$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: OUw0n25e+lUIoMLXmRX/rFv5UYozmCp8nSxJ1wS/AHM= Subject key identifier: D5:BB:27:75:5C:CE:72:BB:7B:85:B0:82:F3:3C:5B:DF:B2:58:77:C9 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 0142 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 0138 Signing time: Thu 03 Jul 2025 04:35:43 +0000 Manifest this update: Thu 03 Jul 2025 04:35:42 +0000 Manifest next update: Thu 10 Jul 2025 04:35:42 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: B8PIVSg9sMDv1PMEcpcIMAh4/CvCdaOmNU3/i47nhXs=) 2: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: s0CFqQaJE4zfLQbz4CeHwWhJkg8L6CDsaxGgDdisTeI=) 3: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: tQp/nzqfCovKInVuREO99dY4qu3efR3x/X9HpDvqlY0=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: Dsh7pIT1SQfv6ivkNmsm2ZCHRytBDFAmEgjeRNzC7do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 322 (0x142) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: Jul 3 04:35:42 2025 GMT Not After : Jul 10 04:35:42 2025 GMT Subject: CN=6866089e-d6fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9d:f5:51:6a:72:4a:84:b0:0e:ba:ba:da:32: 6f:db:23:43:09:78:8a:21:af:41:07:54:0d:4c:0a: bb:e5:78:af:e8:2b:d4:d1:29:3d:ca:9a:6a:56:05: 9d:59:27:83:68:4d:96:a9:d3:10:31:2c:dd:6c:20: 9e:c6:e7:3e:ad:4b:cf:e0:ee:7f:d2:19:97:fe:f0: 11:65:25:32:f9:42:38:f8:b5:28:6b:ac:b1:29:39: 64:22:ce:90:9e:81:29:d1:58:16:44:83:85:a3:64: ec:6e:bf:b6:3d:32:04:c4:57:0d:08:14:65:f6:f0: 41:d7:6a:08:a7:ab:a1:71:c8:95:1a:08:91:97:6b: 45:a8:51:c0:3d:5f:03:38:92:69:93:88:a3:3a:5f: 7d:22:e3:4f:56:99:7e:45:f3:87:90:3c:2f:e9:2f: 2f:43:9d:8a:bb:c4:f4:88:c9:2d:fb:8b:33:4d:8f: 39:4c:93:dd:bd:7b:ce:5c:e6:91:d6:5b:f5:7b:b0: 48:f7:e4:ef:56:49:e1:9c:9a:8b:c0:e9:5a:18:e1: 99:25:19:cc:3b:9c:35:2f:ef:9c:be:2c:15:bd:73: cd:9e:38:25:c0:a8:24:dd:64:5c:b0:ab:ba:d3:d9: 38:a7:93:ba:cb:98:22:6f:a9:73:71:1f:02:90:c0: 2a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:BB:27:75:5C:CE:72:BB:7B:85:B0:82:F3:3C:5B:DF:B2:58:77:C9 X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:7f:42:f8:b9:d9:4b:27:58:37:e1:bc:ec:17:da:c0:1e:58: f4:b1:8e:3f:b6:9c:43:2d:8d:46:ab:88:c8:5d:42:e4:b6:fe: 3e:48:b4:de:39:01:01:04:01:b7:43:9b:23:01:ef:58:f6:84: e1:2a:be:8a:28:f7:2e:f8:3b:93:7a:c7:68:12:8b:cf:3a:d1: 7a:96:60:7f:4e:2f:95:c4:b1:6b:82:8e:c3:f6:c0:9a:f6:d6: eb:a8:9c:0e:2b:4c:91:f6:ae:b8:11:03:48:dd:99:8c:62:64: f3:98:4f:ea:cc:0d:61:00:6c:7b:84:9f:6c:86:b4:4f:7b:1a: 1e:64:12:40:18:7f:35:46:da:32:8e:cf:32:8f:05:b3:cd:72: 4e:7f:ef:d8:9f:70:53:62:92:e2:b4:0f:3e:26:ec:31:33:97: d8:86:af:04:bd:41:09:a4:cc:54:81:52:e8:e2:64:e9:2b:a1: 63:dd:d8:13:f0:d5:18:61:78:bd:a9:18:cf:47:cc:4d:17:a4: 83:ae:5f:5a:e0:a5:f9:05:4e:ac:f9:69:45:f1:42:73:a4:da: ab:38:fd:30:e7:41:ee:7e:50:b8:0f:ec:19:41:cd:74:b5:d6: 89:ee:00:96:69:c7:37:d9:ed:3e:26:81:1e:d8:c0:45:65:48: 86:0c:29:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUwNzAzMDQzNTQyWhcNMjUwNzEwMDQzNTQyWjAYMRYwFAYD VQQDEw02ODY2MDg5ZS1kNmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqp31UWpySoSwDrq62jJv2yNDCXiKIa9BB1QNTAq75Xiv6CvU0Sk9yppqVgWd WSeDaE2WqdMQMSzdbCCexuc+rUvP4O5/0hmX/vARZSUy+UI4+LUoa6yxKTlkIs6Q noEp0VgWRIOFo2Tsbr+2PTIExFcNCBRl9vBB12oIp6uhcciVGgiRl2tFqFHAPV8D OJJpk4ijOl99IuNPVpl+RfOHkDwv6S8vQ52Ku8T0iMkt+4szTY85TJPdvXvOXOaR 1lv1e7BI9+TvVknhnJqLwOlaGOGZJRnMO5w1L++cviwVvXPNnjglwKgk3WRcsKu6 09k4p5O6y5gib6lzcR8CkMAqNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNW7J3Vc znK7e4WwgvM8W9+yWHfJMB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAf0L4udlLJ1g34bzsF9rAHlj0sY4/tpxDLY1Gq4jIXULktv4+SLTe OQEBBAG3Q5sjAe9Y9oThKr6KKPcu+DuTesdoEovPOtF6lmB/Ti+VxLFrgo7D9sCa 9tbrqJwOK0yR9q64EQNI3ZmMYmTzmE/qzA1hAGx7hJ9shrRPexoeZBJAGH81Rtoy js8yjwWzzXJOf+/Yn3BTYpLitA8+JuwxM5fYhq8EvUEJpMxUgVLo4mTpK6Fj3dgT 8NUYYXi9qRjPR8xNF6SDrl9a4KX5BU6s+WlF8UJzpNqrOP0w50HuflC4D+wZQc10 tdaJ7gCWacc32e0+JoEe2MBFZUiGDCk0 -----END CERTIFICATE-----Generated at Thu Jul 3 09:51:41 2025 by rpki-client