$ rpki-client -vvf rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.mft File: gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.mft (raw, json) Hash identifier: EwejJzVmI2Ak1FZF7yVk4wJLZK0kafV6U/86Ian1whA= Subject key identifier: 55:92:9A:8E:20:C2:16:15:F0:92:CD:31:3E:77:8D:F4:F7:AF:04:8D Authority key identifier: 80:E0:AB:18:9F:CD:70:1E:EE:42:C9:2B:93:C1:5B:6F:74:24:82:6A Certificate issuer: /CN=A9143A67/serialNumber=80E0AB189FCD701EEE42C92B93C15B6F7424826A Certificate serial: 028A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.mft Manifest number: 0286 Signing time: Sun 29 Jun 2025 01:11:27 +0000 Manifest this update: Sun 29 Jun 2025 01:11:27 +0000 Manifest next update: Sun 06 Jul 2025 01:11:27 +0000 Files and hashes: 1: gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.crl (hash: wJm/ot2YT6KJefRQnshf6h+AtfLbUMw+WHppbYrdo9w=) 2: EE62A36A0D9F11EDB7631D1BC4F9AE02.roa (hash: 79mqc7tZF4tbIphjhbOXUthxD6els9a6zfI1+s7nFSE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.crl rsync://rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 01:11:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 650 (0x28a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143A67, serialNumber=80E0AB189FCD701EEE42C92B93C15B6F7424826A Validity Not Before: Jun 29 01:11:27 2025 GMT Not After : Jul 6 01:11:27 2025 GMT Subject: CN=686092bf-ef3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b0:a3:91:59:4d:33:ef:60:33:c7:81:82:4c: 1d:bf:9d:7c:0e:5c:98:ad:b8:43:e2:07:ea:62:9c: 26:59:08:1e:36:77:67:f1:91:9e:d8:2a:54:57:37: 5f:77:d6:45:8f:05:90:89:d5:47:ed:14:24:8a:74: e5:0c:86:6d:e3:80:32:d7:b9:18:e9:be:2a:64:1e: d7:ac:c1:5f:c5:51:8e:16:ec:6f:0e:5b:86:90:73: 11:05:ec:33:cb:ae:53:15:4c:f4:ed:58:21:37:19: 36:f4:34:ef:19:3e:ac:69:d7:03:e8:1e:9c:ee:e3: 80:48:a6:53:4e:00:75:3d:c0:fc:6f:8b:13:a2:b0: 00:33:31:1f:2b:b2:a0:c7:5b:ef:74:3d:8e:a7:d3: 91:93:01:a0:62:72:02:5c:b2:13:64:76:0b:65:2d: 76:f4:c5:b6:71:ac:fd:fb:eb:5b:24:4c:28:27:b3: 09:e9:9a:9d:fe:3a:ca:bb:b8:5a:3c:9c:70:a7:21: 69:e6:1f:71:2c:ac:0e:af:c8:99:21:eb:27:ba:5b: da:9c:82:64:12:1b:50:9d:45:af:c4:dc:cf:27:a7: 0d:be:2c:c2:d7:99:f0:bf:c4:62:45:85:c0:6d:c0: 72:17:84:58:d0:5a:0d:d6:75:37:9c:0d:db:cb:8c: 1f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:92:9A:8E:20:C2:16:15:F0:92:CD:31:3E:77:8D:F4:F7:AF:04:8D X509v3 Authority Key Identifier: keyid:80:E0:AB:18:9F:CD:70:1E:EE:42:C9:2B:93:C1:5B:6F:74:24:82:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143A67/C80697920D9C11EDB8F9B617C4F9AE02/gOCrGJ_NcB7uQskrk8Fbb3Qkgmo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:8c:c8:15:8f:57:74:c8:01:4c:f7:88:cc:b6:76:6f:4e:cc: 82:7c:83:f6:b6:d6:9f:60:48:2b:32:04:5f:f6:51:8f:fc:5e: aa:df:23:15:e9:9b:5a:d4:09:56:81:55:cb:f3:3d:dc:dd:70: 8a:5a:cc:af:87:16:9d:78:e6:05:c1:73:ba:6f:47:cc:61:53: 7b:a6:e3:02:9c:72:96:3e:9f:33:da:44:6f:ca:9f:d1:f6:74: 67:61:1b:b4:79:f2:0c:ba:3c:04:5c:f1:c5:8b:05:07:e8:bc: c8:3b:e5:44:76:ba:57:bf:46:4c:e5:d8:4a:66:dc:20:05:ac: 7a:bc:96:bc:e9:05:99:98:ca:23:5f:89:7d:16:16:e9:0f:42: 75:c9:b5:a8:fd:9b:35:f5:07:ba:9e:8e:93:2a:30:a2:d4:05: 07:e6:a6:db:2b:93:08:20:ae:08:a6:2c:9c:45:69:7f:50:09: 3d:58:4e:9e:77:0f:51:0f:3b:bb:8c:85:68:a1:e4:82:28:9b: 13:27:8e:fa:88:f0:25:f5:ac:30:fd:2b:f0:03:c1:1c:2f:bb: 17:f7:1e:6b:26:a1:3b:68:2a:12:36:be:b7:1d:9c:86:96:90: 1c:2e:fe:2c:85:9e:52:b0:b3:d5:21:be:7b:ef:5b:af:a9:d4: 43:fc:c2:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNBNjcxMTAvBgNVBAUTKDgwRTBBQjE4OUZDRDcwMUVFRTQyQzkyQjkzQzE1QjZG NzQyNDgyNkEwHhcNMjUwNjI5MDExMTI3WhcNMjUwNzA2MDExMTI3WjAYMRYwFAYD VQQDEw02ODYwOTJiZi1lZjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlrCjkVlNM+9gM8eBgkwdv518DlyYrbhD4gfqYpwmWQgeNndn8ZGe2CpUVzdf d9ZFjwWQidVH7RQkinTlDIZt44Ay17kY6b4qZB7XrMFfxVGOFuxvDluGkHMRBewz y65TFUz07VghNxk29DTvGT6sadcD6B6c7uOASKZTTgB1PcD8b4sTorAAMzEfK7Kg x1vvdD2Op9ORkwGgYnICXLITZHYLZS129MW2caz9++tbJEwoJ7MJ6Zqd/jrKu7ha PJxwpyFp5h9xLKwOr8iZIesnulvanIJkEhtQnUWvxNzPJ6cNvizC15nwv8RiRYXA bcByF4RY0FoN1nU3nA3by4wfSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFWSmo4g whYV8JLNMT53jfT3rwSNMB8GA1UdIwQYMBaAFIDgqxifzXAe7kLJK5PBW290JIJq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0E2Ny9DODA2OTc5MjBE OUMxMUVEQjhGOUI2MTdDNEY5QUUwMi9nT0NyR0pfTmNCN3VRc2tyazhGYmIzUWtn bW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dPQ3JHSl9OY0I3dVFza3JrOEZiYjNRa2dtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0E2Ny9DODA2OTc5MjBEOUMxMUVEQjhGOUI2MTdDNEY5QUUwMi9nT0NyR0pfTmNC N3VRc2tyazhGYmIzUWtnbW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChjMgVj1d0yAFM94jMtnZvTsyCfIP2ttafYEgrMgRf9lGP/F6q3yMV 6Zta1AlWgVXL8z3c3XCKWsyvhxadeOYFwXO6b0fMYVN7puMCnHKWPp8z2kRvyp/R 9nRnYRu0efIMujwEXPHFiwUH6LzIO+VEdrpXv0ZM5dhKZtwgBax6vJa86QWZmMoj X4l9FhbpD0J1ybWo/Zs19Qe6no6TKjCi1AUH5qbbK5MIIK4IpiycRWl/UAk9WE6e dw9RDzu7jIVooeSCKJsTJ476iPAl9aww/SvwA8EcL7sX9x5rJqE7aCoSNr63HZyG lpAcLv4shZ5SsLPVIb5771uvqdRD/MJZ -----END CERTIFICATE-----Generated at Tue Jul 1 00:58:33 2025 by rpki-client