$ rpki-client -vvf rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.mft File: piPcBe58I3DKREMQhN5RMh83pwQ.mft (raw, json) Hash identifier: dKwdAajP3+2kVCKnQgRQ4ff6E2+DmVTPLAiNFgmP/1w= Subject key identifier: 64:70:27:83:A3:15:5C:DE:DF:2C:EB:1B:89:35:A9:7B:70:69:F7:55 Authority key identifier: A6:23:DC:05:EE:7C:23:70:CA:44:43:10:84:DE:51:32:1F:37:A7:04 Certificate issuer: /CN=A9146179/serialNumber=A623DC05EE7C2370CA44431084DE51321F37A704 Certificate serial: 72 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/piPcBe58I3DKREMQhN5RMh83pwQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.mft Manifest number: 71 Signing time: Thu 03 Jul 2025 07:05:01 +0000 Manifest this update: Thu 03 Jul 2025 07:05:00 +0000 Manifest next update: Thu 10 Jul 2025 07:05:00 +0000 Files and hashes: 1: piPcBe58I3DKREMQhN5RMh83pwQ.crl (hash: /4cXxP1KB18Nfqiozn57SRJW0FEsj88uROJWpbVKTUs=) 2: B93E11C0AA7C11EFA2125D79C4F9AE02.roa (hash: L6gwOkLW0S9oSXFYmJ2NgzIUWM0zCt+FTxcWMzfbAlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.crl rsync://rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/piPcBe58I3DKREMQhN5RMh83pwQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 114 (0x72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146179, serialNumber=A623DC05EE7C2370CA44431084DE51321F37A704 Validity Not Before: Jul 3 07:05:00 2025 GMT Not After : Jul 10 07:05:00 2025 GMT Subject: CN=68662b9c-c035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6f:85:38:38:16:d7:a0:23:b3:1f:cd:26:db: ff:e7:69:44:d9:a8:a3:9e:5f:c3:f9:f4:54:dd:8c: da:46:3e:0a:51:cd:33:5b:8c:3d:8e:d7:1e:ee:2a: 0b:60:33:35:ac:99:f2:38:e1:f3:d7:fd:26:69:bd: 0f:7c:61:ce:4e:f0:61:89:96:77:e5:48:bf:33:09: b9:d2:3c:18:2a:b2:c2:a3:c1:7d:4d:0f:f8:22:e0: 8f:ae:13:5e:a0:b1:b2:a6:45:46:1e:e9:5e:c2:7c: 45:de:1c:f8:7b:ab:c4:7a:7f:e5:bc:73:ca:55:42: e1:6f:f9:bd:e2:7a:ae:58:68:63:59:75:4a:ba:b5: 01:e9:a9:7b:77:4d:0d:d0:60:9a:da:69:79:29:01: 5f:6d:d7:10:91:fc:0d:8a:1c:20:0b:f8:f1:dc:28: 69:7b:1d:bd:a1:f6:7a:9a:82:0c:ef:25:8f:bc:c7: 99:e6:31:10:e2:80:0c:64:f1:0a:43:bf:d2:23:22: 12:33:81:ef:ab:75:5c:a3:03:96:ad:de:80:8f:0b: e3:17:70:c8:de:5c:9a:5f:c9:ec:9f:67:cd:22:c2: ce:40:ef:95:65:fa:9b:8f:1e:7a:37:ab:86:43:b2: ce:82:a8:fa:98:c4:8f:7d:57:ea:dc:38:b2:46:71: f8:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:70:27:83:A3:15:5C:DE:DF:2C:EB:1B:89:35:A9:7B:70:69:F7:55 X509v3 Authority Key Identifier: keyid:A6:23:DC:05:EE:7C:23:70:CA:44:43:10:84:DE:51:32:1F:37:A7:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/piPcBe58I3DKREMQhN5RMh83pwQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146179/4BFD9BBCAA7C11EFA33BFD77C4F9AE02/piPcBe58I3DKREMQhN5RMh83pwQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:db:08:cf:e2:83:ec:78:52:95:25:4d:6c:b4:44:ce:f2:15: 26:d4:02:ed:6b:59:95:78:84:1c:a3:21:3f:39:b2:2f:74:56: e1:0c:25:bb:61:81:fe:fc:16:d0:b7:d0:48:26:79:82:19:0b: 55:f3:8f:72:c1:ed:7e:6d:25:d8:e9:fd:81:7b:0c:0b:42:87: a2:11:e5:34:33:0e:76:13:0b:7a:b9:3b:78:83:10:e4:48:cf: 23:80:78:5f:35:9d:5c:af:d0:83:8c:df:7c:a6:2e:bc:60:91: 43:89:32:fc:38:0e:62:0c:72:cf:1e:83:32:b0:86:c7:a7:2e: 8d:fa:7b:24:6f:61:f6:0d:b6:d6:d4:3b:72:e9:df:a8:d6:88: 1a:08:c7:a2:dd:d6:13:25:14:84:93:72:99:31:d7:7e:1e:e9: f6:c0:1f:a5:dd:22:a5:7a:b2:16:82:41:a6:07:f1:70:71:34: 5d:99:20:7c:ca:c8:72:4b:3a:c5:fc:98:53:d6:c7:0f:d5:07: e7:c1:99:aa:50:b5:f2:8f:59:4c:2e:5f:3d:69:e6:b6:1d:52: 10:37:bf:bf:e9:bb:2a:0b:d3:b4:a4:0f:24:00:9d:39:94:ce: 77:b2:18:1a:85:c1:e6:a5:5b:85:2f:97:e5:f3:42:29:29:d5: c3:e5:ac:9f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NjE3OTExMC8GA1UEBRMoQTYyM0RDMDVFRTdDMjM3MENBNDQ0MzEwODRERTUxMzIx RjM3QTcwNDAeFw0yNTA3MDMwNzA1MDBaFw0yNTA3MTAwNzA1MDBaMBgxFjAUBgNV BAMTDTY4NjYyYjljLWMwMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCib4U4OBbXoCOzH80m2//naUTZqKOeX8P59FTdjNpGPgpRzTNbjD2O1x7uKgtg MzWsmfI44fPX/SZpvQ98Yc5O8GGJlnflSL8zCbnSPBgqssKjwX1ND/gi4I+uE16g sbKmRUYe6V7CfEXeHPh7q8R6f+W8c8pVQuFv+b3ieq5YaGNZdUq6tQHpqXt3TQ3Q YJraaXkpAV9t1xCR/A2KHCAL+PHcKGl7Hb2h9nqaggzvJY+8x5nmMRDigAxk8QpD v9IjIhIzge+rdVyjA5at3oCPC+MXcMjeXJpfyeyfZ80iws5A75Vl+puPHno3q4ZD ss6CqPqYxI99V+rcOLJGcfhFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZHAng6MV XN7fLOsbiTWpe3Bp91UwHwYDVR0jBBgwFoAUpiPcBe58I3DKREMQhN5RMh83pwQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2MTc5LzRCRkQ5QkJDQUE3 QzExRUZBMzNCRkQ3N0M0RjlBRTAyL3BpUGNCZTU4STNES1JFTVFoTjVSTWg4M3B3 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcGlQY0JlNThJM0RLUkVNUWhONVJNaDgzcHdRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2 MTc5LzRCRkQ5QkJDQUE3QzExRUZBMzNCRkQ3N0M0RjlBRTAyL3BpUGNCZTU4STNE S1JFTVFoTjVSTWg4M3B3US5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAITbCM/ig+x4UpUlTWy0RM7yFSbUAu1rWZV4hByjIT85si90VuEMJbth gf78FtC30EgmeYIZC1Xzj3LB7X5tJdjp/YF7DAtCh6IR5TQzDnYTC3q5O3iDEORI zyOAeF81nVyv0IOM33ymLrxgkUOJMvw4DmIMcs8egzKwhsenLo36eyRvYfYNttbU O3Lp36jWiBoIx6Ld1hMlFISTcpkx134e6fbAH6XdIqV6shaCQaYH8XBxNF2ZIHzK yHJLOsX8mFPWxw/VB+fBmapQtfKPWUwuXz1p5rYdUhA3v7/puyoL07SkDyQAnTmU zneyGBqFwealW4Uvl+XzQikp1cPlrJ8= -----END CERTIFICATE-----Generated at Thu Jul 3 23:34:02 2025 by rpki-client