$ rpki-client -vvf rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft File: he9PUr5sDQk3OGmpACI4YoIz6-8.mft (raw, json) Hash identifier: yuQt6eJySgg+5/r0OIUHjHpCRMuzB8u718UeuTyfrUs= Subject key identifier: E0:C3:DB:3F:2A:75:C1:3B:27:81:50:35:5B:79:AC:57:6E:66:2E:50 Authority key identifier: 85:EF:4F:52:BE:6C:0D:09:37:38:69:A9:00:22:38:62:82:33:EB:EF Certificate issuer: /CN=A9189218/serialNumber=85EF4F52BE6C0D09373869A9002238628233EBEF Certificate serial: 0588 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft Manifest number: 0584 Signing time: Wed 02 Jul 2025 23:34:32 +0000 Manifest this update: Wed 02 Jul 2025 23:34:32 +0000 Manifest next update: Wed 09 Jul 2025 23:34:32 +0000 Files and hashes: 1: he9PUr5sDQk3OGmpACI4YoIz6-8.crl (hash: WJgEMI0odnjo6l16v30sWS6MlNJ39jjmxWAGpDHUot8=) 2: 82A9E362DEC111EB9010BE6AC4F9AE02.roa (hash: a7GzfQZpHB/FDQX8t11/W+Jq7q9b14r9hyier7paZ38=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.crl rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 23:34:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1416 (0x588) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189218, serialNumber=85EF4F52BE6C0D09373869A9002238628233EBEF Validity Not Before: Jul 2 23:34:32 2025 GMT Not After : Jul 9 23:34:32 2025 GMT Subject: CN=6865c208-61fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bf:34:58:76:59:a1:01:cc:f7:de:01:4d:e8: 38:85:d9:64:22:30:dc:0d:e3:ca:50:22:f5:14:a6: f3:d0:a1:74:1d:86:21:23:0a:4a:a2:17:d2:50:b8: 76:d6:8a:69:2a:b2:6a:b8:73:ba:69:a3:5a:78:9f: fa:e6:44:ff:54:0e:12:1e:30:da:a8:d4:40:b2:92: a8:5b:54:23:0f:87:d9:73:16:27:50:2d:a4:a5:a8: 4e:d8:02:79:8a:3c:66:b6:07:72:99:76:e0:8f:04: 28:5f:50:e8:a2:f0:6d:1d:e8:3d:a2:22:89:9c:a4: 06:f4:73:56:d2:bc:9a:3a:01:10:68:ae:72:44:7e: f3:cc:99:a7:c7:e2:4a:03:5c:37:d4:59:3f:b5:fa: f8:46:a7:76:38:50:fa:91:f8:5e:89:e6:3e:3c:cc: 43:22:c6:53:9b:d6:7f:6c:68:7e:4c:8f:ea:29:3f: f9:42:f8:a6:93:16:9f:c4:4b:76:66:7f:07:ae:4f: d2:8e:12:5d:72:45:55:5d:73:1b:70:e0:7d:47:9c: 4c:e0:bc:40:34:e1:42:f6:74:a7:aa:34:01:74:1f: c7:2a:c3:a7:87:6c:7b:f9:b0:84:6d:c9:b3:a2:f3: 31:47:7b:eb:28:5d:6e:9c:05:ef:95:c0:db:f3:2e: 55:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:C3:DB:3F:2A:75:C1:3B:27:81:50:35:5B:79:AC:57:6E:66:2E:50 X509v3 Authority Key Identifier: keyid:85:EF:4F:52:BE:6C:0D:09:37:38:69:A9:00:22:38:62:82:33:EB:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:14:45:e6:d7:93:1a:58:e2:1e:f3:12:84:1b:28:e8:c6:19: fa:e2:07:21:ab:a5:1a:7f:7b:a2:c4:d1:0e:eb:b0:42:eb:39: cf:ed:db:ab:f2:72:b1:0c:f1:4e:c7:e8:7e:b8:af:8c:13:93: 26:c5:39:f3:dc:e0:13:57:31:88:08:82:03:37:bb:67:95:50: ec:fc:d0:09:db:97:01:b6:44:77:d8:29:94:6a:36:b3:b2:eb: 34:83:1f:6d:d3:52:6b:16:64:10:94:56:ca:0a:92:f1:79:d5: f0:30:71:29:8b:cb:f8:8c:8d:74:ac:b7:71:0c:fc:dd:a9:d9: 2a:ce:ed:ce:a7:59:0d:d4:be:69:30:bf:2d:9f:f2:b1:37:8c: e4:70:8b:f6:8c:aa:f2:16:22:89:6a:74:18:4f:81:5c:07:42: b4:5e:aa:ef:a4:65:69:53:06:ed:07:bf:de:d2:f0:3c:16:64: 27:20:5a:75:91:eb:90:13:4c:e1:67:a3:0a:8f:0d:36:ba:a1: 00:6d:b4:c6:01:9c:47:ad:22:b4:35:4a:46:24:e1:ce:ea:8f: 0f:12:bc:e5:a2:ed:06:f0:4d:b1:af:e7:52:4a:e3:97:96:8a: 15:61:9d:b0:c0:bd:28:4c:81:13:01:4b:fc:fd:46:15:a8:b1: 17:57:cb:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODkyMTgxMTAvBgNVBAUTKDg1RUY0RjUyQkU2QzBEMDkzNzM4NjlBOTAwMjIzODYy ODIzM0VCRUYwHhcNMjUwNzAyMjMzNDMyWhcNMjUwNzA5MjMzNDMyWjAYMRYwFAYD VQQDEw02ODY1YzIwOC02MWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv780WHZZoQHM994BTeg4hdlkIjDcDePKUCL1FKbz0KF0HYYhIwpKohfSULh2 1oppKrJquHO6aaNaeJ/65kT/VA4SHjDaqNRAspKoW1QjD4fZcxYnUC2kpahO2AJ5 ijxmtgdymXbgjwQoX1DoovBtHeg9oiKJnKQG9HNW0ryaOgEQaK5yRH7zzJmnx+JK A1w31Fk/tfr4Rqd2OFD6kfheieY+PMxDIsZTm9Z/bGh+TI/qKT/5QvimkxafxEt2 Zn8Hrk/SjhJdckVVXXMbcOB9R5xM4LxANOFC9nSnqjQBdB/HKsOnh2x7+bCEbcmz ovMxR3vrKF1unAXvlcDb8y5VlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFODD2z8q dcE7J4FQNVt5rFduZi5QMB8GA1UdIwQYMBaAFIXvT1K+bA0JNzhpqQAiOGKCM+vv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTIxOC9EODU3QTEzRURF QkYxMUVCOUFBNjNCNkFDNEY5QUUwMi9oZTlQVXI1c0RRazNPR21wQUNJNFlvSXo2 LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlOVBVcjVzRFFrM09HbXBBQ0k0WW9JejYtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 OTIxOC9EODU3QTEzRURFQkYxMUVCOUFBNjNCNkFDNEY5QUUwMi9oZTlQVXI1c0RR azNPR21wQUNJNFlvSXo2LTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCrFEXm15MaWOIe8xKEGyjoxhn64gchq6Uaf3uixNEO67BC6znP7dur 8nKxDPFOx+h+uK+ME5MmxTnz3OATVzGICIIDN7tnlVDs/NAJ25cBtkR32CmUajaz sus0gx9t01JrFmQQlFbKCpLxedXwMHEpi8v4jI10rLdxDPzdqdkqzu3Op1kN1L5p ML8tn/KxN4zkcIv2jKryFiKJanQYT4FcB0K0XqrvpGVpUwbtB7/e0vA8FmQnIFp1 keuQE0zhZ6MKjw02uqEAbbTGAZxHrSK0NUpGJOHO6o8PErzlou0G8E2xr+dSSuOX looVYZ2wwL0oTIETAUv8/UYVqLEXV8th -----END CERTIFICATE-----Generated at Thu Jul 3 08:54:11 2025 by rpki-client