$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: YfcOJScFJ3mfjOrKJMboodAvTO2KlOnpviHuw7mqvk8= Subject key identifier: D6:3F:90:BB:95:8B:9C:DB:80:93:8B:3F:D8:6D:B4:A8:19:1D:31:58 Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0CFE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0CF8 Signing time: Mon 30 Jun 2025 18:17:12 +0000 Manifest this update: Mon 30 Jun 2025 18:17:12 +0000 Manifest next update: Mon 07 Jul 2025 18:17:12 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: 0mALQQxqWa5nLz2VPxzTeLbX5OGKEfLb9gQz1NsS0bs=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 18:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3326 (0xcfe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Jun 30 18:17:12 2025 GMT Not After : Jul 7 18:17:12 2025 GMT Subject: CN=6862d4a8-b2a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:50:db:50:8d:9c:16:77:9b:8f:e7:4b:da:0d: 0b:4d:f8:d4:39:21:b5:c6:c2:2e:9f:3f:38:a1:f3: 0c:4e:ca:1f:dd:d9:6f:85:e0:83:60:4c:a5:f1:54: ee:ba:c5:8e:8f:81:a5:37:b8:9f:a3:ff:76:e4:f9: 59:7c:d5:3b:5d:07:dd:13:02:bd:45:67:05:75:31: 21:ff:69:f7:67:73:6a:6c:6c:f5:5b:c1:97:49:8c: 9e:79:1b:cb:df:89:0c:2a:9d:1a:60:6d:1c:8f:ca: 1b:1d:32:bc:3e:cd:16:74:5a:e3:bf:77:61:12:8a: 07:20:ec:ed:56:2e:e1:e1:7d:b7:e2:f9:13:ad:38: a3:26:48:77:e1:7f:af:72:9c:bf:8b:c3:97:63:f6: 5b:19:a4:36:7c:47:75:7f:9b:b6:cb:0c:97:ee:99: 91:18:a3:5e:17:05:6c:68:fc:69:78:8e:2b:26:f2: 09:89:cf:5c:a8:38:4a:21:8b:2d:a1:82:73:09:92: 2d:5b:ab:23:5b:c3:70:36:50:7a:04:d9:49:a6:82: 8d:36:c6:30:f0:34:2c:4c:a8:e5:dd:7d:c2:62:6f: 3a:b2:cf:c0:5c:09:b8:b7:cd:f1:c7:e4:1c:f8:ed: ce:f2:bc:32:0b:3d:f0:b3:4d:d4:93:44:e8:7a:da: 0c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:3F:90:BB:95:8B:9C:DB:80:93:8B:3F:D8:6D:B4:A8:19:1D:31:58 X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:e8:1f:8a:5a:10:37:ba:a4:7d:5c:67:84:60:75:3b:77:70: 32:d4:da:28:4a:fd:86:8a:da:3b:44:e2:4c:7a:86:69:1c:e4: 0d:29:28:7a:7b:ec:a1:8a:33:d3:42:12:a1:c8:e1:c2:d4:31: f8:e5:16:cf:62:93:d6:03:7d:8d:54:67:9d:26:1b:74:34:70: 08:a8:5e:15:86:52:6a:d5:7c:1e:c9:af:01:78:d6:35:82:60: e9:08:8b:78:13:6c:1a:f4:35:48:e6:8f:79:98:a9:c5:6b:ad: 19:69:7f:ea:b3:92:71:f7:89:e5:d7:78:05:a3:24:09:8f:83: c1:14:b1:91:c5:69:53:1b:62:1f:b3:ab:3f:87:3f:98:b1:e7: af:38:81:5d:8c:4c:67:b1:14:a3:45:87:30:dc:8b:ee:92:d9: cc:ed:0c:06:7b:97:a7:12:75:d2:37:8d:d7:ab:8c:96:f1:d1: 97:f9:fc:57:fc:c4:f5:80:85:b7:a0:47:4c:f0:48:ad:dc:b1: a8:1e:57:79:b3:a1:7a:9b:1b:de:8c:e7:6a:c3:d0:87:b2:a0: 0b:a1:06:82:a4:f8:ca:07:5c:58:3b:ce:99:a6:24:18:86:ca: a9:20:3c:e7:31:ee:7c:5e:eb:80:19:aa:51:ee:ea:c3:17:48: bc:81:d9:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUwNjMwMTgxNzEyWhcNMjUwNzA3MTgxNzEyWjAYMRYwFAYD VQQDEw02ODYyZDRhOC1iMmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9VDbUI2cFnebj+dL2g0LTfjUOSG1xsIunz84ofMMTsof3dlvheCDYEyl8VTu usWOj4GlN7ifo/925PlZfNU7XQfdEwK9RWcFdTEh/2n3Z3NqbGz1W8GXSYyeeRvL 34kMKp0aYG0cj8obHTK8Ps0WdFrjv3dhEooHIOztVi7h4X234vkTrTijJkh34X+v cpy/i8OXY/ZbGaQ2fEd1f5u2ywyX7pmRGKNeFwVsaPxpeI4rJvIJic9cqDhKIYst oYJzCZItW6sjW8NwNlB6BNlJpoKNNsYw8DQsTKjl3X3CYm86ss/AXAm4t83xx+Qc +O3O8rwyCz3ws03Uk0ToetoMNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNY/kLuV i5zbgJOLP9httKgZHTFYMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCX6B+KWhA3uqR9XGeEYHU7d3Ay1NooSv2Gito7ROJMeoZpHOQNKSh6 e+yhijPTQhKhyOHC1DH45RbPYpPWA32NVGedJht0NHAIqF4VhlJq1Xweya8BeNY1 gmDpCIt4E2wa9DVI5o95mKnFa60ZaX/qs5Jx94nl13gFoyQJj4PBFLGRxWlTG2If s6s/hz+YseevOIFdjExnsRSjRYcw3IvuktnM7QwGe5enEnXSN43Xq4yW8dGX+fxX /MT1gIW3oEdM8Eit3LGoHld5s6F6mxvejOdqw9CHsqALoQaCpPjKB1xYO86ZpiQY hsqpIDznMe58XuuAGapR7urDF0i8gdnq -----END CERTIFICATE-----Generated at Wed Jul 2 05:08:38 2025 by rpki-client