$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: q06I+JA5ukX/kK53sLkw9qTUFnb/sIQfmGlhxN+RSDM= Subject key identifier: 05:D8:7B:4A:38:5B:A2:DF:FD:DC:20:25:77:BB:11:1E:5E:85:E9:FE Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 0168 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 0165 Signing time: Thu 03 Jul 2025 04:02:29 +0000 Manifest this update: Thu 03 Jul 2025 04:02:28 +0000 Manifest next update: Thu 10 Jul 2025 04:02:28 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: O78WJ3A5j9k7bWcIsnCYgamMtylI9klGEPHFWFkjPr8=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: Zg2pOaZOOb5sHUdXJNoHkdhEmOD4YyAjMP6N4/VUVYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 360 (0x168) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: Jul 3 04:02:28 2025 GMT Not After : Jul 10 04:02:28 2025 GMT Subject: CN=686600d5-f8d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:64:b6:89:b5:a7:fd:5c:de:83:7e:60:52:12: 6d:15:1d:0e:16:41:21:ee:bd:98:64:c3:24:3a:56: e6:e2:33:9a:6c:ee:0f:0a:a2:0b:89:6d:8c:61:11: 8a:67:f3:8c:14:ee:1f:5a:02:42:82:1e:b1:26:b7: 8c:53:62:6b:35:78:ea:e7:6b:16:49:fa:f0:fb:07: b1:a8:c2:c2:19:24:1f:df:06:e9:e1:c9:4b:af:c6: a9:e2:d2:74:f1:ae:53:0d:16:ba:35:6a:08:86:b5: d3:d6:dc:fe:6d:6f:9c:bd:c2:bd:df:5c:34:66:c1: ee:3c:0d:bc:9f:5d:5c:e6:34:23:38:fa:76:95:bb: 4f:ba:6f:19:ca:33:b9:b3:88:ca:4d:71:4e:67:78: 5e:45:f6:bb:0d:59:5b:4a:bd:2a:84:16:0d:63:f8: 3a:21:28:40:ed:67:b9:57:f7:5f:56:9e:ec:cc:61: 91:22:9d:36:33:eb:ff:ee:97:9c:9e:b7:4c:ce:82: fa:71:38:04:bf:6c:b1:3b:ef:f8:4e:a8:35:f8:9a: 48:8b:cb:19:ea:77:af:64:2b:0c:25:87:14:ec:a2: 7e:86:2b:4b:f0:be:9b:43:51:d9:99:f4:a6:0f:d3: f6:9e:24:a6:9b:f6:9f:58:7d:29:d9:40:14:0d:b3: 53:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:D8:7B:4A:38:5B:A2:DF:FD:DC:20:25:77:BB:11:1E:5E:85:E9:FE X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:b9:c1:99:42:fe:20:9b:43:e5:c9:95:ba:38:89:d3:de:05: fa:da:92:1c:8c:d1:ed:8a:98:16:f7:b5:3c:f4:40:c2:ae:3f: 9e:b9:20:1a:d9:16:d0:75:43:43:2c:f8:b3:99:94:61:51:53: 32:ae:7e:c9:4b:95:eb:30:f8:7c:28:e5:90:31:1e:62:ff:c5: 40:af:f2:f2:1b:3f:e4:21:6f:49:b6:4e:f3:84:02:fc:47:fe: ec:46:76:ac:23:86:67:ae:eb:b4:1c:c1:e0:0b:1b:ad:01:33: 76:60:15:c9:34:d7:1b:9f:a7:7a:7c:be:58:a0:b1:19:11:e0: 83:5c:23:a4:f7:cc:69:cc:4e:00:28:b4:68:9d:90:80:f0:96: 4a:e9:c8:e1:e3:45:a4:a4:52:36:5a:d8:9f:26:c7:da:46:8c: e0:8b:9f:97:99:8d:ec:f0:3e:d5:71:48:91:15:56:53:86:44: 19:ac:f9:68:70:0e:f0:42:11:08:65:ec:77:38:30:a2:89:60: f2:bf:c0:3f:4e:d0:82:0d:51:fe:db:b3:59:b2:c6:0a:00:94: 10:01:04:47:33:d8:ec:dc:61:e2:cf:7b:69:10:54:4c:1e:25: e8:31:a9:9c:a7:c9:8f:7d:db:38:5c:49:05:bd:8e:c7:49:a5: 44:0c:ba:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjUwNzAzMDQwMjI4WhcNMjUwNzEwMDQwMjI4WjAYMRYwFAYD VQQDEw02ODY2MDBkNS1mOGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqGS2ibWn/Vzeg35gUhJtFR0OFkEh7r2YZMMkOlbm4jOabO4PCqILiW2MYRGK Z/OMFO4fWgJCgh6xJreMU2JrNXjq52sWSfrw+wexqMLCGSQf3wbp4clLr8ap4tJ0 8a5TDRa6NWoIhrXT1tz+bW+cvcK931w0ZsHuPA28n11c5jQjOPp2lbtPum8ZyjO5 s4jKTXFOZ3heRfa7DVlbSr0qhBYNY/g6IShA7We5V/dfVp7szGGRIp02M+v/7pec nrdMzoL6cTgEv2yxO+/4Tqg1+JpIi8sZ6nevZCsMJYcU7KJ+hitL8L6bQ1HZmfSm D9P2niSmm/afWH0p2UAUDbNTSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAXYe0o4 W6Lf/dwgJXe7ER5ehen+MB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGucGZQv4gm0PlyZW6OInT3gX62pIcjNHtipgW97U89EDCrj+euSAa 2RbQdUNDLPizmZRhUVMyrn7JS5XrMPh8KOWQMR5i/8VAr/LyGz/kIW9Jtk7zhAL8 R/7sRnasI4Znruu0HMHgCxutATN2YBXJNNcbn6d6fL5YoLEZEeCDXCOk98xpzE4A KLRonZCA8JZK6cjh40WkpFI2WtifJsfaRozgi5+XmY3s8D7VcUiRFVZThkQZrPlo cA7wQhEIZex3ODCiiWDyv8A/TtCCDVH+27NZssYKAJQQAQRHM9js3GHiz3tpEFRM HiXoMamcp8mPfds4XEkFvY7HSaVEDLoP -----END CERTIFICATE-----Generated at Thu Jul 3 23:21:38 2025 by rpki-client