$ rpki-client -vvf rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft File: B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft (raw, json) Hash identifier: p0gBfrCLmIJqXtwSE+Ru4zkMj6mpEd/c53HPMd2s7Pg= Subject key identifier: 10:9E:E6:B9:7C:89:A2:1A:A0:61:A0:08:47:EB:11:AF:51:E0:B8:59 Authority key identifier: 07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B Certificate issuer: /CN=A917C5E0/serialNumber=078B4A80D1DFE6C052533AADB19534AC59A3954B Certificate serial: AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft Manifest number: A8 Signing time: Thu 03 Jul 2025 06:18:04 +0000 Manifest this update: Thu 03 Jul 2025 06:18:03 +0000 Manifest next update: Thu 10 Jul 2025 06:18:03 +0000 Files and hashes: 1: B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl (hash: TTox3GkBHLY8gDdQ+n+FLMqhQICzO/jOzUqxv2CaBz8=) 2: 335E880A5A1811EFB08E4F38C4F9AE02.roa (hash: uB7Em80PKGY4uO2oMYJtskRF61M8oMXLAmFb1PjEp7E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C5E0, serialNumber=078B4A80D1DFE6C052533AADB19534AC59A3954B Validity Not Before: Jul 3 06:18:03 2025 GMT Not After : Jul 10 06:18:03 2025 GMT Subject: CN=6866209c-467c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:71:9d:8a:a1:36:a5:9a:ab:6d:e2:13:e1:3f: 0b:93:5e:fd:d6:5c:d8:d5:90:f6:be:3f:c4:16:3f: a9:3e:fc:54:75:f2:f5:51:07:bf:53:35:3d:9d:08: d7:7f:a0:d3:ad:c4:21:dc:ec:a6:ad:98:fa:95:96: 99:b2:2c:8b:dc:39:80:1f:93:55:c1:b9:37:9d:a4: 7e:15:d0:1c:c2:b3:c7:8d:b8:86:a4:02:88:c9:0a: 60:3f:d7:60:87:d2:f9:53:06:46:71:78:0a:ab:cf: ab:64:55:08:ec:3c:53:e0:45:e8:ba:19:6f:d4:f9: c4:b7:d3:a7:86:bf:29:6b:b2:a6:2f:e3:5b:cf:25: aa:ec:c6:04:e0:41:39:be:7c:cc:93:b8:c3:79:95: 9d:ea:16:b3:62:67:f3:a8:81:1b:0a:b1:c6:5f:28: b4:39:3f:c6:01:ad:81:f2:04:9d:ff:f5:37:72:c6: 5d:05:90:61:56:c2:88:df:7b:15:83:73:3f:ba:0c: fa:5c:4a:dd:cb:62:64:af:59:35:02:82:e5:60:54: 27:97:33:ff:ba:a3:6b:a9:f4:af:34:5c:87:13:c3: 34:1e:e9:16:29:07:5a:7f:e3:48:3e:c9:e3:d5:01: 6f:44:99:f7:93:eb:d0:47:b6:ee:b3:57:d5:46:5f: 35:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:9E:E6:B9:7C:89:A2:1A:A0:61:A0:08:47:EB:11:AF:51:E0:B8:59 X509v3 Authority Key Identifier: keyid:07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d4:1b:85:90:33:f5:1e:ca:ea:3d:79:63:a1:4e:e8:9f:7a:1b: 55:bb:a1:67:78:ab:0e:a6:b5:b8:82:be:c0:b8:7a:80:bc:01: fe:c7:9d:e9:d2:81:21:29:b1:6c:85:60:8b:1d:cd:c5:65:cd: 3e:50:dd:5c:a8:3d:1b:05:3f:de:a7:8d:69:df:5f:b2:2c:af: 1e:9c:c5:ab:95:49:a4:63:cc:87:98:97:4e:0c:92:0d:c8:53: 86:61:b0:f9:a9:6f:63:25:8d:db:4d:0a:67:58:42:ff:7c:15: e7:cc:6c:6e:89:18:bd:2f:47:ed:f6:34:64:32:1e:f9:ac:64: 7e:f7:a1:4d:27:cc:af:27:2c:0e:6f:5f:a4:e3:e5:ff:bc:aa: 18:f5:4a:6a:53:68:4d:2e:f9:1c:e8:27:82:44:93:c9:07:d1: 5e:eb:11:57:d8:74:3b:3f:86:36:07:d4:cd:b3:bd:be:44:0e: 8e:fa:a9:97:8b:24:9a:4c:b6:4e:3f:cf:6c:55:d7:de:3c:79: 78:d0:1d:d0:b0:8e:ba:f9:cb:d5:e6:a7:d3:5a:89:89:e8:52: 0f:68:43:23:ac:49:53:65:a8:83:0f:5e:ba:3f:f7:64:9b:a7: ff:7a:48:9c:67:45:f6:0c:d0:e4:63:97:0e:51:15:77:70:39: a4:4a:56:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M1RTAxMTAvBgNVBAUTKDA3OEI0QTgwRDFERkU2QzA1MjUzM0FBREIxOTUzNEFD NTlBMzk1NEIwHhcNMjUwNzAzMDYxODAzWhcNMjUwNzEwMDYxODAzWjAYMRYwFAYD VQQDEw02ODY2MjA5Yy00NjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApHGdiqE2pZqrbeIT4T8Lk1791lzY1ZD2vj/EFj+pPvxUdfL1UQe/UzU9nQjX f6DTrcQh3OymrZj6lZaZsiyL3DmAH5NVwbk3naR+FdAcwrPHjbiGpAKIyQpgP9dg h9L5UwZGcXgKq8+rZFUI7DxT4EXouhlv1PnEt9Onhr8pa7KmL+NbzyWq7MYE4EE5 vnzMk7jDeZWd6hazYmfzqIEbCrHGXyi0OT/GAa2B8gSd//U3csZdBZBhVsKI33sV g3M/ugz6XErdy2Jkr1k1AoLlYFQnlzP/uqNrqfSvNFyHE8M0HukWKQdaf+NIPsnj 1QFvRJn3k+vQR7bus1fVRl81/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBCe5rl8 iaIaoGGgCEfrEa9R4LhZMB8GA1UdIwQYMBaAFAeLSoDR3+bAUlM6rbGVNKxZo5VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzVFMC84NzIwQUIxODVB MTcxMUVGQUEyMkE3MjlDNEY5QUUwMi9CNHRLZ05IZjVzQlNVenF0c1pVMHJGbWps VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I0dEtnTkhmNXNCU1V6cXRzWlUwckZtamxVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzVFMC84NzIwQUIxODVBMTcxMUVGQUEyMkE3MjlDNEY5QUUwMi9CNHRLZ05IZjVz QlNVenF0c1pVMHJGbWpsVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDUG4WQM/Ueyuo9eWOhTuifehtVu6FneKsOprW4gr7AuHqAvAH+x53p 0oEhKbFshWCLHc3FZc0+UN1cqD0bBT/ep41p31+yLK8enMWrlUmkY8yHmJdODJIN yFOGYbD5qW9jJY3bTQpnWEL/fBXnzGxuiRi9L0ft9jRkMh75rGR+96FNJ8yvJywO b1+k4+X/vKoY9UpqU2hNLvkc6CeCRJPJB9Fe6xFX2HQ7P4Y2B9TNs72+RA6O+qmX iySaTLZOP89sVdfePHl40B3QsI66+cvV5qfTWomJ6FIPaEMjrElTZaiDD166P/dk m6f/ekicZ0X2DNDkY5cOURV3cDmkSlZY -----END CERTIFICATE-----Generated at Thu Jul 3 11:40:49 2025 by rpki-client