$ rpki-client -vvf rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft File: p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft (raw, json) Hash identifier: gSfhJ5pZzAGKFAdTH+sRGrlgfu8o/0pOm26m5OyfqRg= Subject key identifier: 0E:FF:99:BD:3A:F1:D9:7C:E1:FF:E5:87:72:BE:3C:6F:1D:D7:EA:02 Authority key identifier: A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 Certificate issuer: /CN=A9165297/serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Certificate serial: 0E0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft Manifest number: 0E04 Signing time: Wed 02 Jul 2025 18:03:54 +0000 Manifest this update: Wed 02 Jul 2025 18:03:54 +0000 Manifest next update: Wed 09 Jul 2025 18:03:54 +0000 Files and hashes: 1: p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl (hash: F5oKkltaQM+jpp5Du20ARc3QmOkeHFfX+2/7s0yGx0c=) 2: 457A00A8AF7A11E9AFF10782C4F9AE02.roa (hash: mx4Am+cBFSXiPddaACrFcI512PsDACEUWWDSLjunmeM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:03:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3596 (0xe0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165297, serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Validity Not Before: Jul 2 18:03:54 2025 GMT Not After : Jul 9 18:03:54 2025 GMT Subject: CN=6865748a-8c52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:41:1a:9b:0f:1b:52:e7:c1:88:5e:06:45:ec: 4c:49:f1:ec:cf:c2:f3:6d:f4:0d:2f:47:d7:b2:62: dc:94:83:ea:00:1f:96:2c:db:ef:3f:50:35:16:69: de:ec:86:60:a0:a9:32:9a:19:23:5f:a5:9d:03:0e: 19:b0:ea:bb:fb:e6:1c:4d:55:6a:31:fe:60:b1:60: a0:12:8e:af:24:28:fa:b3:e5:a0:d7:b7:be:c3:cf: e2:b7:c1:66:bc:5f:b2:d3:cd:28:59:b5:a6:89:92: 93:5a:a0:c9:83:74:6d:b0:37:2e:99:c0:0d:d4:34: 88:72:e1:88:f8:57:62:25:ad:ed:18:09:dd:0f:44: 7a:f7:d5:4c:32:0a:90:b1:1e:ee:71:d8:9d:0b:5b: b3:79:b7:e0:e7:7a:58:d7:02:eb:4f:d1:3a:dc:22: 69:c6:22:57:b6:b5:3f:47:70:fd:bf:b7:fa:76:30: cd:99:4a:4c:a9:bd:e5:54:72:6e:87:20:0c:44:5d: d0:b0:79:27:69:10:c8:17:da:a0:6a:d8:bd:18:0d: 64:b5:d7:86:d0:21:fc:2c:ed:67:a9:0b:cf:6e:5a: d0:61:7f:6d:bf:9c:fe:9b:96:a9:80:18:fa:78:e9: 1f:3c:96:c7:7e:95:90:81:04:ec:d3:a8:1c:c4:ae: 30:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:FF:99:BD:3A:F1:D9:7C:E1:FF:E5:87:72:BE:3C:6F:1D:D7:EA:02 X509v3 Authority Key Identifier: keyid:A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:a8:17:fa:eb:70:48:ca:1b:07:c0:6b:26:93:bb:4b:b4:03: 90:df:ec:8d:b2:3c:e0:b8:27:a6:a9:11:d2:b5:d2:ef:f5:92: b5:0c:74:05:35:fe:6e:49:66:8a:3b:f9:aa:50:ec:73:de:8e: b9:ed:3b:cb:17:1d:91:4e:74:37:87:00:c6:a2:25:f0:af:04: 30:c2:ab:cf:df:95:4a:5e:33:89:c1:a1:65:6b:2f:70:05:64: f0:4b:89:20:34:e6:bd:aa:9d:c0:2d:05:63:bb:aa:e5:8a:ce: 0f:43:67:b5:8a:26:9e:3a:9a:2b:b8:4c:3b:9c:13:0f:0c:ca: d9:bc:46:0a:fa:b4:2f:a1:f6:fe:e0:e6:89:e2:73:61:d0:a0: 24:97:35:bc:20:60:07:48:e6:bc:0c:a4:2e:d5:f6:b7:48:9b: ab:bd:d1:1f:9a:3a:01:8a:5f:83:8a:5f:7d:3a:3d:ee:da:e2: c7:70:ba:c3:94:42:63:b1:06:4d:8e:c6:ce:87:de:02:71:54: be:da:4e:b2:cd:35:3f:65:2e:b2:db:b9:78:a1:e3:5d:76:c1: 7d:de:eb:b7:29:2e:58:f8:b0:b1:df:89:94:40:d1:c7:d5:42: 65:a6:c5:d1:e8:68:75:1a:b3:bd:af:77:3d:20:b0:7e:9d:ea: 91:ed:62:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjUyOTcxMTAvBgNVBAUTKEE3Rjg4MkMwQUNDOEYwRDhGMURCMzYxQ0Q0MEIxMjYw NkIwQzY4QzYwHhcNMjUwNzAyMTgwMzU0WhcNMjUwNzA5MTgwMzU0WjAYMRYwFAYD VQQDEw02ODY1NzQ4YS04YzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyUEamw8bUufBiF4GRexMSfHsz8LzbfQNL0fXsmLclIPqAB+WLNvvP1A1Fmne 7IZgoKkymhkjX6WdAw4ZsOq7++YcTVVqMf5gsWCgEo6vJCj6s+Wg17e+w8/it8Fm vF+y080oWbWmiZKTWqDJg3RtsDcumcAN1DSIcuGI+FdiJa3tGAndD0R699VMMgqQ sR7ucdidC1uzebfg53pY1wLrT9E63CJpxiJXtrU/R3D9v7f6djDNmUpMqb3lVHJu hyAMRF3QsHknaRDIF9qgati9GA1ktdeG0CH8LO1nqQvPblrQYX9tv5z+m5apgBj6 eOkfPJbHfpWQgQTs06gcxK4wGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA7/mb06 8dl84f/lh3K+PG8d1+oCMB8GA1UdIwQYMBaAFKf4gsCsyPDY8ds2HNQLEmBrDGjG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTI5Ny80MzAxRkRCRUFG NkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThOangyelljMUFzU1lHc01h TVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BfaUN3S3pJOE5qeDJ6WWMxQXNTWUdzTWFNWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTI5Ny80MzAxRkRCRUFGNkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThO angyelljMUFzU1lHc01hTVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWqBf663BIyhsHwGsmk7tLtAOQ3+yNsjzguCemqRHStdLv9ZK1DHQF Nf5uSWaKO/mqUOxz3o657TvLFx2RTnQ3hwDGoiXwrwQwwqvP35VKXjOJwaFlay9w BWTwS4kgNOa9qp3ALQVju6rlis4PQ2e1iiaeOporuEw7nBMPDMrZvEYK+rQvofb+ 4OaJ4nNh0KAklzW8IGAHSOa8DKQu1fa3SJurvdEfmjoBil+Dil99Oj3u2uLHcLrD lEJjsQZNjsbOh94CcVS+2k6yzTU/ZS6y27l4oeNddsF93uu3KS5Y+LCx34mUQNHH 1UJlpsXR6Gh1GrO9r3c9ILB+neqR7WJ1 -----END CERTIFICATE-----Generated at Wed Jul 2 22:26:27 2025 by rpki-client