$ rpki-client -vvf rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft File: ihHrdksVeFOdbtOykDv2H0wIAHw.mft (raw, json) Hash identifier: LQ+IiU6XI/EsXAR1NRMDKzeUqlxm7gcXGClHVaRE8kM= Subject key identifier: 40:83:ED:3F:3E:F3:8B:98:E1:EE:79:EA:4C:14:39:30:E6:56:38:A3 Authority key identifier: 8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C Certificate issuer: /CN=A914CC0F/serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft Manifest number: 20 Signing time: Wed 02 Jul 2025 20:24:23 +0000 Manifest this update: Wed 02 Jul 2025 20:24:22 +0000 Manifest next update: Wed 09 Jul 2025 20:24:22 +0000 Files and hashes: 1: ihHrdksVeFOdbtOykDv2H0wIAHw.crl (hash: xyx+PYxMmFKlZ2nhpzeLVknTEXd0hp+yX9LB4N9rXsc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:24:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CC0F, serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Validity Not Before: Jul 2 20:24:22 2025 GMT Not After : Jul 9 20:24:22 2025 GMT Subject: CN=68659576-159d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a5:be:20:9d:8a:e9:4a:c4:0e:c3:d6:2f:e2: 57:9a:56:d7:80:36:00:3f:eb:6a:40:02:27:bb:d1: 93:e0:a1:39:a2:56:29:03:7a:fa:97:fc:82:2a:c9: 38:2f:77:b9:0a:d4:88:38:99:11:40:f7:ff:74:dc: 88:9a:59:16:87:63:f7:9a:28:14:7b:c0:9e:88:e5: 36:9b:c9:8c:39:92:de:84:b5:3b:40:29:67:90:15: b9:a3:8d:be:1d:13:94:2f:17:17:3a:b0:74:1b:59: c8:3e:3d:86:b6:9e:bf:7d:54:08:bb:69:0c:2d:f3: 37:39:ba:4b:47:cf:e9:f8:69:da:09:57:a4:11:24: 7b:c8:23:78:40:f4:cd:30:9c:ed:8b:04:30:cb:73: 31:79:7c:8e:e4:c9:97:da:1e:8b:f3:91:ce:3a:fd: 88:bf:0e:cb:dd:1f:8a:e8:7e:9b:4f:38:cf:50:1b: 77:5b:97:52:dd:82:3a:68:62:e2:68:90:76:05:33: 9a:b5:4d:25:12:23:58:f9:a8:07:53:fe:85:1d:7d: 5a:75:4d:24:94:79:2e:a7:8a:1a:b5:2d:b4:37:1d: 09:e7:c3:c0:6d:24:41:15:8b:5f:67:95:a6:8a:41: b3:52:b9:7c:a1:2e:e5:aa:0c:6b:2e:a3:af:49:50: d7:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:83:ED:3F:3E:F3:8B:98:E1:EE:79:EA:4C:14:39:30:E6:56:38:A3 X509v3 Authority Key Identifier: keyid:8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:32:16:18:45:9f:2c:3b:f7:64:eb:ec:68:7d:45:84:72:45: 3f:7b:53:4d:61:94:e5:23:a7:0d:5e:65:d1:55:4f:6f:15:dc: b1:f0:63:e1:f9:8f:e2:90:30:bc:7d:3a:93:f6:a7:ef:ba:0e: 0d:77:b8:ee:f5:50:f3:24:60:ab:9a:c7:1c:bd:2b:85:2a:b7: ac:8c:2e:86:11:a8:2d:8e:05:8f:af:d1:87:12:4d:ae:93:45: b8:c9:70:f7:fa:a1:a5:97:dd:fb:be:19:ac:b1:18:80:0f:61: 50:ec:2e:c4:54:bb:a3:0a:13:f8:5e:a9:91:89:fe:66:fd:8d: 15:9a:9b:5f:9f:25:51:28:42:51:a3:64:42:99:27:bc:1f:5d: 0e:ee:36:67:03:0a:3a:45:de:e1:ba:70:03:27:98:7d:a0:49: 55:06:1c:22:26:1b:ec:da:7b:af:84:77:f8:a3:9c:0d:62:fc: d0:6b:56:35:94:14:fc:6b:a0:0f:30:ea:7b:a6:d0:ed:85:71: 59:c3:b2:61:08:7b:28:95:ac:7b:d5:9f:ad:9f:d8:95:c8:3c: 1d:db:6f:37:17:49:a9:82:e8:fb:49:a3:77:db:80:54:fc:a6: 3c:f3:c2:f8:31:14:b2:5a:1c:76:b9:f5:3b:94:a5:ad:b3:5e: 25:d3:6f:ea -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Q0MwRjExMC8GA1UEBRMoOEExMUVCNzY0QjE1Nzg1MzlENkVEM0IyOTAzQkY2MUY0 QzA4MDA3QzAeFw0yNTA3MDIyMDI0MjJaFw0yNTA3MDkyMDI0MjJaMBgxFjAUBgNV BAMTDTY4NjU5NTc2LTE1OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZpb4gnYrpSsQOw9Yv4leaVteANgA/62pAAie70ZPgoTmiVikDevqX/IIqyTgv d7kK1Ig4mRFA9/903IiaWRaHY/eaKBR7wJ6I5TabyYw5kt6EtTtAKWeQFbmjjb4d E5QvFxc6sHQbWcg+PYa2nr99VAi7aQwt8zc5uktHz+n4adoJV6QRJHvII3hA9M0w nO2LBDDLczF5fI7kyZfaHovzkc46/Yi/DsvdH4rofptPOM9QG3dbl1LdgjpoYuJo kHYFM5q1TSUSI1j5qAdT/oUdfVp1TSSUeS6nihq1LbQ3HQnnw8BtJEEVi19nlaaK QbNSuXyhLuWqDGsuo69JUNchAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQIPtPz7z i5jh7nnqTBQ5MOZWOKMwHwYDVR0jBBgwFoAUihHrdksVeFOdbtOykDv2H0wIAHww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDQzBGLzQ5RTk5NkM0MkM2 MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZPZGJ0T3lrRHYySDB3SUFI dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaWhIcmRrc1ZlRk9kYnRPeWtEdjJIMHdJQUh3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRD QzBGLzQ5RTk5NkM0MkM2MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZP ZGJ0T3lrRHYySDB3SUFIdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJgyFhhFnyw792Tr7Gh9RYRyRT97U01hlOUjpw1eZdFVT28V3LHwY+H5 j+KQMLx9OpP2p++6Dg13uO71UPMkYKuaxxy9K4Uqt6yMLoYRqC2OBY+v0YcSTa6T RbjJcPf6oaWX3fu+GayxGIAPYVDsLsRUu6MKE/heqZGJ/mb9jRWam1+fJVEoQlGj ZEKZJ7wfXQ7uNmcDCjpF3uG6cAMnmH2gSVUGHCImG+zae6+Ed/ijnA1i/NBrVjWU FPxroA8w6num0O2FcVnDsmEIeyiVrHvVn62f2JXIPB3bbzcXSamC6PtJo3fbgFT8 pjzzwvgxFLJaHHa59TuUpa2zXiXTb+o= -----END CERTIFICATE-----Generated at Thu Jul 3 21:49:03 2025 by rpki-client