$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: a4pkOtVks2XFJ6iihcGCFiFvlrWjUkQuJ9mJyIOTLfQ= Subject key identifier: 64:51:62:A3:1D:ED:FE:A2:F0:89:BB:4A:8F:C5:18:33:C7:2E:6A:42 Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 049F Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 049A Signing time: Wed 02 Jul 2025 16:39:48 +0000 Manifest this update: Wed 02 Jul 2025 16:39:48 +0000 Manifest next update: Wed 09 Jul 2025 16:39:48 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: t3PDW+WnMLH1vpYfv7GzKTw6UZVY+70v1gWcq0Xjv7M=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: v+UfHJBNUMJhgU+Hq/Ni7UlIWeTPSw4kY7gKtnOeoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1183 (0x49f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Jul 2 16:39:48 2025 GMT Not After : Jul 9 16:39:48 2025 GMT Subject: CN=686560d4-13a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:36:11:65:36:f3:1d:33:26:5e:25:f2:2e: 3c:01:2e:3a:1d:d2:ac:34:9c:2c:02:87:5e:c2:71: 1e:51:29:5e:c4:b8:98:59:6f:59:cd:16:6f:ee:8c: 45:48:ba:e8:11:3b:22:84:6c:ef:7a:15:3a:ec:59: 9e:9d:39:a2:16:a4:3f:21:37:01:80:27:f7:07:85: b2:d8:ab:4f:96:c3:31:0b:1f:3e:b8:10:37:f2:19: 62:79:d0:db:3a:66:00:b8:0a:ec:c1:02:fa:e4:d4: f7:5e:78:af:20:af:6d:8f:48:03:01:d7:3e:06:e4: 36:d3:f9:2f:13:97:83:6d:d6:df:73:69:7b:bb:ee: d0:ae:87:ad:fe:b1:e3:f9:35:0b:c9:7c:3e:c0:0a: 94:b4:80:27:41:75:0b:0d:c3:a0:2a:a8:be:1c:13: ff:f3:ef:32:8c:07:d4:34:6f:3d:a4:2b:ed:de:a7: 48:53:6d:5f:ae:1f:bf:f7:85:86:95:a6:7c:7d:48: 1c:18:63:06:fb:05:d8:3f:5b:f9:b6:47:b6:20:e1: 6f:4f:d8:ef:ce:b8:f3:9e:9e:c3:02:1a:c4:df:00: 7e:26:f2:b6:f6:fe:19:a7:36:7b:1c:a2:f1:b6:93: e2:a8:ec:07:0b:10:69:bf:61:58:95:13:d5:9b:64: f5:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:51:62:A3:1D:ED:FE:A2:F0:89:BB:4A:8F:C5:18:33:C7:2E:6A:42 X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:81:5c:1a:6e:4a:c0:97:39:73:37:bf:d1:c8:33:64:fa:aa: c8:b9:55:f1:b0:20:21:ee:8a:2a:bc:10:f1:e7:e6:82:89:40: 0f:c7:29:58:80:02:92:13:4a:2d:dd:9f:f2:24:f7:11:53:ec: 0d:d8:31:3d:3c:38:7e:39:88:1f:70:6d:68:1c:bc:bb:61:3d: 14:88:06:70:ab:b2:12:e3:92:92:94:01:de:49:a2:8c:aa:05: 95:5c:e8:b4:cd:18:1f:48:63:23:f4:12:b2:2e:89:a0:3c:4f: 7f:84:9d:8a:5e:a6:d8:21:5b:1a:bf:a7:aa:61:e9:19:3a:6e: 8f:e1:28:4a:8d:58:54:f3:2a:0f:47:2c:86:ef:ff:43:2b:8d: 04:2b:64:d5:60:0c:f5:1a:4a:8b:fd:4a:13:c9:f0:11:20:bb: f6:fa:e4:75:af:0b:65:8c:40:d6:d5:f1:c2:06:a2:0d:1b:c9: ac:05:b8:1a:fa:da:35:3f:b1:77:39:9f:db:88:6f:43:bc:a3: 9e:38:84:38:b9:f5:52:6d:9b:84:d0:95:2c:81:2a:1a:64:74: b5:7f:27:34:47:00:44:91:fd:d7:fd:e7:e6:95:13:cb:e2:e4: f9:bb:ce:3f:08:e4:84:3d:6a:2b:70:58:b6:0f:2a:74:74:7f: 8c:95:d5:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUwNzAyMTYzOTQ4WhcNMjUwNzA5MTYzOTQ4WjAYMRYwFAYD VQQDEw02ODY1NjBkNC0xM2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIw2EWU28x0zJl4l8i48AS46HdKsNJwsAodewnEeUSlexLiYWW9ZzRZv7oxF SLroETsihGzvehU67FmenTmiFqQ/ITcBgCf3B4Wy2KtPlsMxCx8+uBA38hliedDb OmYAuArswQL65NT3XnivIK9tj0gDAdc+BuQ20/kvE5eDbdbfc2l7u+7Qroet/rHj +TULyXw+wAqUtIAnQXULDcOgKqi+HBP/8+8yjAfUNG89pCvt3qdIU21frh+/94WG laZ8fUgcGGMG+wXYP1v5tke2IOFvT9jvzrjznp7DAhrE3wB+JvK29v4ZpzZ7HKLx tpPiqOwHCxBpv2FYlRPVm2T1QQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGRRYqMd 7f6i8Im7So/FGDPHLmpCMB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXgVwabkrAlzlzN7/RyDNk+qrIuVXxsCAh7ooqvBDx5+aCiUAPxylY gAKSE0ot3Z/yJPcRU+wN2DE9PDh+OYgfcG1oHLy7YT0UiAZwq7IS45KSlAHeSaKM qgWVXOi0zRgfSGMj9BKyLomgPE9/hJ2KXqbYIVsav6eqYekZOm6P4ShKjVhU8yoP RyyG7/9DK40EK2TVYAz1GkqL/UoTyfARILv2+uR1rwtljEDW1fHCBqING8msBbga +to1P7F3OZ/biG9DvKOeOIQ4ufVSbZuE0JUsgSoaZHS1fyc0RwBEkf3X/efmlRPL 4uT5u84/COSEPWorcFi2Dyp0dH+MldWq -----END CERTIFICATE-----Generated at Thu Jul 3 23:05:12 2025 by rpki-client