$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: bGfzwHRp/R2d7E2/jz16GGufxG5qFN58U/LRXxvvcUo= Subject key identifier: D5:15:52:71:8D:DE:74:57:C0:0E:3C:B5:05:B7:09:5D:21:B1:70:22 Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 0997 Signing time: Wed 02 Jul 2025 20:19:44 +0000 Manifest this update: Wed 02 Jul 2025 20:19:43 +0000 Manifest next update: Wed 09 Jul 2025 20:19:43 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: QRD2J2ciGAkVoYQd8w9jYqIWbu3tWVgHQI194ovqAf8=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:19:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2465 (0x9a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Jul 2 20:19:43 2025 GMT Not After : Jul 9 20:19:43 2025 GMT Subject: CN=68659460-733f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e2:b6:e6:54:b7:85:a1:30:92:74:af:5e:32: 0c:dc:51:d8:a4:07:ea:95:7f:83:c8:fe:03:a5:71: 16:40:40:fb:78:ba:d8:68:9b:bf:69:f4:aa:18:86: 40:65:63:bc:b1:11:6c:4d:ad:c8:a1:eb:45:f7:6c: 9c:71:8a:38:68:d0:dc:15:10:df:a0:86:01:55:b6: a6:3b:ac:a3:4b:a0:e1:a3:19:19:ad:d5:4a:2a:09: b2:7a:ba:c2:96:95:df:27:e0:bb:33:3b:a2:e4:28: c2:03:98:8b:73:e0:05:29:0d:87:3e:a1:b7:87:3e: d4:63:82:32:52:97:70:e5:01:02:d5:b6:65:52:d5: df:d6:24:99:8c:b1:d4:21:c0:32:1b:2d:ee:c0:86: c0:1b:30:ea:5e:d9:44:fb:4c:51:07:8a:eb:92:43: 69:f7:6c:cb:c7:a5:76:b7:f6:0b:b5:3c:e9:c9:53: 65:93:23:1d:c9:54:43:b1:69:af:53:3e:df:28:50: cd:c8:3c:0e:e8:60:f8:2d:58:c7:f8:7e:3e:5e:73: af:cd:6e:51:57:d2:d9:d6:b6:fd:66:d4:63:c9:e4: 86:b7:8a:23:db:a3:a3:c8:b9:c0:88:24:5c:75:f3: 6c:12:e6:7d:ab:5d:64:48:4a:38:cc:5c:4d:52:c4: a7:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:15:52:71:8D:DE:74:57:C0:0E:3C:B5:05:B7:09:5D:21:B1:70:22 X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:4c:2b:57:04:48:76:27:41:d7:28:06:01:74:d0:98:b2:64: 65:79:a3:30:86:5e:1a:85:d6:17:de:d7:55:63:f2:2c:cb:f9: 82:c5:88:11:6c:a5:10:32:46:70:4d:1a:8c:ae:d3:e7:a4:1e: 1d:84:21:9c:53:62:49:de:07:19:e7:75:05:0c:9f:66:55:8f: 1b:19:f7:16:be:54:7c:6e:64:14:ad:1d:de:5f:1d:94:30:79: 49:35:b7:cd:60:19:a5:26:e4:9a:31:bb:42:03:fa:ad:a6:f7: f7:09:52:4e:47:e6:95:d8:0d:02:3b:f8:fb:8b:e7:91:8c:3e: 93:bd:e4:bb:e8:3e:6b:b6:0e:f0:f6:20:9b:08:2a:a5:a0:a7: b4:df:0b:c9:4c:e4:77:12:74:66:a5:3a:3a:ea:a8:70:90:fa: cd:c8:30:ea:1c:83:65:4b:e8:68:fc:63:44:98:10:b3:d0:4e: 07:09:a2:85:f0:ff:62:7c:8e:ed:f1:d9:fc:66:bd:b5:36:14: 57:06:2e:fb:5b:72:ab:e0:6e:f6:33:c9:d7:54:5c:40:5f:95: 3e:07:bc:81:a2:c8:24:1b:5d:01:f6:2c:87:9d:cc:61:67:98: a6:a7:aa:4c:c6:a1:1d:b6:71:5e:fb:ea:c8:68:70:66:6b:fd: e1:a3:be:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUwNzAyMjAxOTQzWhcNMjUwNzA5MjAxOTQzWjAYMRYwFAYD VQQDEw02ODY1OTQ2MC03MzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4uK25lS3haEwknSvXjIM3FHYpAfqlX+DyP4DpXEWQED7eLrYaJu/afSqGIZA ZWO8sRFsTa3IoetF92yccYo4aNDcFRDfoIYBVbamO6yjS6DhoxkZrdVKKgmyerrC lpXfJ+C7Mzui5CjCA5iLc+AFKQ2HPqG3hz7UY4IyUpdw5QEC1bZlUtXf1iSZjLHU IcAyGy3uwIbAGzDqXtlE+0xRB4rrkkNp92zLx6V2t/YLtTzpyVNlkyMdyVRDsWmv Uz7fKFDNyDwO6GD4LVjH+H4+XnOvzW5RV9LZ1rb9ZtRjyeSGt4oj26OjyLnAiCRc dfNsEuZ9q11kSEo4zFxNUsSnpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNUVUnGN 3nRXwA48tQW3CV0hsXAiMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHTCtXBEh2J0HXKAYBdNCYsmRleaMwhl4ahdYX3tdVY/Isy/mCxYgR bKUQMkZwTRqMrtPnpB4dhCGcU2JJ3gcZ53UFDJ9mVY8bGfcWvlR8bmQUrR3eXx2U MHlJNbfNYBmlJuSaMbtCA/qtpvf3CVJOR+aV2A0CO/j7i+eRjD6TveS76D5rtg7w 9iCbCCqloKe03wvJTOR3EnRmpTo66qhwkPrNyDDqHINlS+ho/GNEmBCz0E4HCaKF 8P9ifI7t8dn8Zr21NhRXBi77W3Kr4G72M8nXVFxAX5U+B7yBosgkG10B9iyHncxh Z5imp6pMxqEdtnFe++rIaHBma/3ho75n -----END CERTIFICATE-----Generated at Thu Jul 3 06:05:21 2025 by rpki-client