$ rpki-client -vvf rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft File: CKORxrOJyBDpW8YTnOyynV05WMQ.mft (raw, json) Hash identifier: rdNwsOHH/WVnGjfjT2RVaxxpaNAki0+OMIHen4fCcq0= Subject key identifier: F2:4D:A7:2F:91:9B:2C:D7:FE:68:EE:A0:4E:5C:DA:FC:FA:1C:86:D9 Authority key identifier: 08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 Certificate issuer: /CN=A9145E09/serialNumber=08A391C6B389C810E95BC6139CECB29D5D3958C4 Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft Manifest number: 34 Signing time: Thu 03 Jul 2025 07:52:56 +0000 Manifest this update: Thu 03 Jul 2025 07:52:55 +0000 Manifest next update: Thu 10 Jul 2025 07:52:55 +0000 Files and hashes: 1: CKORxrOJyBDpW8YTnOyynV05WMQ.crl (hash: r4PzTQ5PcXxclLCcgXpvxVHfI01Wa1cLlz9q3hxTRqo=) 2: EE04266A08C811F09F9B7B57C4F9AE02.roa (hash: D+C1K1lzyhPvB9LwJB8gZilHLGwebOslipSKAX/r/Wo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145E09, serialNumber=08A391C6B389C810E95BC6139CECB29D5D3958C4 Validity Not Before: Jul 3 07:52:55 2025 GMT Not After : Jul 10 07:52:55 2025 GMT Subject: CN=686636d8-d6e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:bc:26:fd:de:dd:a4:0a:24:d9:47:b6:61:28: 56:64:e0:cd:fa:db:c7:9b:35:3d:bf:41:ac:5a:73: 3a:ed:f8:cd:c8:57:0c:da:c3:1d:0b:31:9b:c4:b8: eb:51:e0:64:b1:35:c8:be:86:56:3b:c0:a0:96:0e: 26:5e:1d:81:0f:0c:20:05:a4:5b:fb:5f:2b:82:35: 7b:97:95:e2:c2:31:7f:77:33:87:bd:9c:8c:9c:65: 8f:9e:d2:fe:c0:a2:49:d2:04:dc:72:49:58:91:a1: 6f:b7:2d:2b:a8:b0:4c:44:ac:64:ef:06:a0:3e:a3: 00:03:21:d3:33:3e:2d:2f:bd:57:52:50:8b:89:01: b3:03:5d:ab:70:70:4e:18:af:d7:78:c4:d4:55:f6: c6:69:c0:af:db:1b:d9:f3:78:15:eb:df:ba:b2:60: fd:fb:0d:64:c7:f6:a9:e2:f0:ad:a6:55:89:61:3d: 91:8b:e3:c8:4e:d5:12:4a:00:97:d6:29:43:0f:ea: a3:97:4a:c9:d9:d6:10:0a:71:1c:fb:4b:99:79:81: 3f:68:0c:8f:4f:aa:70:52:f6:09:88:1e:d5:d1:75: 55:5d:c0:2d:39:9b:38:da:38:8a:73:0a:79:13:c8: f5:aa:19:42:17:99:b6:a3:59:1d:d1:f2:35:60:15: de:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:4D:A7:2F:91:9B:2C:D7:FE:68:EE:A0:4E:5C:DA:FC:FA:1C:86:D9 X509v3 Authority Key Identifier: keyid:08:A3:91:C6:B3:89:C8:10:E9:5B:C6:13:9C:EC:B2:9D:5D:39:58:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKORxrOJyBDpW8YTnOyynV05WMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145E09/87055B3208C811F0A0D34E56C4F9AE02/CKORxrOJyBDpW8YTnOyynV05WMQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:82:10:53:5d:a5:96:d5:17:95:db:17:11:8d:66:17:ca:f0: 2f:87:e8:5d:6a:f4:53:a8:27:e2:9d:9f:7c:2a:36:ce:36:93: dd:d8:a0:e2:a3:14:2e:59:80:1d:d5:7e:ef:f5:89:fc:16:46: 5f:ee:1b:25:75:66:83:92:80:87:d3:9e:b1:9c:13:f7:bd:86: a5:f0:6d:c8:77:c6:35:fe:4c:cf:5d:61:89:5c:99:91:17:7a: 58:dc:e7:ae:05:97:4e:35:60:32:4c:ae:17:26:e7:8a:40:8c: c5:d3:20:b8:fb:e4:1a:f3:37:16:1b:f5:e3:40:ce:48:7d:39: 66:88:ea:d8:16:35:1a:f7:63:2f:6b:2a:b1:e5:f6:44:30:fe: 32:29:1c:71:ac:d5:6a:4c:ce:0e:6e:d5:ad:e4:4c:00:bf:e9: f2:ea:0e:81:55:a2:e8:ed:e4:3b:f8:82:99:07:04:80:b8:a7: 94:3f:e7:48:ef:3b:a2:96:92:07:4e:36:27:57:90:ab:20:b2: 96:0c:4b:0a:51:80:13:24:9d:ce:64:ab:5f:e6:ae:27:2f:7d: 04:7a:8c:d5:c7:79:f9:ac:27:7a:2c:49:83:2a:20:be:dd:e6: d1:2f:28:a1:97:d0:f3:d7:d2:a2:61:3e:f2:6b:ba:03:ce:63: 66:5f:b0:a0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NUUwOTExMC8GA1UEBRMoMDhBMzkxQzZCMzg5QzgxMEU5NUJDNjEzOUNFQ0IyOUQ1 RDM5NThDNDAeFw0yNTA3MDMwNzUyNTVaFw0yNTA3MTAwNzUyNTVaMBgxFjAUBgNV BAMTDTY4NjYzNmQ4LWQ2ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDvCb93t2kCiTZR7ZhKFZk4M3628ebNT2/Qaxaczrt+M3IVwzawx0LMZvEuOtR 4GSxNci+hlY7wKCWDiZeHYEPDCAFpFv7XyuCNXuXleLCMX93M4e9nIycZY+e0v7A oknSBNxySViRoW+3LSuosExErGTvBqA+owADIdMzPi0vvVdSUIuJAbMDXatwcE4Y r9d4xNRV9sZpwK/bG9nzeBXr37qyYP37DWTH9qni8K2mVYlhPZGL48hO1RJKAJfW KUMP6qOXSsnZ1hAKcRz7S5l5gT9oDI9PqnBS9gmIHtXRdVVdwC05mzjaOIpzCnkT yPWqGUIXmbajWR3R8jVgFd6zAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8k2nL5Gb LNf+aO6gTlza/PochtkwHwYDVR0jBBgwFoAUCKORxrOJyBDpW8YTnOyynV05WMQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1RTA5Lzg3MDU1QjMyMDhD ODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJEcFc4WVRuT3l5blYwNVdN US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0tPUnhyT0p5QkRwVzhZVG5PeXluVjA1V01RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1 RTA5Lzg3MDU1QjMyMDhDODExRjBBMEQzNEU1NkM0RjlBRTAyL0NLT1J4ck9KeUJE cFc4WVRuT3l5blYwNVdNUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACCCEFNdpZbVF5XbFxGNZhfK8C+H6F1q9FOoJ+Kdn3wqNs42k93YoOKj FC5ZgB3Vfu/1ifwWRl/uGyV1ZoOSgIfTnrGcE/e9hqXwbch3xjX+TM9dYYlcmZEX eljc564Fl041YDJMrhcm54pAjMXTILj75BrzNxYb9eNAzkh9OWaI6tgWNRr3Yy9r KrHl9kQw/jIpHHGs1WpMzg5u1a3kTAC/6fLqDoFVoujt5Dv4gpkHBIC4p5Q/50jv O6KWkgdONidXkKsgspYMSwpRgBMknc5kq1/mricvfQR6jNXHefmsJ3osSYMqIL7d 5tEvKKGX0PPX0qJhPvJrugPOY2ZfsKA= -----END CERTIFICATE-----Generated at Thu Jul 3 17:10:15 2025 by rpki-client