$ rpki-client -vvf rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft File: 8CJFNT_B8ZSpAipKwBl33l_eNvk.mft (raw, json) Hash identifier: oCmT1jymqPfSUlQlL5053a2bU8HJ+N2QusSUmXbljIk= Subject key identifier: 90:57:CB:CA:0C:F6:60:52:E8:BE:79:99:62:7F:27:B6:AE:2C:7E:A8 Authority key identifier: F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9 Certificate issuer: /CN=A918A96A/serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9 Certificate serial: 0382 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft Manifest number: 036E Signing time: Tue 01 Jul 2025 01:37:17 +0000 Manifest this update: Tue 01 Jul 2025 01:37:16 +0000 Manifest next update: Tue 08 Jul 2025 01:37:16 +0000 Files and hashes: 1: 8CJFNT_B8ZSpAipKwBl33l_eNvk.crl (hash: hABYFUfT9NztxmuEEpnaYhseTCrFDi7iG3eJXNXDJSA=) 2: 2DE4C8AA9B6111EF99A97B52C4F9AE02.roa (hash: XtdmJSxuSqJLeY4yGf6y31fYXsFvKu/1qBD/nGzqK1E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.crl rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:37:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 898 (0x382) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A96A, serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9 Validity Not Before: Jul 1 01:37:16 2025 GMT Not After : Jul 8 01:37:16 2025 GMT Subject: CN=68633bcc-1cdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c5:c7:74:db:0b:be:3c:7f:8e:d8:aa:98:eb: cf:a8:1e:de:12:94:96:2b:42:da:f9:b1:14:d2:48: ec:7e:d3:57:38:15:f4:87:33:e2:0e:1e:0e:e3:28: 64:c2:b6:6e:4f:f3:3d:d4:43:27:db:5b:fb:5d:e1: 53:d8:ac:f7:c4:34:9e:72:b7:a8:21:81:41:0a:23: e9:c2:54:68:9c:c9:b0:0b:88:fd:02:6d:ac:cb:40: e3:67:24:0f:bb:c7:14:4f:8b:07:10:41:b5:ab:5d: 04:e6:e5:fb:92:c5:54:df:ae:7c:d7:ac:3b:06:ee: f5:48:9d:4a:3e:e0:df:3e:53:ca:0f:24:4d:7d:92: 4b:55:10:65:fd:1f:81:88:0e:ad:71:90:31:c4:31: be:a1:29:03:de:8f:ab:a9:b6:da:94:c2:64:9f:a7: c4:2c:ac:24:9b:58:aa:14:44:ac:cf:11:80:33:4a: d1:da:25:69:bd:6b:29:0d:cc:7f:76:b4:e0:00:3f: 89:7b:10:07:b5:1e:ce:63:bf:d6:1e:31:80:ef:6b: b7:09:9a:71:78:a5:8d:bd:2c:1d:cc:fb:e6:69:e8: 15:a3:13:5c:92:29:cc:11:ce:fb:b3:ec:f8:ee:00: d4:ab:b2:ef:11:34:9a:da:bc:4d:fe:1c:cc:18:81: 00:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:57:CB:CA:0C:F6:60:52:E8:BE:79:99:62:7F:27:B6:AE:2C:7E:A8 X509v3 Authority Key Identifier: keyid:F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:4e:e6:c7:42:22:13:c5:96:77:03:34:aa:a5:c8:3b:3a:6c: c5:e1:fd:03:23:18:db:7b:f0:08:25:be:ca:7b:c1:46:77:30: fa:81:5c:37:22:ce:20:20:c1:2a:c2:bd:96:3d:ec:63:98:52: 5d:d2:6f:d8:03:02:d6:ae:72:84:e0:13:a9:a6:ab:ba:a9:88: 8b:aa:0d:e2:a3:29:a8:6b:5c:a3:c6:07:50:1e:57:01:f3:fb: 16:ce:f7:45:0c:f9:90:dc:39:ce:b5:4d:e6:d9:17:c5:37:6b: cb:75:54:4e:f4:df:3d:00:07:75:7e:12:32:82:7a:a7:2d:e2: c7:2d:bd:4a:b1:61:53:1e:e7:b5:af:45:d6:b9:31:6d:c1:fd: 5f:23:d8:4d:da:73:0e:d7:5e:74:c3:66:d6:35:3b:06:3d:0a: c3:ea:a4:3d:62:b6:e4:6b:00:b8:95:e7:b7:71:ee:f0:5a:84: 06:6f:9a:c2:83:29:68:7b:a1:e2:c6:7f:bc:54:1d:88:dd:56: b7:97:2b:32:a9:c0:08:fc:59:78:e2:9d:11:0a:30:f2:68:63: e3:5a:10:46:dc:19:c7:57:a4:c9:34:88:09:b3:bc:88:7d:2f: 77:ec:fb:54:a2:b6:f1:af:6b:40:82:59:f4:9f:4c:36:6f:43: 16:8d:2a:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE5NkExMTAvBgNVBAUTKEYwMjI0NTM1M0ZDMUYxOTRBOTAyMkE0QUMwMTk3N0RF NUZERTM2RjkwHhcNMjUwNzAxMDEzNzE2WhcNMjUwNzA4MDEzNzE2WjAYMRYwFAYD VQQDEw02ODYzM2JjYy0xY2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp8XHdNsLvjx/jtiqmOvPqB7eEpSWK0La+bEU0kjsftNXOBX0hzPiDh4O4yhk wrZuT/M91EMn21v7XeFT2Kz3xDSecreoIYFBCiPpwlRonMmwC4j9Am2sy0DjZyQP u8cUT4sHEEG1q10E5uX7ksVU365816w7Bu71SJ1KPuDfPlPKDyRNfZJLVRBl/R+B iA6tcZAxxDG+oSkD3o+rqbbalMJkn6fELKwkm1iqFESszxGAM0rR2iVpvWspDcx/ drTgAD+JexAHtR7OY7/WHjGA72u3CZpxeKWNvSwdzPvmaegVoxNckinMEc77s+z4 7gDUq7LvETSa2rxN/hzMGIEAfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJBXy8oM 9mBS6L55mWJ/J7auLH6oMB8GA1UdIwQYMBaAFPAiRTU/wfGUqQIqSsAZd95f3jb5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTk2QS8yODc4NUY2MEJG QkYxMUVDQUVENDhDNzFDNEY5QUUwMi84Q0pGTlRfQjhaU3BBaXBLd0JsMzNsX2VO dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhDSkZOVF9COFpTcEFpcEt3QmwzM2xfZU52ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTk2QS8yODc4NUY2MEJGQkYxMUVDQUVENDhDNzFDNEY5QUUwMi84Q0pGTlRfQjha U3BBaXBLd0JsMzNsX2VOdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAlTubHQiITxZZ3AzSqpcg7OmzF4f0DIxjbe/AIJb7Ke8FGdzD6gVw3 Is4gIMEqwr2WPexjmFJd0m/YAwLWrnKE4BOppqu6qYiLqg3ioymoa1yjxgdQHlcB 8/sWzvdFDPmQ3DnOtU3m2RfFN2vLdVRO9N89AAd1fhIygnqnLeLHLb1KsWFTHue1 r0XWuTFtwf1fI9hN2nMO1150w2bWNTsGPQrD6qQ9YrbkawC4lee3ce7wWoQGb5rC gyloe6Hixn+8VB2I3Va3lysyqcAI/Fl44p0RCjDyaGPjWhBG3BnHV6TJNIgJs7yI fS937PtUorbxr2tAgln0n0w2b0MWjSoA -----END CERTIFICATE-----Generated at Wed Jul 2 19:25:25 2025 by rpki-client