$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft File: iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft (raw, json) Hash identifier: jhQOFK8JOt//Yboz9njmqAmRW9l1cW8VUc7YgoWXIZI= Subject key identifier: E5:FA:60:A4:B7:C3:C0:0C:17:BB:15:6C:7D:B4:38:61:E7:61:D9:82 Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D Certificate issuer: /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft Manifest number: 011C Signing time: Thu 03 Jul 2025 05:08:05 +0000 Manifest this update: Thu 03 Jul 2025 05:08:05 +0000 Manifest next update: Thu 10 Jul 2025 05:08:05 +0000 Files and hashes: 1: iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl (hash: iYpYuj5uh8gaAKiIDiKJXNtGfuFLOfzdhNsrR5w6M8A=) 2: 87662556555511EF88D9F680C4F9AE02.roa (hash: k8ciaOJiovKzhjLhsMW8Olbo59H12ftecdkV4UavoKg=) 3: F406C3F26AE311EF82D7860FC4F9AE02.roa (hash: BGxl2SOPQW6C/i2r2VN80go3aEYSETpmK67AkebR/E4=) 4: D7FEF354562111EFA7B3F00AC4F9AE02.roa (hash: Z74c44o/GimXrdeWvw94wRAl3MPTrcV7W0A3AuI0ILk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195F7B, serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D Validity Not Before: Jul 3 05:08:05 2025 GMT Not After : Jul 10 05:08:05 2025 GMT Subject: CN=68661035-0f17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a6:e6:b8:07:fc:8a:f2:2e:a5:b4:96:1a:c8: cf:d0:67:9c:d7:25:13:e9:0a:ff:c2:4b:8d:fa:eb: 95:0a:2b:95:49:e1:14:71:5e:d3:96:4b:53:34:a4: 54:77:71:bc:88:bd:ac:92:d0:76:4a:f2:9d:a6:63: 88:4c:17:28:07:cf:15:65:ba:a5:4e:3b:6b:da:b0: 2d:d1:7e:33:d4:8b:e3:3d:bc:7b:de:75:72:30:f8: e3:56:e6:35:c5:f2:d5:cd:cb:5e:03:91:fd:4e:d9: ba:1b:dd:eb:8b:7b:02:b6:24:91:45:7b:c2:4f:88: cc:33:a4:67:3d:91:f4:a3:e1:bd:68:8a:ec:e8:c8: cd:17:1c:f7:54:a1:a5:ae:f3:34:22:f5:f7:20:d5: d0:1c:ae:8f:75:8b:a2:8e:30:2c:68:51:a8:8a:27: 6a:83:62:8f:e9:0c:cf:36:b8:8b:da:0d:42:32:2d: 25:3d:06:f0:69:24:18:96:f2:9f:fc:1a:6e:e8:7a: 81:e8:18:fb:15:ed:31:85:fa:e7:9f:17:e5:8c:63: ae:89:9b:3a:7d:79:87:04:b6:0e:a6:2e:7b:b0:60: 92:0a:46:e3:d7:3c:f8:c0:3e:cd:19:ce:18:10:19: 75:52:e6:6c:0c:9e:ca:22:67:83:79:73:1c:ef:d6: 81:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:FA:60:A4:B7:C3:C0:0C:17:BB:15:6C:7D:B4:38:61:E7:61:D9:82 X509v3 Authority Key Identifier: keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:ae:b3:ec:f0:ca:ee:4d:a7:63:ab:65:dc:ad:ca:0d:fe:19: d6:30:19:85:42:ea:ef:e0:95:2c:3b:4b:35:e4:77:51:a7:c9: cf:8a:54:03:07:94:b6:9e:2f:ca:10:01:07:2f:92:f4:f5:8e: fb:8a:b4:6f:4d:a5:33:83:dd:b7:de:7a:ed:1c:8d:67:b9:a6: 4e:4d:07:59:89:d0:68:43:e6:35:ed:2f:db:cb:c7:a8:7e:c4: be:79:5b:3e:41:44:07:cc:97:63:b2:2d:b1:65:39:ce:d6:5e: d3:4a:b6:89:a5:3f:65:14:d3:fb:34:87:c6:e8:05:5f:b6:6c: 06:e8:00:8c:ce:a4:02:17:d2:ba:7d:d5:19:81:ab:e2:20:55: 34:b8:57:c1:14:9f:ed:b7:cf:7f:6e:51:c5:dc:a2:2b:56:7a: 68:da:29:28:e1:5f:67:a5:8e:0e:5d:5d:bc:43:9e:01:af:9b: 4a:6a:a3:f6:3f:d4:ef:52:5e:69:ed:c1:ba:03:50:a6:7a:9b: 30:a1:7c:51:27:6d:11:55:97:f4:8e:11:1a:87:da:8f:1f:18: 20:87:4f:04:d6:53:4b:00:8d:52:96:dc:ed:e6:3a:de:cc:32: 68:67:e0:0d:35:39:f9:a2:01:f4:2c:e5:12:5e:8c:de:43:03: 3f:e2:c2:1f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVGN0IxMTAvBgNVBAUTKDg5MEIxREVGRTg4RDU5MTk2QkNDN0I2NTI2OEM2MkU4 NkU1NEQ0NkQwHhcNMjUwNzAzMDUwODA1WhcNMjUwNzEwMDUwODA1WjAYMRYwFAYD VQQDEw02ODY2MTAzNS0wZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr6bmuAf8ivIupbSWGsjP0Gec1yUT6Qr/wkuN+uuVCiuVSeEUcV7TlktTNKRU d3G8iL2sktB2SvKdpmOITBcoB88VZbqlTjtr2rAt0X4z1IvjPbx73nVyMPjjVuY1 xfLVzcteA5H9Ttm6G93ri3sCtiSRRXvCT4jMM6RnPZH0o+G9aIrs6MjNFxz3VKGl rvM0IvX3INXQHK6PdYuijjAsaFGoiidqg2KP6QzPNriL2g1CMi0lPQbwaSQYlvKf /Bpu6HqB6Bj7Fe0xhfrnnxfljGOuiZs6fXmHBLYOpi57sGCSCkbj1zz4wD7NGc4Y EBl1UuZsDJ7KImeDeXMc79aBeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOX6YKS3 w8AMF7sVbH20OGHnYdmCMB8GA1UdIwQYMBaAFIkLHe/ojVkZa8x7ZSaMYuhuVNRt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUY3Qi9BMTMxQjM5NEJC MzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldSbHJ6SHRsSm94aTZHNVUx RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFHMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9pUXNkNy1pTldS bHJ6SHRsSm94aTZHNVUxRzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQrrPs8MruTadjq2XcrcoN/hnWMBmFQurv4JUsO0s15HdRp8nPilQD B5S2ni/KEAEHL5L09Y77irRvTaUzg9233nrtHI1nuaZOTQdZidBoQ+Y17S/by8eo fsS+eVs+QUQHzJdjsi2xZTnO1l7TSraJpT9lFNP7NIfG6AVftmwG6ACMzqQCF9K6 fdUZgaviIFU0uFfBFJ/tt89/blHF3KIrVnpo2iko4V9npY4OXV28Q54Br5tKaqP2 P9TvUl5p7cG6A1CmepswoXxRJ20RVZf0jhEah9qPHxggh08E1lNLAI1Sltzt5jre zDJoZ+ANNTn5ogH0LOUSXozeQwM/4sIf -----END CERTIFICATE-----Generated at Thu Jul 3 23:45:54 2025 by rpki-client