$ rpki-client -vvf rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.mft File: sAFKgwbFLkBPZ8ovjlhvm4aOjKs.mft (raw, json) Hash identifier: g7i02jRrzxWYW6g47jypmts+QSG9Hl2Cx+qbNqlPKg0= Subject key identifier: D4:AF:E8:12:EA:B1:67:3E:52:D0:A7:0B:5F:CE:EF:CB:8B:0D:F1:CF Authority key identifier: B0:01:4A:83:06:C5:2E:40:4F:67:CA:2F:8E:58:6F:9B:86:8E:8C:AB Certificate issuer: /CN=A914FA25/serialNumber=B0014A8306C52E404F67CA2F8E586F9B868E8CAB Certificate serial: DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.mft Manifest number: 0E04 Signing time: Wed 02 Jul 2025 19:06:20 +0000 Manifest this update: Wed 02 Jul 2025 19:06:19 +0000 Manifest next update: Wed 09 Jul 2025 19:06:19 +0000 Files and hashes: 1: sAFKgwbFLkBPZ8ovjlhvm4aOjKs.crl (hash: so9vK23wPJ1Ahsln3gpQjBt2ig9N9rb28YHQO8aAfXE=) 2: 16D76086A0A811EF88ED2026C4F9AE02.roa (hash: xXVPh1g488DDZ2eC7px+JMoDM3ZGXGyVRE09L+pr9Pc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.crl rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:06:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 218 (0xda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914FA25, serialNumber=B0014A8306C52E404F67CA2F8E586F9B868E8CAB Validity Not Before: Jul 2 19:06:19 2025 GMT Not After : Jul 9 19:06:19 2025 GMT Subject: CN=6865832c-db82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b3:1d:7d:9d:2e:a3:03:62:70:46:1b:ed:12: 5d:58:98:69:91:ce:85:8b:84:fb:b7:93:8b:13:b7: fa:e9:8c:b2:0c:6d:a8:96:7a:4b:55:40:3a:62:50: c1:ce:22:65:64:8b:bf:3b:08:41:59:14:78:ae:33: 54:9c:2a:63:65:98:3b:ac:51:30:15:56:04:e3:7b: ca:ae:cf:ab:b2:37:e2:1f:6e:41:5a:7f:ca:fd:3c: 6b:0c:f9:ec:91:16:40:bd:4c:ee:eb:8b:0b:50:a2: b7:4e:0e:ed:f0:13:72:13:f5:cf:90:3c:e9:23:8b: 62:65:46:64:fa:02:8f:d9:7e:dc:f3:ff:18:f4:23: 9e:76:7c:80:39:5e:be:0b:8b:c2:ab:9b:c3:41:88: 04:aa:ec:81:8b:64:ce:f6:de:87:87:67:48:33:19: 2f:31:56:65:1d:6c:c5:e9:f5:40:5a:1e:55:b7:9c: 7a:ea:2c:21:a6:5f:3b:d9:45:e5:61:ab:77:93:6a: 3f:52:94:1d:68:6c:05:5e:64:92:85:f8:43:ad:4f: 05:a1:bc:d3:e8:17:e4:75:cf:df:ad:00:89:7a:47: 8b:bd:3f:d4:ee:e7:0f:8b:cb:5c:ce:4a:5a:b7:59: 8f:0d:92:c3:4a:d4:2c:5a:2c:7b:ea:d5:1b:78:4a: 6b:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:AF:E8:12:EA:B1:67:3E:52:D0:A7:0B:5F:CE:EF:CB:8B:0D:F1:CF X509v3 Authority Key Identifier: keyid:B0:01:4A:83:06:C5:2E:40:4F:67:CA:2F:8E:58:6F:9B:86:8E:8C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FA25/2BBCBCAA1DAC11EAAF4A3763C4F9AE02/sAFKgwbFLkBPZ8ovjlhvm4aOjKs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:5b:63:84:53:b0:86:1a:3a:8b:29:05:de:56:04:31:35:da: 6e:b3:69:d7:84:dd:33:a5:47:c1:9b:5f:ff:7a:3b:04:96:11: c5:2b:cf:c8:6c:88:c4:96:fc:de:35:1a:1f:47:55:72:63:01: 7b:71:e5:30:dc:da:5d:91:55:1b:72:bc:a8:43:e3:37:42:2b: a6:8a:73:9b:84:c4:72:71:85:c5:8f:fe:b0:10:8f:fc:a0:82: 38:1b:b5:dc:ef:46:95:f7:21:c3:78:7e:a7:5d:49:34:0a:e3: e8:eb:b0:50:fb:93:cf:62:9f:66:b9:40:ee:12:a9:5a:2a:54: 33:7d:95:20:74:d4:2d:0f:e3:2f:93:ab:b9:62:7a:86:5b:3d: ea:c5:91:8d:2e:7e:c7:bb:e4:00:c4:ed:57:fd:af:44:8e:b7: 9d:a8:68:cd:35:5a:72:f1:2b:e0:94:ee:2b:76:68:ca:e7:cf: 97:d7:5d:68:a8:11:fc:a7:06:33:17:a7:1c:1c:53:a9:39:49: ae:6f:10:05:9e:42:08:ff:50:37:52:e1:b0:95:35:93:f8:c2: b1:dd:35:83:5e:67:65:2b:4c:6b:22:63:b4:6b:2f:d9:67:96: a9:ab:14:84:69:f1:3f:0a:d8:a0:01:98:6b:45:a8:17:f7:79: 7d:82:c2:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEZBMjUxMTAvBgNVBAUTKEIwMDE0QTgzMDZDNTJFNDA0RjY3Q0EyRjhFNTg2RjlC ODY4RThDQUIwHhcNMjUwNzAyMTkwNjE5WhcNMjUwNzA5MTkwNjE5WjAYMRYwFAYD VQQDEw02ODY1ODMyYy1kYjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7MdfZ0uowNicEYb7RJdWJhpkc6Fi4T7t5OLE7f66YyyDG2olnpLVUA6YlDB ziJlZIu/OwhBWRR4rjNUnCpjZZg7rFEwFVYE43vKrs+rsjfiH25BWn/K/TxrDPns kRZAvUzu64sLUKK3Tg7t8BNyE/XPkDzpI4tiZUZk+gKP2X7c8/8Y9COednyAOV6+ C4vCq5vDQYgEquyBi2TO9t6Hh2dIMxkvMVZlHWzF6fVAWh5Vt5x66iwhpl872UXl Yat3k2o/UpQdaGwFXmSShfhDrU8FobzT6Bfkdc/frQCJekeLvT/U7ucPi8tczkpa t1mPDZLDStQsWix76tUbeEprewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNSv6BLq sWc+UtCnC1/O78uLDfHPMB8GA1UdIwQYMBaAFLABSoMGxS5AT2fKL45Yb5uGjoyr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RkEyNS8yQkJDQkNBQTFE QUMxMUVBQUY0QTM3NjNDNEY5QUUwMi9zQUZLZ3diRkxrQlBaOG92amxodm00YU9q S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NBRktnd2JGTGtCUFo4b3ZqbGh2bTRhT2pLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RkEyNS8yQkJDQkNBQTFEQUMxMUVBQUY0QTM3NjNDNEY5QUUwMi9zQUZLZ3diRkxr QlBaOG92amxodm00YU9qS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALW2OEU7CGGjqLKQXeVgQxNdpus2nXhN0zpUfBm1//ejsElhHFK8/I bIjElvzeNRofR1VyYwF7ceUw3NpdkVUbcryoQ+M3QiuminObhMRycYXFj/6wEI/8 oII4G7Xc70aV9yHDeH6nXUk0CuPo67BQ+5PPYp9muUDuEqlaKlQzfZUgdNQtD+Mv k6u5YnqGWz3qxZGNLn7Hu+QAxO1X/a9EjredqGjNNVpy8SvglO4rdmjK58+X111o qBH8pwYzF6ccHFOpOUmubxAFnkII/1A3UuGwlTWT+MKx3TWDXmdlK0xrImO0ay/Z Z5apqxSEafE/CtigAZhrRagX93l9gsL3 -----END CERTIFICATE-----Generated at Thu Jul 3 07:10:16 2025 by rpki-client