$ rpki-client -vvf rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.mft File: 8HKO7S1Pj_2M_l-H9hvsBDRRQSk.mft (raw, json) Hash identifier: IHnMprmZxAQMCgBtrWMNVZ/dHTmsv15KM4+43xMxv/g= Subject key identifier: 7F:16:92:53:2D:6E:9D:A4:62:73:D5:B1:F8:C4:5F:1D:4D:8E:ED:CC Authority key identifier: F0:72:8E:ED:2D:4F:8F:FD:8C:FE:5F:87:F6:1B:EC:04:34:51:41:29 Certificate issuer: /CN=A9146A02/serialNumber=F0728EED2D4F8FFD8CFE5F87F61BEC0434514129 Certificate serial: 0C5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.mft Manifest number: 0C55 Signing time: Wed 02 Jul 2025 18:35:24 +0000 Manifest this update: Wed 02 Jul 2025 18:35:23 +0000 Manifest next update: Wed 09 Jul 2025 18:35:23 +0000 Files and hashes: 1: 8HKO7S1Pj_2M_l-H9hvsBDRRQSk.crl (hash: R1vHPgVokEdP2QQBN01m9RKFRwnMz50S1chD3fnDvgM=) 2: 3F1B0EF2045F11EA87A3BD3BC4F9AE02.roa (hash: ++efN2YnvlpaiN/cGnRcdVoz/L09sx0IMn5rgvBIJi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.crl rsync://rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:35:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3163 (0xc5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146A02, serialNumber=F0728EED2D4F8FFD8CFE5F87F61BEC0434514129 Validity Not Before: Jul 2 18:35:23 2025 GMT Not After : Jul 9 18:35:23 2025 GMT Subject: CN=68657beb-3b7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4d:b5:94:8c:a4:e7:5c:cc:5b:b2:81:01:bf: 10:3c:9e:b4:45:1f:f8:19:1a:29:dd:35:4f:65:0f: 7f:86:70:16:56:ff:8c:09:a6:b6:ae:6e:ff:03:58: 6a:9e:01:9c:4b:d6:10:18:f3:25:a1:68:cf:28:fd: 39:b8:b3:4b:b2:db:1b:f3:a1:74:7c:af:b5:21:d0: 6f:1c:f4:3e:54:87:e9:13:ae:0e:6d:34:ff:27:38: 6c:04:5a:1f:32:0c:a3:4d:48:52:cf:b1:ac:02:fa: 53:a4:99:7e:53:5a:33:6e:c1:cb:76:f4:70:a9:93: 87:d5:91:14:9a:c2:96:58:0e:43:ca:c7:d5:53:b3: 7a:ac:81:83:90:f0:ce:e0:b1:72:66:de:6b:ae:b6: df:fa:ed:51:34:fc:cb:c4:c0:7a:a6:e2:28:0b:0d: 3a:87:86:28:a0:50:6d:79:4f:6f:f1:45:ac:09:e2: 2b:94:66:bf:54:29:24:2b:bf:d4:ec:e7:e6:05:90: e1:30:01:4e:d0:80:69:49:03:d7:d4:c1:75:e7:79: a5:77:8a:e0:c3:3f:36:76:3e:8a:a1:2b:0f:de:a7: 5f:a2:38:91:03:e3:e9:5c:14:05:b6:73:31:53:a5: ba:30:71:a3:d4:14:47:25:cb:ee:ce:19:72:2e:6e: 4d:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:16:92:53:2D:6E:9D:A4:62:73:D5:B1:F8:C4:5F:1D:4D:8E:ED:CC X509v3 Authority Key Identifier: keyid:F0:72:8E:ED:2D:4F:8F:FD:8C:FE:5F:87:F6:1B:EC:04:34:51:41:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146A02/8DCEE9FC045E11EAADB7DF3AC4F9AE02/8HKO7S1Pj_2M_l-H9hvsBDRRQSk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:50:de:4b:d5:5d:21:26:8a:a3:06:e0:32:33:d8:9e:35:dd: 7c:9d:25:f3:91:ce:14:91:e4:09:18:4f:35:ce:6c:f7:86:76: 54:b0:40:4d:6f:31:c0:28:8a:f8:31:9c:a5:00:6b:8a:22:40: ac:27:72:a6:2d:ec:a1:90:e4:7e:03:63:76:2e:59:55:4c:94: a0:69:f6:33:bf:bc:62:ee:3b:7e:1f:62:f5:88:c2:a9:08:68: 2f:f7:12:ff:c7:d1:39:6d:19:84:a8:7b:b6:9c:8a:2f:49:83: bd:d1:09:4e:46:9d:58:32:48:64:0a:76:4e:16:65:f9:fb:34: 27:c9:c5:be:06:c3:db:aa:f7:92:96:62:6b:85:d6:f9:80:80: 14:55:87:68:2a:97:89:7f:26:93:e0:42:1b:ad:a3:34:f9:d1: 3a:a6:d6:61:15:31:80:06:3f:e4:f3:ed:1b:c5:2c:b0:6f:9e: bd:aa:0a:ca:3b:b7:88:ec:50:2c:a8:81:a8:e7:80:fb:3e:02: b7:c7:2c:e3:f9:d7:95:6c:50:5f:60:01:5c:ac:95:0b:17:12: 92:c1:95:05:a2:f9:84:2d:1a:6a:b0:f4:ad:86:27:fe:df:07: 5b:70:6e:e1:bf:1d:cd:47:35:d4:fe:f4:f8:94:a8:59:b1:51: d8:fe:22:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDZBMDIxMTAvBgNVBAUTKEYwNzI4RUVEMkQ0RjhGRkQ4Q0ZFNUY4N0Y2MUJFQzA0 MzQ1MTQxMjkwHhcNMjUwNzAyMTgzNTIzWhcNMjUwNzA5MTgzNTIzWjAYMRYwFAYD VQQDEw02ODY1N2JlYi0zYjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyk21lIyk51zMW7KBAb8QPJ60RR/4GRop3TVPZQ9/hnAWVv+MCaa2rm7/A1hq ngGcS9YQGPMloWjPKP05uLNLstsb86F0fK+1IdBvHPQ+VIfpE64ObTT/JzhsBFof MgyjTUhSz7GsAvpTpJl+U1ozbsHLdvRwqZOH1ZEUmsKWWA5DysfVU7N6rIGDkPDO 4LFyZt5rrrbf+u1RNPzLxMB6puIoCw06h4YooFBteU9v8UWsCeIrlGa/VCkkK7/U 7OfmBZDhMAFO0IBpSQPX1MF153mld4rgwz82dj6KoSsP3qdfojiRA+PpXBQFtnMx U6W6MHGj1BRHJcvuzhlyLm5NzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH8WklMt bp2kYnPVsfjEXx1Nju3MMB8GA1UdIwQYMBaAFPByju0tT4/9jP5fh/Yb7AQ0UUEp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkEwMi84RENFRTlGQzA0 NUUxMUVBQURCN0RGM0FDNEY5QUUwMi84SEtPN1MxUGpfMk1fbC1IOWh2c0JEUlJR U2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhIS083UzFQal8yTV9sLUg5aHZzQkRSUlFTay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NkEwMi84RENFRTlGQzA0NUUxMUVBQURCN0RGM0FDNEY5QUUwMi84SEtPN1MxUGpf Mk1fbC1IOWh2c0JEUlJRU2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoUN5L1V0hJoqjBuAyM9ieNd18nSXzkc4UkeQJGE81zmz3hnZUsEBN bzHAKIr4MZylAGuKIkCsJ3KmLeyhkOR+A2N2LllVTJSgafYzv7xi7jt+H2L1iMKp CGgv9xL/x9E5bRmEqHu2nIovSYO90QlORp1YMkhkCnZOFmX5+zQnycW+BsPbqveS lmJrhdb5gIAUVYdoKpeJfyaT4EIbraM0+dE6ptZhFTGABj/k8+0bxSywb569qgrK O7eI7FAsqIGo54D7PgK3xyzj+deVbFBfYAFcrJULFxKSwZUFovmELRpqsPSthif+ 3wdbcG7hvx3NRzXU/vT4lKhZsVHY/iJx -----END CERTIFICATE-----Generated at Fri Jul 4 13:36:47 2025 by rpki-client