$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: N3XZSn2AKkMzFOb/zkYi8v9+dvGWDILyOMHjdUUszbM= Subject key identifier: E1:85:26:90:72:F5:3E:A7:5B:77:0B:78:ED:53:0A:C1:BE:60:97:FF Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 0473 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 045F Signing time: Wed 02 Jul 2025 17:17:50 +0000 Manifest this update: Wed 02 Jul 2025 17:17:50 +0000 Manifest next update: Wed 09 Jul 2025 17:17:50 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: OsIgwdxDyg6RvByKw4gPLvHPT3V/N9srSa7DYk8scpg=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:17:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1139 (0x473) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Jul 2 17:17:50 2025 GMT Not After : Jul 9 17:17:50 2025 GMT Subject: CN=686569be-f30f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ea:a8:ab:3c:7e:01:e5:1e:46:ea:4d:78:79: 92:c8:7c:07:11:c1:f2:b5:6c:1e:d4:bd:eb:58:68: c9:cd:62:0b:c8:5f:b9:91:a5:63:06:cb:dc:14:21: b0:60:28:28:a2:07:4d:44:ea:09:13:cb:62:c5:b2: 08:d4:c3:c7:26:e9:e1:0d:d4:d9:b9:68:c9:7f:72: 75:a2:2a:a3:01:c0:0b:c0:05:a2:d6:c2:64:20:f2: 4f:d7:36:ed:5b:f6:48:68:e7:d8:82:84:3b:5a:eb: 7f:fe:ee:91:24:37:f8:7c:49:07:99:7f:99:1d:f2: 03:8d:1f:fb:dc:a2:02:42:7d:ff:b4:70:4c:05:96: dc:19:43:9d:f7:34:bb:6c:6f:05:72:b2:0f:78:fb: 05:2c:09:73:32:86:98:9b:07:34:74:79:b6:32:a4: 5e:03:67:e9:d2:30:86:58:c0:69:2e:bf:8f:80:60: 1c:6f:43:95:5c:5a:ca:94:c9:d5:3a:58:08:28:26: 29:96:0f:e1:2b:48:5b:12:6b:70:e0:62:3f:92:31: 14:08:79:17:8d:dd:34:2f:92:21:91:3d:96:94:b4: ea:20:7b:e6:bf:fc:ef:7b:9e:bb:ac:35:dc:58:75: b8:d3:bc:98:e0:d4:2d:ad:4b:be:df:b8:70:e4:d6: 3c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:85:26:90:72:F5:3E:A7:5B:77:0B:78:ED:53:0A:C1:BE:60:97:FF X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:04:e8:3e:d4:a1:84:62:91:3f:58:29:b9:6c:e9:ae:d5:40: 25:48:de:b1:8a:c1:89:f9:68:96:61:00:97:cc:17:2e:33:b9: de:b9:b2:54:7d:56:9c:9a:f0:d9:9f:1d:4a:27:83:59:b4:4c: 3a:04:62:4e:b0:4d:da:ba:30:2e:ba:9f:62:74:c1:2a:de:71: 1d:5f:49:ca:4a:00:6a:03:ae:b0:37:0f:9f:58:3c:95:ba:5c: 4e:06:ff:dc:70:d0:30:8a:e2:0e:c0:77:25:80:3b:e3:66:b3: 8d:0e:97:9c:eb:fe:10:4d:46:71:f4:95:bd:6b:da:32:e8:e7: 55:31:c1:83:b3:28:92:c8:48:51:fd:a7:b3:b0:35:3a:9c:d4: 03:b3:08:90:f1:ab:74:2d:84:87:6c:0e:01:ff:73:b5:63:22: a3:b3:e1:34:ed:ca:84:09:4a:22:68:d9:1f:15:b7:c1:d1:84: b8:b4:fe:bf:fd:39:01:29:e8:4c:06:7d:9d:da:cd:b6:96:12: 1a:af:37:2f:d5:6d:6b:a2:c1:d0:20:7b:c8:b0:0b:45:44:bd: c3:39:38:40:c0:60:ec:e0:d4:c0:1b:1c:03:54:2d:aa:d0:10: 00:fe:70:f4:6d:2d:ad:25:2d:1f:f8:db:82:4d:d4:c3:1a:e8: a6:8d:78:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUwNzAyMTcxNzUwWhcNMjUwNzA5MTcxNzUwWjAYMRYwFAYD VQQDEw02ODY1NjliZS1mMzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv+qoqzx+AeUeRupNeHmSyHwHEcHytWwe1L3rWGjJzWILyF+5kaVjBsvcFCGw YCgoogdNROoJE8tixbII1MPHJunhDdTZuWjJf3J1oiqjAcALwAWi1sJkIPJP1zbt W/ZIaOfYgoQ7Wut//u6RJDf4fEkHmX+ZHfIDjR/73KICQn3/tHBMBZbcGUOd9zS7 bG8FcrIPePsFLAlzMoaYmwc0dHm2MqReA2fp0jCGWMBpLr+PgGAcb0OVXFrKlMnV OlgIKCYplg/hK0hbEmtw4GI/kjEUCHkXjd00L5IhkT2WlLTqIHvmv/zve567rDXc WHW407yY4NQtrUu+37hw5NY8kwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOGFJpBy 9T6nW3cLeO1TCsG+YJf/MB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCsBOg+1KGEYpE/WCm5bOmu1UAlSN6xisGJ+WiWYQCXzBcuM7neubJU fVacmvDZnx1KJ4NZtEw6BGJOsE3aujAuup9idMEq3nEdX0nKSgBqA66wNw+fWDyV ulxOBv/ccNAwiuIOwHclgDvjZrONDpec6/4QTUZx9JW9a9oy6OdVMcGDsyiSyEhR /aezsDU6nNQDswiQ8at0LYSHbA4B/3O1YyKjs+E07cqECUoiaNkfFbfB0YS4tP6/ /TkBKehMBn2d2s22lhIarzcv1W1rosHQIHvIsAtFRL3DOThAwGDs4NTAGxwDVC2q 0BAA/nD0bS2tJS0f+NuCTdTDGuimjXhW -----END CERTIFICATE-----Generated at Thu Jul 3 23:28:53 2025 by rpki-client