$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.mft File: 8VxcW6UhRTcHyB9f7AgRvyHP9A4.mft (raw, json) Hash identifier: gGpkK2+jKDvXcRhAh1WpP2kkPwFpHsvxknN09kY9b0c= Subject key identifier: 46:95:C1:32:01:AE:E5:38:54:A3:C7:19:75:CD:7D:29:AA:B6:DC:31 Authority key identifier: F1:5C:5C:5B:A5:21:45:37:07:C8:1F:5F:EC:08:11:BF:21:CF:F4:0E Certificate issuer: /CN=A917E1FA/serialNumber=F15C5C5BA521453707C81F5FEC0811BF21CFF40E Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8VxcW6UhRTcHyB9f7AgRvyHP9A4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.mft Manifest number: 14 Signing time: Thu 03 Jul 2025 08:21:36 +0000 Manifest this update: Thu 03 Jul 2025 08:21:35 +0000 Manifest next update: Thu 10 Jul 2025 08:21:35 +0000 Files and hashes: 1: 8VxcW6UhRTcHyB9f7AgRvyHP9A4.crl (hash: YZDStRYVWgrL0JiszN4nZ/8CxNhoWVlr/xT/NzKEcl0=) 2: FEC5694C482311F0B2B5E45DC4F9AE02.roa (hash: lNd0dhVh9oVMjkR+5hS3U5ljCVkdpvgCie/KVi3bQe8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.crl rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8VxcW6UhRTcHyB9f7AgRvyHP9A4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E1FA, serialNumber=F15C5C5BA521453707C81F5FEC0811BF21CFF40E Validity Not Before: Jul 3 08:21:35 2025 GMT Not After : Jul 10 08:21:35 2025 GMT Subject: CN=68663d90-5b40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a1:06:24:1b:55:0d:4c:81:67:fa:b2:73:63: 30:45:82:fa:ce:79:5a:c6:6e:48:00:5e:d6:35:6c: 99:68:1b:9f:7c:2d:63:f3:78:fa:da:6f:1b:e4:7d: 3c:0a:91:9d:b7:c5:02:e9:99:74:0e:73:44:b6:ca: 0a:fe:3b:6d:71:6c:6a:ae:a8:32:01:04:1e:34:87: 10:eb:35:70:40:df:d9:90:66:c9:66:64:fa:6f:e7: c1:a6:9a:0d:99:f4:c1:f2:ad:b0:52:83:28:f3:c0: c6:92:d7:70:f0:d9:19:dd:5f:0b:59:77:38:e7:fb: 28:ca:9b:3c:3b:4a:c2:c2:ee:b9:b4:c5:9f:88:41: d2:c9:79:e5:5e:0c:88:2e:ec:b2:70:e0:b4:87:65: 6c:fc:90:b4:4a:e9:41:25:ff:56:a7:20:3f:71:c3: 81:4e:a1:6e:52:61:30:8e:7d:a2:c0:5d:9e:07:93: 71:1a:52:02:9e:fb:67:0f:ee:19:53:ca:9d:88:a9: 5a:e4:b4:81:6d:22:0e:69:64:cb:71:7b:48:42:23: 6a:fa:64:a9:dd:8e:47:e1:03:f7:a8:a1:a7:1a:b5: b3:19:4e:33:08:58:e7:16:df:3d:0b:8c:ed:71:cc: 12:61:20:3f:8d:f0:4d:63:ab:16:94:bf:6b:81:75: 73:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:95:C1:32:01:AE:E5:38:54:A3:C7:19:75:CD:7D:29:AA:B6:DC:31 X509v3 Authority Key Identifier: keyid:F1:5C:5C:5B:A5:21:45:37:07:C8:1F:5F:EC:08:11:BF:21:CF:F4:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8VxcW6UhRTcHyB9f7AgRvyHP9A4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:28:ff:e3:d1:58:9e:65:0a:e9:d5:4b:4f:1d:5d:2c:1b:5b: 08:07:0c:83:c4:c6:43:90:14:97:1e:ed:ae:db:c2:66:a3:21: 34:dd:c4:11:18:11:8e:9a:63:6c:e0:af:da:bc:00:bf:4f:cc: 8b:cd:bb:b2:af:35:44:26:4a:3b:c7:90:66:16:de:1b:67:6d: 89:36:ba:4e:58:2b:dd:6a:00:32:9e:7d:2b:4b:09:99:23:ba: 5d:13:cc:46:21:0f:93:2e:af:a3:58:6b:5e:72:0c:15:5a:64: 13:4f:35:00:ed:24:b8:bb:8e:cc:13:94:cc:64:d4:96:05:c4: c3:86:a0:b4:37:db:71:3f:59:90:3d:e1:00:d8:3a:5c:6e:67: 6f:b4:5c:a2:2f:6f:27:37:03:a0:9b:50:0a:2f:52:0e:34:5a: 42:96:ca:b1:c0:64:3b:56:30:3c:64:a3:6c:f5:23:14:01:0c: 94:80:08:90:ce:e0:2b:ee:97:2a:ca:77:68:fb:03:f8:d1:e3: a9:ca:a6:1c:54:00:20:24:32:c4:28:9b:f6:e1:3c:e4:85:7d: c7:b6:24:bc:b5:5c:1d:cd:2f:8c:a1:05:dc:ba:b4:ff:e2:80: 9f:87:39:fb:f2:8b:9d:e9:93:41:76:47:13:56:ee:7f:2d:14: 6b:7d:f0:52 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTFGQTExMC8GA1UEBRMoRjE1QzVDNUJBNTIxNDUzNzA3QzgxRjVGRUMwODExQkYy MUNGRjQwRTAeFw0yNTA3MDMwODIxMzVaFw0yNTA3MTAwODIxMzVaMBgxFjAUBgNV BAMTDTY4NjYzZDkwLTViNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuoQYkG1UNTIFn+rJzYzBFgvrOeVrGbkgAXtY1bJloG598LWPzePrabxvkfTwK kZ23xQLpmXQOc0S2ygr+O21xbGquqDIBBB40hxDrNXBA39mQZslmZPpv58Gmmg2Z 9MHyrbBSgyjzwMaS13Dw2RndXwtZdzjn+yjKmzw7SsLC7rm0xZ+IQdLJeeVeDIgu 7LJw4LSHZWz8kLRK6UEl/1anID9xw4FOoW5SYTCOfaLAXZ4Hk3EaUgKe+2cP7hlT yp2IqVrktIFtIg5pZMtxe0hCI2r6ZKndjkfhA/eooacatbMZTjMIWOcW3z0LjO1x zBJhID+N8E1jqxaUv2uBdXNhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURpXBMgGu 5ThUo8cZdc19Kaq23DEwHwYDVR0jBBgwFoAU8VxcW6UhRTcHyB9f7AgRvyHP9A4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMUZBLzlBODczRUIwNDVB MzExRjA5NUVGRkQ0OEM0RjlBRTAyLzhWeGNXNlVoUlRjSHlCOWY3QWdSdnlIUDlB NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOFZ4Y1c2VWhSVGNIeUI5ZjdBZ1J2eUhQOUE0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MUZBLzlBODczRUIwNDVBMzExRjA5NUVGRkQ0OEM0RjlBRTAyLzhWeGNXNlVoUlRj SHlCOWY3QWdSdnlIUDlBNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAI8o/+PRWJ5lCunVS08dXSwbWwgHDIPExkOQFJce7a7bwmajITTdxBEY EY6aY2zgr9q8AL9PzIvNu7KvNUQmSjvHkGYW3htnbYk2uk5YK91qADKefStLCZkj ul0TzEYhD5Mur6NYa15yDBVaZBNPNQDtJLi7jswTlMxk1JYFxMOGoLQ323E/WZA9 4QDYOlxuZ2+0XKIvbyc3A6CbUAovUg40WkKWyrHAZDtWMDxko2z1IxQBDJSACJDO 4CvulyrKd2j7A/jR46nKphxUACAkMsQom/bhPOSFfce2JLy1XB3NL4yhBdy6tP/i gJ+HOfvyi53pk0F2RxNW7n8tFGt98FI= -----END CERTIFICATE-----Generated at Thu Jul 3 23:33:57 2025 by rpki-client