$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: FTRVBj5oky9zuoGJSJ7YUxXLE88RoyQipK/I4jq+xyM= Subject key identifier: C7:3E:53:13:D9:2E:7C:58:22:F4:79:23:99:77:A3:B3:8C:8B:BC:2B Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0BEA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BE1 Signing time: Wed 02 Jul 2025 19:03:03 +0000 Manifest this update: Wed 02 Jul 2025 19:03:02 +0000 Manifest next update: Wed 09 Jul 2025 19:03:02 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: 5fuCMxRdFLdpDww2GF4k58v6Y+YT7IEFT7/U1rax/UY=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: vtoSKlT7or456eJjA8slT3V02xUjwJUVTYQRDOjaj2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:03:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3050 (0xbea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Jul 2 19:03:02 2025 GMT Not After : Jul 9 19:03:02 2025 GMT Subject: CN=68658266-a999 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7e:a1:76:d1:84:e5:30:02:ac:ab:1c:59:99: ef:ea:41:ae:17:02:bb:85:30:72:3d:9e:5e:a3:b5: ce:18:69:4e:14:39:56:c0:15:ff:8b:70:84:ce:dd: 0e:6d:b3:b4:ea:af:3b:85:d1:67:93:56:e2:09:69: f0:3b:b0:81:c1:8a:97:1c:69:eb:cb:53:ff:53:1b: 3b:15:ca:5d:57:02:20:68:be:94:15:dd:96:7c:b8: 52:5d:04:27:e1:57:03:1c:df:50:00:8a:1d:79:63: e3:77:fd:b1:31:a3:c7:b4:bc:97:f9:c5:5f:5b:76: 1d:0b:f1:a0:65:f2:9b:0a:01:37:bc:54:82:c3:c2: fd:5b:0f:4f:16:25:a0:7b:ff:dc:71:e4:e5:7d:0e: 82:3d:1d:19:64:a7:6b:aa:d0:2c:87:b7:66:f0:59: 2a:7e:42:5d:21:96:c0:f1:ee:70:a7:c6:59:b3:8b: 33:da:dc:d7:c6:98:c7:be:4d:66:ae:bb:dd:21:f1: f0:21:97:d5:16:bc:5d:d7:4b:84:dc:ed:dd:33:89: a2:d3:ed:05:ba:71:a4:3f:35:11:95:70:30:e4:bd: 73:0b:9a:b5:93:d5:47:b1:7e:34:3b:10:1c:6a:43: de:a3:2f:74:6d:5a:b7:34:ff:5c:8b:ef:83:60:f4: 7b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:3E:53:13:D9:2E:7C:58:22:F4:79:23:99:77:A3:B3:8C:8B:BC:2B X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:c6:4e:48:da:7a:f0:74:61:4f:d1:99:38:39:11:2f:08:14: 3f:97:2d:ce:45:e0:62:51:4d:7f:08:c0:e7:2e:ce:e6:07:cc: fc:78:9e:16:3e:86:ce:32:83:80:99:28:3b:58:0c:85:32:1c: 18:c7:4a:97:eb:af:42:8f:35:87:ab:58:72:86:e2:b4:cb:56: 89:ff:4d:65:ee:39:f7:d2:3e:49:b1:1b:8b:f7:ad:ca:08:97: 04:9d:5e:61:15:57:18:46:c0:9f:04:d2:a9:f0:54:eb:2a:7e: 64:ab:fa:0d:4d:bf:87:5d:cf:76:c3:aa:b9:20:c6:12:5b:e0: 63:39:47:04:79:31:36:00:22:7e:a7:48:63:8e:d7:1a:15:df: 02:87:76:54:e0:e6:67:b9:75:d3:c6:50:59:de:8b:12:08:3c: 82:06:ff:aa:a7:1f:26:ad:ea:26:6f:07:04:20:46:92:30:4d: 5c:04:8a:6f:2d:75:2d:82:b1:49:a7:af:26:55:c9:b6:8b:ce: 24:cb:a1:53:b6:42:33:67:be:51:d7:e0:be:a2:fb:44:57:27: cc:48:7c:c4:23:18:dd:00:75:37:b5:15:98:28:b2:22:2b:32: a4:ba:64:13:6d:87:7d:cf:71:58:70:bd:ea:13:bb:d1:f5:ab: 98:ee:b6:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwNzAyMTkwMzAyWhcNMjUwNzA5MTkwMzAyWjAYMRYwFAYD VQQDEw02ODY1ODI2Ni1hOTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxn6hdtGE5TACrKscWZnv6kGuFwK7hTByPZ5eo7XOGGlOFDlWwBX/i3CEzt0O bbO06q87hdFnk1biCWnwO7CBwYqXHGnry1P/Uxs7FcpdVwIgaL6UFd2WfLhSXQQn 4VcDHN9QAIodeWPjd/2xMaPHtLyX+cVfW3YdC/GgZfKbCgE3vFSCw8L9Ww9PFiWg e//cceTlfQ6CPR0ZZKdrqtAsh7dm8FkqfkJdIZbA8e5wp8ZZs4sz2tzXxpjHvk1m rrvdIfHwIZfVFrxd10uE3O3dM4mi0+0FunGkPzURlXAw5L1zC5q1k9VHsX40OxAc akPeoy90bVq3NP9ci++DYPR7AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMc+UxPZ LnxYIvR5I5l3o7OMi7wrMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMxk5I2nrwdGFP0Zk4OREvCBQ/ly3OReBiUU1/CMDnLs7mB8z8eJ4W PobOMoOAmSg7WAyFMhwYx0qX669CjzWHq1hyhuK0y1aJ/01l7jn30j5JsRuL963K CJcEnV5hFVcYRsCfBNKp8FTrKn5kq/oNTb+HXc92w6q5IMYSW+BjOUcEeTE2ACJ+ p0hjjtcaFd8Ch3ZU4OZnuXXTxlBZ3osSCDyCBv+qpx8mreombwcEIEaSME1cBIpv LXUtgrFJp68mVcm2i84ky6FTtkIzZ75R1+C+ovtEVyfMSHzEIxjdAHU3tRWYKLIi KzKkumQTbYd9z3FYcL3qE7vR9auY7raF -----END CERTIFICATE-----Generated at Thu Jul 3 02:54:36 2025 by rpki-client