$ rpki-client -vvf rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft File: _ksuVPGAyAmvHsmemnx-JzLZ3aY.mft (raw, json) Hash identifier: tC9+mf/IdUo4cp/Hy7QDEzJoO/Roxbh/w/pEVP7+naw= Subject key identifier: 86:BA:F6:63:52:47:22:1E:89:76:13:6C:E2:09:D4:52:96:F7:62:A7 Authority key identifier: FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6 Certificate issuer: /CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6 Certificate serial: 0FEA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft Manifest number: 0FDB Signing time: Fri 04 Jul 2025 17:47:28 +0000 Manifest this update: Fri 04 Jul 2025 17:47:28 +0000 Manifest next update: Fri 11 Jul 2025 17:47:28 +0000 Files and hashes: 1: _ksuVPGAyAmvHsmemnx-JzLZ3aY.crl (hash: MI6aqszNsMg3tKhpsqP2DVY3Rf3xnc+Bx+58USD5lU4=) 2: 8F75257455E911E9AE112D6CC4F9AE02.roa (hash: thEUPRHmxogbvRJ6Y3FkP32LyqLTW2o8NNUuKxB2tbk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4074 (0xfea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914BE96, serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6 Validity Not Before: Jul 4 17:47:28 2025 GMT Not After : Jul 11 17:47:28 2025 GMT Subject: CN=686813b0-cd5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:38:11:d5:5f:87:1b:9b:66:18:19:9d:3f:4d: df:77:9d:c6:1d:8b:f0:17:4f:96:dc:f0:9b:bf:4e: a5:71:aa:40:95:ea:f5:73:5b:0c:ee:89:e6:4a:65: 4b:25:d5:3b:8d:66:56:66:31:43:8b:07:df:d6:d9: 41:72:86:a5:0f:e8:30:78:f0:52:1a:4f:8d:28:2e: 13:da:4e:97:35:21:16:28:43:e1:0e:b4:60:c0:5a: 4a:08:e4:51:ea:f2:63:59:f0:41:98:57:07:54:ec: eb:49:b3:6e:fe:29:07:a9:64:32:e6:18:40:44:ee: cd:08:94:77:29:f1:18:03:f9:b3:d8:89:31:5f:cd: 75:f7:e3:ef:27:67:b7:f8:11:8a:2b:eb:d0:71:09: 5b:67:f4:32:63:33:81:0e:34:bf:d2:28:3f:6c:e7: 74:3d:82:38:01:e2:af:c3:7f:9a:8c:dc:a9:50:18: 87:ce:32:fd:b7:db:62:14:d1:8b:1b:60:30:76:2b: 76:2a:67:9a:e1:31:2e:89:aa:c0:a3:19:3c:53:37: 96:66:ee:43:3a:a4:46:16:96:16:c8:92:4d:8f:ba: 90:27:f1:67:68:19:e6:fa:01:4a:52:df:bb:90:9b: 83:5f:f2:e5:22:e8:a6:04:6a:58:73:0d:25:17:b0: 84:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:BA:F6:63:52:47:22:1E:89:76:13:6C:E2:09:D4:52:96:F7:62:A7 X509v3 Authority Key Identifier: keyid:FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:e8:7a:36:13:91:0d:14:31:37:b5:f9:52:39:2a:63:ba:0a: d8:4c:29:02:da:5a:71:70:00:c4:b9:33:03:a9:2c:32:8a:80: 9a:92:86:26:e7:68:d4:44:a1:98:f4:80:f8:a0:a2:19:bd:69: 9d:f0:6b:33:7f:9d:44:99:a3:fe:5c:c7:7f:63:cb:0e:e4:cb: c2:2e:44:3e:af:5b:e1:a9:ee:f7:50:9e:ae:9c:5e:9e:c4:0c: 9a:bd:62:1f:05:a4:bb:f4:80:53:7b:20:7e:91:82:17:f3:dd: 2f:9b:e7:f9:59:02:e5:7d:ee:83:0a:e0:5b:4c:68:31:14:03: d8:85:8d:be:5c:82:f5:98:5c:2d:24:7d:0b:7b:e1:3e:61:d9: 22:a5:9b:81:6e:77:ca:76:34:e3:60:28:44:40:09:f8:33:e4: da:ae:61:6e:1c:85:d8:aa:49:d5:b0:c3:c1:cb:9b:51:97:9b: 7d:f6:f2:5b:02:3d:d7:7d:dd:f5:68:4b:da:52:9d:b5:7b:59: 90:9b:9c:fc:bf:77:e9:6d:b5:02:23:0c:15:cc:00:7a:f0:da: 60:dc:63:01:4d:3e:54:57:ba:2c:63:03:d1:d0:47:21:b3:c2: e6:1a:74:6a:dd:0c:9c:6d:0a:e8:9a:c8:26:53:96:e9:d1:08: 4f:95:69:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEJFOTYxMTAvBgNVBAUTKEZFNEIyRTU0RjE4MEM4MDlBRjFFQzk5RTlBN0M3RTI3 MzJEOUREQTYwHhcNMjUwNzA0MTc0NzI4WhcNMjUwNzExMTc0NzI4WjAYMRYwFAYD VQQDEw02ODY4MTNiMC1jZDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuDgR1V+HG5tmGBmdP03fd53GHYvwF0+W3PCbv06lcapAler1c1sM7onmSmVL JdU7jWZWZjFDiwff1tlBcoalD+gwePBSGk+NKC4T2k6XNSEWKEPhDrRgwFpKCORR 6vJjWfBBmFcHVOzrSbNu/ikHqWQy5hhARO7NCJR3KfEYA/mz2IkxX8119+PvJ2e3 +BGKK+vQcQlbZ/QyYzOBDjS/0ig/bOd0PYI4AeKvw3+ajNypUBiHzjL9t9tiFNGL G2Awdit2Kmea4TEuiarAoxk8UzeWZu5DOqRGFpYWyJJNj7qQJ/FnaBnm+gFKUt+7 kJuDX/LlIuimBGpYcw0lF7CEuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIa69mNS RyIeiXYTbOIJ1FKW92KnMB8GA1UdIwQYMBaAFP5LLlTxgMgJrx7Jnpp8ficy2d2m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkU5Ni9FREE2NUFDNDU1 RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlBbXZIc21lbW54LUp6TFoz YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19rc3VWUEdBeUFtdkhzbWVtbngtSnpMWjNhWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QkU5Ni9FREE2NUFDNDU1RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlB bXZIc21lbW54LUp6TFozYVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCz6Ho2E5ENFDE3tflSOSpjugrYTCkC2lpxcADEuTMDqSwyioCakoYm 52jURKGY9ID4oKIZvWmd8Gszf51EmaP+XMd/Y8sO5MvCLkQ+r1vhqe73UJ6unF6e xAyavWIfBaS79IBTeyB+kYIX890vm+f5WQLlfe6DCuBbTGgxFAPYhY2+XIL1mFwt JH0Le+E+YdkipZuBbnfKdjTjYChEQAn4M+TarmFuHIXYqknVsMPBy5tRl5t99vJb Aj3Xfd31aEvaUp21e1mQm5z8v3fpbbUCIwwVzAB68Npg3GMBTT5UV7osYwPR0Ech s8LmGnRq3QycbQromsgmU5bp0QhPlWnM -----END CERTIFICATE-----Generated at Fri Jul 4 22:22:58 2025 by rpki-client