVkh++5Azz4nZjhWdkmEd f72WFvAyt3sLScTa8/nJ3I7XluOHHZBF9qS/jtbDrWU7vN1qo6dHyhqLYf1N5KEm 9DpgCn25huCffaZI9ocuKHGiYFLKuf1sxZxG/I0s4uM5VRADRCltHVS/AexMFLgg GBYxdCelmZooN1PBUxZilNlx//rt49p6BMHWthJNCCL/sqt0JNwx2LHwF5JfenIY 1232gZuZoO11RoUxh5UBrNzHsJEMPmsemN1TdW519GwKVopvcKgU0A9dlF6Y0eny tlkXls5pD29bjZJR9m0ryE66I6oGVgx/ -----END CERTIFICATE-----Generated at Mon Jun 30 23:51:09 2025 by rpki-client