$ rpki-client -vvf rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft File: 1ppgVl8zchSc5uL8nnI9SQZ2doo.mft (raw, json) Hash identifier: GgWuogX+b2AjMlkhSs3KsJcDMQfyVnJVHRKctxIUroY= Subject key identifier: 29:46:6B:A9:62:08:1A:BB:F9:FD:5F:C4:ED:AE:F1:AB:AD:74:7C:A0 Authority key identifier: D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A Certificate issuer: /CN=A9185F7D/serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Certificate serial: 3494 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft Manifest number: 3494 Signing time: Mon 30 Jun 2025 15:01:43 +0000 Manifest this update: Mon 30 Jun 2025 15:01:43 +0000 Manifest next update: Mon 07 Jul 2025 15:01:43 +0000 Files and hashes: 1: 1ppgVl8zchSc5uL8nnI9SQZ2doo.crl (hash: PC2ML8NPS9ivBiMfg8Qzsl01LI/J5dhWOswcVHJCOR0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 15:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13460 (0x3494) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185F7D, serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Validity Not Before: Jun 30 15:01:43 2025 GMT Not After : Jul 7 15:01:43 2025 GMT Subject: CN=6862a6d7-113a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:72:e9:3b:93:f3:b5:38:79:b1:1a:ca:53:3e: d8:aa:a6:f0:61:45:d1:c1:4c:a3:0a:69:fd:47:7d: 5d:4e:bf:64:b2:c5:5e:21:93:81:8f:0a:3a:49:16: d4:0a:d0:c5:08:7c:f8:d0:f7:17:62:08:9b:1d:88: a8:98:94:36:8c:c6:ed:29:a3:d2:4e:3c:31:60:13: 72:00:8f:34:33:d0:e3:5f:0a:ee:54:cf:de:52:0c: b2:da:8e:c8:bc:2e:88:aa:8d:3c:90:fb:79:fe:5b: d6:b4:e7:24:da:23:d1:9e:3a:f7:a2:b6:9e:0c:5d: c7:92:57:ee:6e:ee:da:34:4f:12:34:b8:1b:fb:70: 64:0c:75:0a:68:c7:f3:94:4e:64:f2:57:8b:78:38: bf:d4:49:d1:e2:c3:6b:ae:6d:e2:a9:ad:e1:9c:37: c7:a5:81:75:94:11:c1:68:2e:9a:c6:e6:68:41:06: 6f:d3:fe:b7:b1:ca:3a:5d:57:46:a9:d7:df:1e:f4: d1:72:2d:1e:8c:ca:e1:75:0f:fb:73:26:2e:f9:11: c8:5e:01:bd:a3:d8:c6:ae:ac:c5:a5:c3:37:3e:94: db:cc:57:64:f9:22:f4:4f:a7:b2:92:80:6d:a3:84: a1:df:ec:64:b9:55:e4:27:13:cf:4d:7c:6a:bd:e1: 18:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:46:6B:A9:62:08:1A:BB:F9:FD:5F:C4:ED:AE:F1:AB:AD:74:7C:A0 X509v3 Authority Key Identifier: keyid:D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:f5:15:fd:a8:6c:b7:ea:27:13:3d:06:b7:78:13:3f:66:34: 11:8f:fc:3b:17:2c:68:88:c2:86:10:08:c6:03:03:f9:be:a4: 35:6e:9f:8c:23:8d:e9:56:e2:23:47:f3:2c:ef:91:98:9a:45: 1e:ab:64:a1:3b:01:57:51:94:aa:7c:50:e6:86:2e:9a:8a:87: 9f:ac:16:6a:8d:4a:2e:4e:81:19:9e:2d:05:55:64:45:2d:06: 95:41:e7:66:8f:03:6a:f1:92:e9:7a:96:6a:15:dc:77:3e:1e: 94:19:b5:d0:c1:7d:78:bc:21:98:d4:33:cf:bb:ec:d5:25:31: d4:30:27:68:e6:c9:68:b9:49:77:b3:e0:ed:3e:4a:47:74:41: 30:56:8d:db:f9:8f:0f:c5:39:84:1c:22:43:c0:e1:9d:14:5d: 9d:e3:fc:34:fd:99:f9:92:46:56:c8:a9:41:5d:1a:bb:5b:ee: 4b:51:b5:d0:9f:0b:bc:50:37:ff:d2:65:39:6f:e8:a1:9b:dd: f4:d2:40:be:50:ac:90:09:c2:e7:7b:5c:ff:50:81:36:e1:37: 76:ca:a5:dc:10:b0:37:4f:76:93:de:ab:bc:2c:80:4b:1e:56: c1:25:00:86:3f:e9:ac:5a:43:f6:a7:d5:d7:53:6c:af:95:a6: 7c:89:58:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVGN0QxMTAvBgNVBAUTKEQ2OUE2MDU2NUYzMzcyMTQ5Q0U2RTJGQzlFNzIzRDQ5 MDY3Njc2OEEwHhcNMjUwNjMwMTUwMTQzWhcNMjUwNzA3MTUwMTQzWjAYMRYwFAYD VQQDEw02ODYyYTZkNy0xMTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1HLpO5PztTh5sRrKUz7YqqbwYUXRwUyjCmn9R31dTr9kssVeIZOBjwo6SRbU CtDFCHz40PcXYgibHYiomJQ2jMbtKaPSTjwxYBNyAI80M9DjXwruVM/eUgyy2o7I vC6Iqo08kPt5/lvWtOck2iPRnjr3oraeDF3Hklfubu7aNE8SNLgb+3BkDHUKaMfz lE5k8leLeDi/1EnR4sNrrm3iqa3hnDfHpYF1lBHBaC6axuZoQQZv0/63sco6XVdG qdffHvTRci0ejMrhdQ/7cyYu+RHIXgG9o9jGrqzFpcM3PpTbzFdk+SL0T6eykoBt o4Sh3+xkuVXkJxPPTXxqveEYTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFClGa6li CBq7+f1fxO2u8autdHygMB8GA1UdIwQYMBaAFNaaYFZfM3IUnObi/J5yPUkGdnaK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUY3RC82OTc1M0Y1ODFE OUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNoU2M1dUw4bm5JOVNRWjJk b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFwcGdWbDh6Y2hTYzV1TDhubkk5U1FaMmRvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUY3RC82OTc1M0Y1ODFEOUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNo U2M1dUw4bm5JOVNRWjJkb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAN9RX9qGy36icTPQa3eBM/ZjQRj/w7FyxoiMKGEAjGAwP5vqQ1bp+M I43pVuIjR/Ms75GYmkUeq2ShOwFXUZSqfFDmhi6aioefrBZqjUouToEZni0FVWRF LQaVQedmjwNq8ZLpepZqFdx3Ph6UGbXQwX14vCGY1DPPu+zVJTHUMCdo5slouUl3 s+DtPkpHdEEwVo3b+Y8PxTmEHCJDwOGdFF2d4/w0/Zn5kkZWyKlBXRq7W+5LUbXQ nwu8UDf/0mU5b+ihm9300kC+UKyQCcLne1z/UIE24Td2yqXcELA3T3aT3qu8LIBL HlbBJQCGP+msWkP2p9XXU2yvlaZ8iVjo -----END CERTIFICATE-----Generated at Mon Jun 30 18:16:29 2025 by rpki-client