$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft File: STM5VHszADpYWZg2-0yZ55RJzfI.mft (raw, json) Hash identifier: 2vh77mahPbiT8Vat0H0zOuLj/6iojw8pmOEs4vJYdBM= Subject key identifier: C4:43:DC:EB:15:D7:83:2F:E9:BF:5D:AB:64:72:E2:BB:ED:27:9B:EB Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2 Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2 Certificate serial: 0AB4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft Manifest number: 0A98 Signing time: Mon 30 Jun 2025 19:45:17 +0000 Manifest this update: Mon 30 Jun 2025 19:45:16 +0000 Manifest next update: Mon 07 Jul 2025 19:45:16 +0000 Files and hashes: 1: STM5VHszADpYWZg2-0yZ55RJzfI.crl (hash: yhmss4SIA0TJnYmuCHVCN6TMp+ThRNSnW1fcB2xn/cA=) 2: 28BBBAA2634211EABE282367C4F9AE02.roa (hash: 6594I8zep7LQa/TMRBKeHx0wDGtSmtz334l2zdXQB4A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 19:45:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2740 (0xab4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2 Validity Not Before: Jun 30 19:45:16 2025 GMT Not After : Jul 7 19:45:16 2025 GMT Subject: CN=6862e94d-127d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c6:73:2b:e5:b8:d7:97:e1:dd:b7:d1:77:42: 80:66:27:90:8e:7f:91:54:49:ec:19:5a:85:3b:dd: 43:05:15:22:61:23:d1:cb:06:27:4e:42:0c:e9:3c: 5b:2a:f0:ad:c8:eb:4d:dd:88:93:c9:83:ae:e8:1d: 97:41:81:da:4b:d5:5a:ec:70:e9:35:ad:21:36:47: 11:5c:2b:e8:78:46:7e:f3:14:03:0b:4b:d9:1a:34: aa:3a:6f:71:b0:89:ee:12:71:f0:77:73:89:cd:3e: f4:9a:0a:dd:bd:59:9f:a4:74:9c:a5:80:02:57:10: 9e:17:84:4f:e6:c5:c7:ab:4f:ff:62:57:56:d6:c1: 6e:9b:99:6c:16:2a:92:f0:e4:1c:cf:34:8f:6d:01: 60:0b:f8:c8:d0:ee:a9:f7:35:5e:34:64:31:7a:e8: 9e:2d:6d:bb:74:d9:a7:e5:d1:77:a8:48:15:c9:1c: ae:cf:5e:48:e1:9b:1c:13:8e:c3:8e:5b:ca:50:2a: 1b:a4:b8:ee:0e:3a:21:7b:b1:bc:59:aa:05:2a:95: 5d:2c:5f:75:0f:30:e2:ac:05:4e:4c:e4:d2:16:86: 94:74:15:d7:88:e7:8c:c5:70:4e:51:06:f4:31:e6: a9:60:9c:c3:d3:f0:37:46:73:e5:20:ac:be:a9:6c: 57:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:43:DC:EB:15:D7:83:2F:E9:BF:5D:AB:64:72:E2:BB:ED:27:9B:EB X509v3 Authority Key Identifier: keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:b4:f9:fb:d9:71:e3:be:3f:b2:bd:19:3e:2a:5b:ac:f0:44: 3e:4f:78:2a:4e:bc:1b:2a:fe:66:7a:1d:e0:c7:8e:af:ef:7c: 35:8c:4e:fb:26:c4:fa:a6:32:c6:3c:03:e3:da:bc:03:37:77: c6:5c:0f:01:13:76:b0:63:e8:fd:fa:5d:04:d4:26:d5:30:ee: 55:8f:c5:39:97:35:d1:b1:45:74:3a:6c:ed:c5:69:a4:12:b1: 7c:5f:8e:69:d3:b7:de:87:01:93:80:9e:ae:e7:ee:3e:41:58: e6:c6:05:e7:58:1a:47:e1:d8:2e:12:ef:2d:5e:fd:f3:f3:72: 08:db:ee:d7:6f:89:77:33:cc:dd:10:50:bf:ef:6a:86:95:b6: b4:d8:32:db:dc:b0:a4:8a:ef:2c:05:4e:33:fe:da:55:9a:ee: 75:e5:d8:7f:ab:b4:61:6f:69:a0:9e:52:f0:0a:3f:e2:0b:5a: 2d:3b:94:ce:30:8f:5e:c4:1d:ba:49:35:1b:c7:ad:60:92:84: ce:44:46:3b:54:0d:72:67:9e:62:90:32:20:1d:5a:e1:da:7b: f5:69:7b:41:9f:fd:80:f0:8b:fd:68:c6:90:cd:b9:5e:b1:a3: 13:88:9c:f3:2f:f2:79:14:fe:45:76:3c:f5:95:c4:78:1f:e5: 91:d0:d4:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3 OTQ0OUNERjIwHhcNMjUwNjMwMTk0NTE2WhcNMjUwNzA3MTk0NTE2WjAYMRYwFAYD VQQDEw02ODYyZTk0ZC0xMjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq8ZzK+W415fh3bfRd0KAZieQjn+RVEnsGVqFO91DBRUiYSPRywYnTkIM6Txb KvCtyOtN3YiTyYOu6B2XQYHaS9Va7HDpNa0hNkcRXCvoeEZ+8xQDC0vZGjSqOm9x sInuEnHwd3OJzT70mgrdvVmfpHScpYACVxCeF4RP5sXHq0//YldW1sFum5lsFiqS 8OQczzSPbQFgC/jI0O6p9zVeNGQxeuieLW27dNmn5dF3qEgVyRyuz15I4ZscE47D jlvKUCobpLjuDjohe7G8WaoFKpVdLF91DzDirAVOTOTSFoaUdBXXiOeMxXBOUQb0 MeapYJzD0/A3RnPlIKy+qWxXSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMRD3OsV 14Mv6b9dq2Ry4rvtJ5vrMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6 ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Qjc5NS9CRDAzMkUwNDYzNDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFE cFlXWmcyLTB5WjU1Ukp6ZkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhtPn72XHjvj+yvRk+Klus8EQ+T3gqTrwbKv5meh3gx46v73w1jE77 JsT6pjLGPAPj2rwDN3fGXA8BE3awY+j9+l0E1CbVMO5Vj8U5lzXRsUV0OmztxWmk ErF8X45p07fehwGTgJ6u5+4+QVjmxgXnWBpH4dguEu8tXv3z83II2+7Xb4l3M8zd EFC/72qGlba02DLb3LCkiu8sBU4z/tpVmu515dh/q7Rhb2mgnlLwCj/iC1otO5TO MI9exB26STUbx61gkoTOREY7VA1yZ55ikDIgHVrh2nv1aXtBn/2A8Iv9aMaQzble saMTiJzzL/J5FP5Fdjz1lcR4H+WR0NRW -----END CERTIFICATE-----Generated at Tue Jul 1 03:13:17 2025 by rpki-client