$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft File: cI8eBxM4VcgHTu1fjIO0RmpgesI.mft (raw, json) Hash identifier: aPblBS4eMz4JrcP6igDQiUNA7G7/1PRsD+YfiMeMaJQ= Subject key identifier: BE:A2:80:2E:8B:B3:A0:51:04:A0:A8:12:B0:BD:ED:40:5C:27:D1:E7 Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 011E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft Manifest number: 011A Signing time: Thu 03 Jul 2025 05:00:46 +0000 Manifest this update: Thu 03 Jul 2025 05:00:46 +0000 Manifest next update: Thu 10 Jul 2025 05:00:45 +0000 Files and hashes: 1: cI8eBxM4VcgHTu1fjIO0RmpgesI.crl (hash: EuY3ED9gQvmYyCt7GFZ/l5UO5Q2KS5ikfADmWmb/kBQ=) 2: BFC0298670DC11EF8B65D95AC4F9AE02.roa (hash: UgEzMnFdPuD9AyKqWzCGknoXwkBXShyWFB2xX76uKRE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 286 (0x11e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16, serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Jul 3 05:00:46 2025 GMT Not After : Jul 10 05:00:45 2025 GMT Subject: CN=68660e7e-6149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ee:5a:8c:ed:7b:17:25:4f:44:49:a3:48:c3: b1:ea:8e:a8:02:10:33:ce:07:d8:8d:97:12:40:20: 14:da:a9:ed:77:38:14:a0:4b:96:13:f9:70:7a:1d: a2:d1:d4:7e:b9:21:5f:51:87:2d:c8:2b:21:0e:c0: 8e:f7:ea:0e:a1:b0:a4:5c:cd:ee:24:55:6f:5e:d2: a2:ad:80:26:e6:c8:59:2d:16:bb:d9:fa:6d:68:8a: 6d:51:5a:19:8e:7f:b6:b0:dc:48:54:20:b9:00:e2: b0:a8:98:8c:e9:b0:9f:d1:4d:18:f1:7b:99:59:e7: 5e:cb:d5:cb:36:6a:ee:92:94:f7:ae:61:ad:c7:05: 22:95:fa:f8:dc:8f:fd:cc:12:4d:8d:73:23:cc:a8: 20:ed:ca:96:ae:f4:e7:7b:94:17:00:c2:fd:c1:ef: dc:58:1b:22:c7:1f:af:96:f4:5d:43:38:20:b7:22: 27:a4:74:41:cf:c3:47:ea:d9:85:8e:16:fc:5b:d6: 2a:93:2c:41:8e:87:65:9d:3a:e4:9f:74:bd:cd:32: 8c:56:e2:91:e4:86:e6:a3:44:80:37:47:34:1c:1c: dc:6f:13:06:ae:1f:c3:3d:53:5c:6e:3e:09:cf:33: 58:6d:ae:5c:a5:f2:fc:da:f4:38:36:cd:99:3b:d8: 46:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:A2:80:2E:8B:B3:A0:51:04:A0:A8:12:B0:BD:ED:40:5C:27:D1:E7 X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:f1:dc:43:87:35:30:88:3a:fc:2e:9b:49:07:36:91:bb:20: 2e:0d:fd:87:61:fd:6d:de:29:68:81:62:73:15:df:34:eb:8a: 5a:cf:5e:32:7d:f3:48:61:40:c5:37:4f:7e:fb:74:3e:1a:5e: f3:e3:ec:82:b1:7e:12:94:73:90:85:77:dd:59:f0:02:82:af: aa:8b:50:12:e8:de:c7:b1:16:68:ec:51:6c:0c:4a:2a:d0:e5: fa:56:c9:ce:0a:75:9c:27:23:59:d3:0c:f9:91:2b:24:3b:7e: 7e:06:01:ea:e8:f5:d9:d7:5f:3f:61:30:92:19:ff:9c:9f:85: ff:68:75:d7:41:35:b6:05:69:70:1a:2f:8e:f7:e7:d9:bd:74: 2f:91:19:88:78:78:fb:42:33:d3:fb:41:22:4f:52:25:aa:07: 3b:e2:44:6f:1a:34:c3:54:40:88:d7:30:54:7e:9d:49:d7:e4: 21:47:0c:9f:08:60:20:d9:d7:44:51:fb:ee:d5:88:4b:5f:ee: 61:08:18:09:4d:a8:42:8f:e5:43:51:3d:35:9a:58:20:c5:21: a3:79:15:a5:33:c0:08:71:3f:4a:be:e2:53:2c:44:05:d7:19: 2e:fe:64:37:bb:48:2e:a3:8f:ba:9e:bf:24:9f:ea:b7:ff:40: 8a:7b:d2:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjUwNzAzMDUwMDQ2WhcNMjUwNzEwMDUwMDQ1WjAYMRYwFAYD VQQDEw02ODY2MGU3ZS02MTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAze5ajO17FyVPREmjSMOx6o6oAhAzzgfYjZcSQCAU2qntdzgUoEuWE/lweh2i 0dR+uSFfUYctyCshDsCO9+oOobCkXM3uJFVvXtKirYAm5shZLRa72fptaIptUVoZ jn+2sNxIVCC5AOKwqJiM6bCf0U0Y8XuZWedey9XLNmrukpT3rmGtxwUilfr43I/9 zBJNjXMjzKgg7cqWrvTne5QXAML9we/cWBsixx+vlvRdQzggtyInpHRBz8NH6tmF jhb8W9YqkyxBjodlnTrkn3S9zTKMVuKR5Ibmo0SAN0c0HBzcbxMGrh/DPVNcbj4J zzNYba5cpfL82vQ4Ns2ZO9hGgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL6igC6L s6BRBKCoErC97UBcJ9HnMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZj Z0hUdTFmaklPMFJtcGdlc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA88dxDhzUwiDr8LptJBzaRuyAuDf2HYf1t3ilogWJzFd8064paz14y ffNIYUDFN09++3Q+Gl7z4+yCsX4SlHOQhXfdWfACgq+qi1AS6N7HsRZo7FFsDEoq 0OX6VsnOCnWcJyNZ0wz5kSskO35+BgHq6PXZ118/YTCSGf+cn4X/aHXXQTW2BWlw Gi+O9+fZvXQvkRmIeHj7QjPT+0EiT1Ilqgc74kRvGjTDVECI1zBUfp1J1+QhRwyf CGAg2ddEUfvu1YhLX+5hCBgJTahCj+VDUT01mlggxSGjeRWlM8AIcT9KvuJTLEQF 1xku/mQ3u0guo4+6nr8kn+q3/0CKe9Lx -----END CERTIFICATE-----Generated at Thu Jul 3 23:21:15 2025 by rpki-client