$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: 95jstJMEqYAUUHG4250slcQHwpWnJQECnRLIFnmtFEA= Subject key identifier: 4E:21:06:4D:42:B8:63:93:0A:4E:57:73:41:E1:35:BD:D0:1D:60:18 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 0660 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 0653 Signing time: Wed 02 Jul 2025 19:50:50 +0000 Manifest this update: Wed 02 Jul 2025 19:50:49 +0000 Manifest next update: Wed 09 Jul 2025 19:50:49 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: 7tYtqL2LwtVzkMKIO2LqDcd9bsDEBzqLAsBZSWavSyc=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:50:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1632 (0x660) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: Jul 2 19:50:49 2025 GMT Not After : Jul 9 19:50:49 2025 GMT Subject: CN=68658d9a-fc6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ff:14:c0:21:38:cf:56:10:5f:62:33:bd:74: dc:48:d5:e0:44:71:7a:62:3c:55:f1:9a:dd:25:50: 65:75:3a:1c:cc:61:b1:d2:90:0a:7c:2d:07:12:34: ad:95:6f:de:da:9d:30:fa:76:d2:32:3e:eb:5d:61: 29:52:9c:25:99:94:8e:1a:32:a4:c9:26:32:13:ad: 39:cf:a9:d7:40:0a:3e:74:a5:63:f5:05:04:48:c7: 5d:d6:35:4d:a3:69:b5:e3:6e:51:b3:23:e6:c5:9a: 2e:73:10:8b:85:f8:c4:8e:83:c3:05:0a:c9:5b:7d: d0:e7:35:08:8f:1a:9b:72:75:e7:18:61:0d:fa:97: 5b:01:30:71:b4:1d:69:f0:e5:18:d7:62:ed:3c:e3: d9:92:22:09:be:5a:0e:5b:e0:46:fa:36:64:70:1b: 8e:56:8c:38:2c:d0:29:10:fc:b2:b1:61:b7:d8:5a: ad:a6:ba:3e:1b:74:de:dc:b5:e0:d5:53:91:4e:09: 1a:b4:7d:86:ca:e4:93:96:79:70:56:41:3f:67:d7: b6:da:48:40:4d:3b:de:a5:9f:3a:cc:aa:c2:96:56: 40:87:f9:da:96:83:97:62:16:a2:61:ea:d4:92:1e: dd:a8:56:96:48:44:6d:0b:aa:02:e0:e5:98:d1:f0: 30:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:21:06:4D:42:B8:63:93:0A:4E:57:73:41:E1:35:BD:D0:1D:60:18 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:64:c3:38:6d:24:08:fe:2e:d4:ef:86:3d:60:0c:6a:88:38: 04:c5:3a:89:e7:16:de:da:97:3f:75:c7:fc:a8:8b:e8:fa:ba: 79:a3:e3:16:e3:ed:7f:fe:d2:1a:4a:f7:84:d9:b6:ec:54:55: b2:ae:1c:b0:93:51:ec:76:28:3b:64:79:fc:32:71:4b:49:2f: 94:4d:74:d9:ed:04:dd:16:bd:28:72:7f:ee:6d:db:eb:71:ca: 91:5c:3d:65:12:9e:5f:80:84:87:6d:86:a9:cf:ae:41:11:d2: 31:29:d5:7f:41:61:cb:77:3f:7b:31:47:94:7c:16:02:88:24: cf:8c:d9:1d:b0:64:24:02:a3:83:93:28:5f:6b:89:e1:63:a9: 3d:d3:36:30:fc:5f:3f:51:3e:4a:ac:63:d8:1b:1a:2d:17:93: aa:ee:ba:cb:f0:e3:40:cd:ed:e4:5f:7c:1b:73:ce:51:49:e9: 6c:04:c9:18:3d:5a:f3:3c:c1:71:ec:37:aa:bc:06:2c:b2:14: 3c:6d:9c:cf:ab:18:0e:07:66:c3:5f:b4:70:9c:92:a0:1a:d7: 8f:3d:a4:fd:db:62:9d:00:0e:ae:fd:e1:4c:73:22:27:26:cb: a6:29:9b:6e:62:e1:02:ad:2b:49:31:3c:e9:fe:74:f1:ab:99: be:e2:34:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUwNzAyMTk1MDQ5WhcNMjUwNzA5MTk1MDQ5WjAYMRYwFAYD VQQDEw02ODY1OGQ5YS1mYzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvv8UwCE4z1YQX2IzvXTcSNXgRHF6YjxV8ZrdJVBldToczGGx0pAKfC0HEjSt lW/e2p0w+nbSMj7rXWEpUpwlmZSOGjKkySYyE605z6nXQAo+dKVj9QUESMdd1jVN o2m1425RsyPmxZoucxCLhfjEjoPDBQrJW33Q5zUIjxqbcnXnGGEN+pdbATBxtB1p 8OUY12LtPOPZkiIJvloOW+BG+jZkcBuOVow4LNApEPyysWG32Fqtpro+G3Te3LXg 1VORTgkatH2GyuSTlnlwVkE/Z9e22khATTvepZ86zKrCllZAh/naloOXYhaiYerU kh7dqFaWSERtC6oC4OWY0fAwqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4hBk1C uGOTCk5Xc0HhNb3QHWAYMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHZMM4bSQI/i7U74Y9YAxqiDgExTqJ5xbe2pc/dcf8qIvo+rp5o+MW 4+1//tIaSveE2bbsVFWyrhywk1Hsdig7ZHn8MnFLSS+UTXTZ7QTdFr0ocn/ubdvr ccqRXD1lEp5fgISHbYapz65BEdIxKdV/QWHLdz97MUeUfBYCiCTPjNkdsGQkAqOD kyhfa4nhY6k90zYw/F8/UT5KrGPYGxotF5Oq7rrL8ONAze3kX3wbc85RSelsBMkY PVrzPMFx7DeqvAYsshQ8bZzPqxgOB2bDX7RwnJKgGtePPaT922KdAA6u/eFMcyIn JsumKZtuYuECrStJMTzp/nTxq5m+4jTT -----END CERTIFICATE-----Generated at Thu Jul 3 14:43:26 2025 by rpki-client