$ rpki-client -vvf rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft File: 1fozYzT5muNj6lhn0o6KUCMeQiA.mft (raw, json) Hash identifier: yP/OtlushbIfNfKC7Hx4hIp1Qg+V2jCaOQjifybc+8k= Subject key identifier: 58:B1:D1:9A:21:D8:71:62:00:BE:38:9F:70:80:C2:30:FA:D5:18:12 Authority key identifier: D5:FA:33:63:34:F9:9A:E3:63:EA:58:67:D2:8E:8A:50:23:1E:42:20 Certificate issuer: /CN=A915F2B8/serialNumber=D5FA336334F99AE363EA5867D28E8A50231E4220 Certificate serial: 01AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft Manifest number: 01AA Signing time: Thu 03 Jul 2025 03:19:07 +0000 Manifest this update: Thu 03 Jul 2025 03:19:06 +0000 Manifest next update: Thu 10 Jul 2025 03:19:06 +0000 Files and hashes: 1: 1fozYzT5muNj6lhn0o6KUCMeQiA.crl (hash: e3H7FOold/wtSNswBlhTeWCf+gOv+7RnJa2y3P7j83A=) 2: 207C45B0CC2F11EDABE25F72C4F9AE02.roa (hash: 445y7dnFbGIJcED/nA18M8HZ1X9DaCKTToZbs8yrxpI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.crl rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 429 (0x1ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915F2B8, serialNumber=D5FA336334F99AE363EA5867D28E8A50231E4220 Validity Not Before: Jul 3 03:19:06 2025 GMT Not After : Jul 10 03:19:06 2025 GMT Subject: CN=6865f6aa-16c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d4:72:9d:30:68:a2:71:30:93:3e:db:f5:07: 9a:1e:6c:94:c4:6a:db:3e:d6:0b:70:7e:84:e7:40: 16:85:a0:19:cf:4e:31:32:8f:d0:3a:0b:bb:f0:95: 56:08:23:55:1c:0b:54:bb:ca:a2:13:d3:bc:fa:c6: e5:38:e0:9b:6b:0e:4b:ac:27:b6:37:f9:65:95:a3: 9e:1d:f1:e4:90:e2:34:a5:58:5b:f0:7d:6a:1c:7f: 73:d8:55:9f:e8:2e:6b:14:92:ea:3a:91:57:ee:e5: 31:c1:d8:b6:94:b8:57:1d:dc:21:6d:fe:db:a2:6d: da:87:af:fb:00:f9:a7:cd:e9:db:e0:71:fb:91:84: 37:bf:76:54:f6:72:6e:3c:61:88:1a:ee:be:26:a5: 24:1d:89:1a:4a:6d:05:aa:fc:1d:5d:02:34:35:c8: c6:16:e0:7b:d1:20:b0:a9:f0:d3:f0:4f:7b:14:0f: 33:12:37:b0:d3:11:d8:ef:d4:77:b7:e9:58:18:67: ce:7c:a3:a5:54:34:8b:a3:98:3a:83:a1:7f:17:a4: e7:2f:e5:d1:1f:b7:0e:ee:a3:9f:ae:bc:99:03:d7: 90:a0:b7:1a:a3:3b:fb:1f:f9:3f:25:69:a0:02:0a: 07:2b:09:3e:84:a1:49:77:57:6f:cc:b0:7c:f7:ba: 3b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:B1:D1:9A:21:D8:71:62:00:BE:38:9F:70:80:C2:30:FA:D5:18:12 X509v3 Authority Key Identifier: keyid:D5:FA:33:63:34:F9:9A:E3:63:EA:58:67:D2:8E:8A:50:23:1E:42:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:53:16:25:87:e9:54:e5:21:b6:78:ba:9c:d7:06:78:c0:be: 1e:22:7a:07:a5:27:8e:81:6a:c1:1f:0c:ca:c9:0e:93:28:0c: a6:6e:3a:00:7b:db:5e:72:46:9e:09:4a:16:2c:3f:b9:b4:d2: 11:5e:ac:4a:95:b0:5f:a2:9a:05:eb:0c:3b:2d:90:ac:80:d2: 17:3d:13:b6:95:57:d7:7e:6c:9b:18:44:71:a5:96:b8:2e:e5: 27:1b:f1:a2:e8:7d:c2:01:28:8d:b3:23:60:b7:95:e2:25:c7: 56:87:a5:8d:df:f7:35:73:47:e8:d3:73:ae:20:ce:ab:c8:2f: 3d:30:3d:a7:5c:e1:af:35:9f:8c:7f:f3:a4:66:c9:e0:33:2e: 3b:38:a7:c8:8a:33:b8:5a:dd:69:f8:55:c3:49:1e:d7:c7:1d: be:13:03:f2:53:00:96:ed:4f:4b:81:69:ce:7e:dc:35:75:f7: ae:c5:a4:8c:ce:da:c9:ca:08:73:34:91:7a:f7:44:2c:a9:7b: 87:e9:83:7d:1d:ef:80:92:dd:7c:54:ff:56:92:18:81:bf:98: 9f:43:e8:3d:e9:ec:de:43:ea:ea:92:43:82:62:16:d2:4c:de: 8b:f0:65:3d:71:b2:d0:b1:f1:68:09:4e:14:9d:2f:47:4e:dd: 8d:c0:ff:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUYyQjgxMTAvBgNVBAUTKEQ1RkEzMzYzMzRGOTlBRTM2M0VBNTg2N0QyOEU4QTUw MjMxRTQyMjAwHhcNMjUwNzAzMDMxOTA2WhcNMjUwNzEwMDMxOTA2WjAYMRYwFAYD VQQDEw02ODY1ZjZhYS0xNmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxdRynTBoonEwkz7b9QeaHmyUxGrbPtYLcH6E50AWhaAZz04xMo/QOgu78JVW CCNVHAtUu8qiE9O8+sblOOCbaw5LrCe2N/lllaOeHfHkkOI0pVhb8H1qHH9z2FWf 6C5rFJLqOpFX7uUxwdi2lLhXHdwhbf7bom3ah6/7APmnzenb4HH7kYQ3v3ZU9nJu PGGIGu6+JqUkHYkaSm0FqvwdXQI0NcjGFuB70SCwqfDT8E97FA8zEjew0xHY79R3 t+lYGGfOfKOlVDSLo5g6g6F/F6TnL+XRH7cO7qOfrryZA9eQoLcaozv7H/k/JWmg AgoHKwk+hKFJd1dvzLB897o7QwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFix0Zoh 2HFiAL44n3CAwjD61RgSMB8GA1UdIwQYMBaAFNX6M2M0+ZrjY+pYZ9KOilAjHkIg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjJCOC8yRjE3NjA4QUND MkMxMUVEQjk4NjA1NzFDNEY5QUUwMi8xZm96WXpUNW11Tmo2bGhuMG82S1VDTWVR aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFmb3pZelQ1bXVOajZsaG4wbzZLVUNNZVFpQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RjJCOC8yRjE3NjA4QUNDMkMxMUVEQjk4NjA1NzFDNEY5QUUwMi8xZm96WXpUNW11 Tmo2bGhuMG82S1VDTWVRaUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJUxYlh+lU5SG2eLqc1wZ4wL4eInoHpSeOgWrBHwzKyQ6TKAymbjoA e9teckaeCUoWLD+5tNIRXqxKlbBfopoF6ww7LZCsgNIXPRO2lVfXfmybGERxpZa4 LuUnG/Gi6H3CASiNsyNgt5XiJcdWh6WN3/c1c0fo03OuIM6ryC89MD2nXOGvNZ+M f/OkZsngMy47OKfIijO4Wt1p+FXDSR7Xxx2+EwPyUwCW7U9LgWnOftw1dfeuxaSM ztrJyghzNJF690QsqXuH6YN9He+Akt18VP9WkhiBv5ifQ+g96ezeQ+rqkkOCYhbS TN6L8GU9cbLQsfFoCU4UnS9HTt2NwP9+ -----END CERTIFICATE-----Generated at Thu Jul 3 17:55:06 2025 by rpki-client