$ rpki-client -vvf rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.mft File: X8G2OMzN_5nWRFZVKcgHCGhomzE.mft (raw, json) Hash identifier: Yx0RtiFtgtoD5eMWV4L9It4IgY58lE4EtdnZXHVGOFQ= Subject key identifier: 3D:9B:73:51:55:E3:06:87:11:7D:40:83:1B:92:BC:A5:96:86:CF:AE Authority key identifier: 5F:C1:B6:38:CC:CD:FF:99:D6:44:56:55:29:C8:07:08:68:68:9B:31 Certificate issuer: /CN=A918E28E/serialNumber=5FC1B638CCCDFF99D644565529C8070868689B31 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8G2OMzN_5nWRFZVKcgHCGhomzE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.mft Manifest number: 42 Signing time: Thu 03 Jul 2025 07:41:43 +0000 Manifest this update: Thu 03 Jul 2025 07:41:42 +0000 Manifest next update: Thu 10 Jul 2025 07:41:42 +0000 Files and hashes: 1: X8G2OMzN_5nWRFZVKcgHCGhomzE.crl (hash: tUdWgJJjtru4cUAUH1UQsG5c50ACBpxz5VyTl9BoSPA=) 2: AA456842107211F09A9E631FC4F9AE02.roa (hash: BO96CEY+h3kyCGROfLPYwk1rs1fVmSzj2xY5TwnQPlM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.crl rsync://rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8G2OMzN_5nWRFZVKcgHCGhomzE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E28E, serialNumber=5FC1B638CCCDFF99D644565529C8070868689B31 Validity Not Before: Jul 3 07:41:42 2025 GMT Not After : Jul 10 07:41:42 2025 GMT Subject: CN=68663436-15f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2b:3a:66:cc:e2:84:cd:85:bc:70:25:36:c7: 89:3a:e4:41:0f:85:10:88:3e:40:c5:ff:ff:95:71: 20:22:17:6c:d2:9c:77:ea:74:a4:e9:c2:aa:8e:b5: 86:f7:b2:a4:cc:c4:ca:33:42:ef:a8:18:61:24:54: b7:2b:ea:e0:f3:89:12:67:55:3d:85:a1:29:8a:f8: 9d:59:81:f9:82:61:6a:26:68:98:5b:7d:a8:07:16: 50:3a:44:8f:3e:8a:d1:b6:96:9b:50:a8:a4:9f:70: 7a:1c:e4:7a:79:22:3e:45:d1:6c:dd:c3:ce:24:f9: 07:51:21:81:63:38:c4:78:a4:9a:8b:a0:51:9b:dc: cc:43:87:6c:e3:eb:14:3a:b3:8d:3d:9f:b7:47:30: cb:f1:0f:9e:68:0b:ed:9d:cd:52:d5:20:01:34:96: 51:4e:33:ba:78:0a:53:25:a0:26:88:3e:6f:e0:2c: 3e:24:b5:f0:a7:58:c1:95:d5:cd:29:e2:9e:bc:b2: 8a:43:fb:80:0e:e9:47:db:4a:e1:60:c1:52:d2:ad: b0:c0:96:6b:bf:e9:93:7b:7b:65:a7:10:a3:51:3d: a7:79:fb:79:d6:a9:73:81:7a:11:fc:32:6f:e0:c8: a7:d8:b0:18:31:42:f7:ae:3c:42:12:51:4b:b3:13: ca:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:9B:73:51:55:E3:06:87:11:7D:40:83:1B:92:BC:A5:96:86:CF:AE X509v3 Authority Key Identifier: keyid:5F:C1:B6:38:CC:CD:FF:99:D6:44:56:55:29:C8:07:08:68:68:9B:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8G2OMzN_5nWRFZVKcgHCGhomzE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E28E/CDA3A71EF59B11EFA4F57128C4F9AE02/X8G2OMzN_5nWRFZVKcgHCGhomzE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:d9:d3:1b:26:86:0d:ee:89:a6:66:eb:91:ea:e7:90:8e:6d: 04:7a:2d:39:2b:2d:ee:b0:f9:7a:24:76:06:9c:33:2c:bb:d4: f2:30:ce:4e:9b:d0:dd:13:22:57:e7:f5:b9:d1:14:50:03:e6: 18:7e:f4:2f:91:67:2d:4d:23:b6:91:12:e5:25:40:60:ed:e6: 43:a1:88:f4:01:b5:cd:75:73:ee:90:3a:f0:9e:60:76:55:c8: e0:e2:a5:76:82:6c:08:e1:43:15:bb:cd:96:10:f5:ea:21:4e: 57:e6:ac:20:eb:f7:08:cc:57:6c:0b:54:12:dd:5c:af:2d:bd: ef:47:58:f1:c3:91:d4:a5:37:ae:84:bb:f8:9c:cf:03:03:a2: f7:f6:8d:72:31:43:6f:4d:0c:5e:27:37:d1:16:1d:17:0c:32: eb:86:c3:c4:b8:08:57:5b:81:0f:41:a0:ad:5b:36:6d:bb:6c: 2c:a3:52:39:df:bd:16:0b:1a:fa:40:70:4a:76:b2:74:d5:92: 33:7b:64:1d:a1:81:62:05:97:5b:dd:bc:16:7b:f0:fd:a3:df: d5:df:26:5f:9e:a8:97:19:e3:05:c5:03:ae:3a:ce:57:24:96: 36:de:82:27:58:af:7c:40:92:49:bf:a9:5a:4c:39:7e:52:c1: ae:cb:ae:3f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RTI4RTExMC8GA1UEBRMoNUZDMUI2MzhDQ0NERkY5OUQ2NDQ1NjU1MjlDODA3MDg2 ODY4OUIzMTAeFw0yNTA3MDMwNzQxNDJaFw0yNTA3MTAwNzQxNDJaMBgxFjAUBgNV BAMTDTY4NjYzNDM2LTE1ZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzKzpmzOKEzYW8cCU2x4k65EEPhRCIPkDF//+VcSAiF2zSnHfqdKTpwqqOtYb3 sqTMxMozQu+oGGEkVLcr6uDziRJnVT2FoSmK+J1ZgfmCYWomaJhbfagHFlA6RI8+ itG2lptQqKSfcHoc5Hp5Ij5F0Wzdw84k+QdRIYFjOMR4pJqLoFGb3MxDh2zj6xQ6 s409n7dHMMvxD55oC+2dzVLVIAE0llFOM7p4ClMloCaIPm/gLD4ktfCnWMGV1c0p 4p68sopD+4AO6UfbSuFgwVLSrbDAlmu/6ZN7e2WnEKNRPad5+3nWqXOBehH8Mm/g yKfYsBgxQveuPEISUUuzE8oPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPZtzUVXj BocRfUCDG5K8pZaGz64wHwYDVR0jBBgwFoAUX8G2OMzN/5nWRFZVKcgHCGhomzEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFMjhFL0NEQTNBNzFFRjU5 QjExRUZBNEY1NzEyOEM0RjlBRTAyL1g4RzJPTXpOXzVuV1JGWlZLY2dIQ0dob216 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWDhHMk9Nek5fNW5XUkZaVktjZ0hDR2hvbXpFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThF MjhFL0NEQTNBNzFFRjU5QjExRUZBNEY1NzEyOEM0RjlBRTAyL1g4RzJPTXpOXzVu V1JGWlZLY2dIQ0dob216RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGHZ0xsmhg3uiaZm65Hq55CObQR6LTkrLe6w+XokdgacMyy71PIwzk6b 0N0TIlfn9bnRFFAD5hh+9C+RZy1NI7aREuUlQGDt5kOhiPQBtc11c+6QOvCeYHZV yODipXaCbAjhQxW7zZYQ9eohTlfmrCDr9wjMV2wLVBLdXK8tve9HWPHDkdSlN66E u/iczwMDovf2jXIxQ29NDF4nN9EWHRcMMuuGw8S4CFdbgQ9BoK1bNm27bCyjUjnf vRYLGvpAcEp2snTVkjN7ZB2hgWIFl1vdvBZ78P2j39XfJl+eqJcZ4wXFA646zlck ljbegidYr3xAkkm/qVpMOX5Swa7Lrj8= -----END CERTIFICATE-----Generated at Fri Jul 4 14:11:23 2025 by rpki-client