$ rpki-client -vvf rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft File: 4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft (raw, json) Hash identifier: 02tQoqdCIqFbDDz9OH6KJcyYsh4MwzS8+WrjL1zQGsY= Subject key identifier: 6D:C8:E8:3F:CA:8E:90:08:49:C4:5C:D0:15:78:8A:BD:99:AB:15:11 Authority key identifier: E0:C8:92:8F:94:51:52:0E:64:D1:DE:D5:8F:07:19:6B:58:61:B2:86 Certificate issuer: /CN=A917D4C4/serialNumber=E0C8928F9451520E64D1DED58F07196B5861B286 Certificate serial: 0668 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft Manifest number: 0664 Signing time: Mon 30 Jun 2025 14:51:41 +0000 Manifest this update: Mon 30 Jun 2025 14:51:40 +0000 Manifest next update: Mon 07 Jul 2025 14:51:40 +0000 Files and hashes: 1: 4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl (hash: spb5RIjOj9hFbQ/E5WHviGr4ys1fjTTNM4sNMUPoND4=) 2: 6E325DBC0E2F11EDB4659653C4F9AE02.roa (hash: NS8IXL+/osy1aonTB1YcjpMFwDzkEpu3g9yC5lM136w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:51:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1640 (0x668) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D4C4, serialNumber=E0C8928F9451520E64D1DED58F07196B5861B286 Validity Not Before: Jun 30 14:51:40 2025 GMT Not After : Jul 7 14:51:40 2025 GMT Subject: CN=6862a47c-a0f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:21:ad:58:74:cf:2b:cd:7f:e4:c0:ba:90:02: 50:58:31:39:fa:dc:9a:85:af:b8:08:db:65:7e:fc: 9d:4b:25:c0:80:9b:7e:e9:8e:6c:45:b9:0e:9c:a4: b1:d8:39:b1:cb:ae:ec:74:7c:ec:89:7e:28:ee:52: cc:27:11:f6:4d:a8:91:27:87:50:3a:cf:ca:74:2d: be:51:46:fc:75:ed:4b:24:b2:08:28:46:17:7b:a0: c5:43:6d:a7:5d:b7:1c:c6:46:98:04:9b:b1:c2:bb: 6c:60:63:95:07:f3:88:57:f1:c6:37:44:35:f3:ff: a7:37:b8:97:8d:51:65:81:10:4f:7e:41:b5:da:0e: 76:73:65:28:ae:44:48:01:61:85:b7:3c:1a:ca:f9: d4:6e:96:42:1f:85:6e:69:8f:dc:fd:bd:8d:bb:96: 3e:14:b7:d3:c1:1a:a5:9c:ef:8c:4e:3a:24:5e:b1: 56:01:45:41:31:58:41:71:29:1d:5b:0f:e3:2c:e5: 6d:f1:1e:4e:89:ba:bb:dd:98:4f:58:12:7a:50:01: 25:58:43:dc:53:00:e9:9d:80:a8:2a:d6:0f:cc:5c: 13:1d:e9:93:be:57:3b:b8:06:25:69:1d:0c:ae:30: 25:37:d1:ca:75:9f:37:db:e2:8c:14:b1:24:b1:16: 5d:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C8:E8:3F:CA:8E:90:08:49:C4:5C:D0:15:78:8A:BD:99:AB:15:11 X509v3 Authority Key Identifier: keyid:E0:C8:92:8F:94:51:52:0E:64:D1:DE:D5:8F:07:19:6B:58:61:B2:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:58:ff:25:36:a1:dc:2a:80:91:c3:65:95:c5:95:87:22:8a: a6:4a:eb:84:2d:a0:dd:be:20:84:fd:b4:24:04:ae:5a:76:fe: b9:23:5d:80:e0:81:d8:b3:73:95:37:a9:a3:7c:cc:0f:f8:1b: 21:e6:25:4f:f2:e9:ae:49:9b:36:90:41:87:93:32:eb:fa:b4: 69:40:c8:f5:57:93:3d:ac:76:9a:dc:c3:d2:bb:94:bd:86:e5: 66:46:02:07:d2:41:a5:6f:f0:b7:92:c6:92:86:1a:a0:03:dd: 45:e3:f3:2d:83:ba:85:4a:4e:cb:d1:ab:c2:68:b7:37:5c:87: 70:e7:c0:f9:bb:dc:75:e2:f5:fd:6e:c3:71:09:c0:af:82:fa: 98:26:cd:cb:8b:14:8e:f5:9e:7f:eb:11:cb:53:a0:9e:9c:2f: e4:bf:87:14:3a:d5:1b:9a:3f:a9:0e:0a:16:7b:01:09:59:c1: 14:8a:cf:18:05:ad:d5:8e:0b:19:d5:73:5e:c8:eb:a0:da:a7: 6e:10:6a:46:bf:a2:87:b1:5c:06:23:a2:46:56:e0:98:f8:47: 2b:f8:12:bd:64:b9:9b:4a:20:7c:2d:ab:96:b1:a1:dc:60:5b: 89:3f:23:dd:82:9f:4b:44:e4:43:cc:9d:44:d6:e2:f7:2a:29: fc:30:2e:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q0QzQxMTAvBgNVBAUTKEUwQzg5MjhGOTQ1MTUyMEU2NEQxREVENThGMDcxOTZC NTg2MUIyODYwHhcNMjUwNjMwMTQ1MTQwWhcNMjUwNzA3MTQ1MTQwWjAYMRYwFAYD VQQDEw02ODYyYTQ3Yy1hMGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtiGtWHTPK81/5MC6kAJQWDE5+tyaha+4CNtlfvydSyXAgJt+6Y5sRbkOnKSx 2Dmxy67sdHzsiX4o7lLMJxH2TaiRJ4dQOs/KdC2+UUb8de1LJLIIKEYXe6DFQ22n XbccxkaYBJuxwrtsYGOVB/OIV/HGN0Q18/+nN7iXjVFlgRBPfkG12g52c2UorkRI AWGFtzwayvnUbpZCH4VuaY/c/b2Nu5Y+FLfTwRqlnO+MTjokXrFWAUVBMVhBcSkd Ww/jLOVt8R5Oibq73ZhPWBJ6UAElWEPcUwDpnYCoKtYPzFwTHemTvlc7uAYlaR0M rjAlN9HKdZ832+KMFLEksRZdRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG3I6D/K jpAIScRc0BV4ir2ZqxURMB8GA1UdIwQYMBaAFODIko+UUVIOZNHe1Y8HGWtYYbKG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDRDNC80MzlDRjg3QzhE N0IxMUVCOEQ4QkQ2MEJDNEY5QUUwMi80TWlTajVSUlVnNWswZDdWandjWmExaGhz b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRNaVNqNVJSVWc1azBkN1Zqd2NaYTFoaHNvWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDRDNC80MzlDRjg3QzhEN0IxMUVCOEQ4QkQ2MEJDNEY5QUUwMi80TWlTajVSUlVn NWswZDdWandjWmExaGhzb1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtWP8lNqHcKoCRw2WVxZWHIoqmSuuELaDdviCE/bQkBK5adv65I12A 4IHYs3OVN6mjfMwP+Bsh5iVP8umuSZs2kEGHkzLr+rRpQMj1V5M9rHaa3MPSu5S9 huVmRgIH0kGlb/C3ksaShhqgA91F4/Mtg7qFSk7L0avCaLc3XIdw58D5u9x14vX9 bsNxCcCvgvqYJs3LixSO9Z5/6xHLU6CenC/kv4cUOtUbmj+pDgoWewEJWcEUis8Y Ba3VjgsZ1XNeyOug2qduEGpGv6KHsVwGI6JGVuCY+Ecr+BK9ZLmbSiB8LauWsaHc YFuJPyPdgp9LRORDzJ1E1uL3Kin8MC5r -----END CERTIFICATE-----Generated at Wed Jul 2 15:46:49 2025 by rpki-client