$ rpki-client -vvf rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft File: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft (raw, json) Hash identifier: DNCoKcQw3dcCCL400gVSFqJ4DCoetlaJAHlfHXLlWz4= Subject key identifier: 65:D2:2C:52:F1:36:48:1A:1D:70:B8:1B:4C:BC:74:42:23:D4:CD:7D Authority key identifier: E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E Certificate issuer: /CN=A9118799/serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Certificate serial: 193C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft Manifest number: 192D Signing time: Sat 14 Jun 2025 16:23:19 +0000 Manifest this update: Sat 14 Jun 2025 16:23:19 +0000 Manifest next update: Sat 21 Jun 2025 16:23:19 +0000 Files and hashes: 1: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl (hash: cKKJxlm9eWoOvCfIvPUQtEe1G5MDetlXwhXf/lvgp/c=) 2: 99AB821E859C11E7A1FEC80AC4F9AE02.roa (hash: P4Ek16t0ZEw/MnJDtAJSlLMC0jHATAWAbBg4OWQTq78=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 16:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6460 (0x193c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118799, serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Validity Not Before: Jun 14 16:23:19 2025 GMT Not After : Jun 21 16:23:19 2025 GMT Subject: CN=684da1f7-cc52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:5c:f7:a7:cb:ae:51:d9:d0:df:c7:2a:64:37: 0e:1f:70:f8:bb:d4:df:7c:64:55:f3:10:a2:4d:c4: a2:70:6a:0b:f4:d1:1d:4c:ca:bf:ea:f2:d1:16:f3: 42:86:cf:11:05:2d:5e:df:42:39:88:2a:56:b2:07: 46:89:9a:e3:e3:b4:88:df:03:32:3b:98:bd:af:f5: 3e:68:8c:14:28:ef:c3:62:fe:61:5b:d8:e1:fe:c1: 4f:52:d3:c8:22:ab:88:40:cf:cd:aa:08:09:22:d6: a6:15:98:7b:c1:ac:77:c9:54:3c:cd:b6:42:07:55: ea:a1:0d:4d:d6:f9:72:b4:9e:62:98:a2:ab:94:4d: 0d:90:f1:10:ba:e6:c0:fb:6d:d7:59:d5:a8:35:0b: ee:ed:a9:da:4f:33:5b:d8:d1:7e:c0:f7:21:30:cc: ea:57:c7:b5:db:75:05:56:96:22:93:ea:57:dc:62: 91:73:dd:8c:f3:af:0f:39:1c:17:a5:02:8b:75:63: 9e:2c:8e:01:63:3f:9e:5d:78:d7:08:fc:cb:ec:3b: b0:78:6f:91:c7:6b:ed:b7:d0:c2:16:5e:e7:bb:18: 67:23:7c:e1:34:34:f5:52:2d:50:23:b7:e6:15:38: f6:69:55:f6:42:19:7f:cb:a1:f3:ab:e8:bd:c0:54: 3a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:D2:2C:52:F1:36:48:1A:1D:70:B8:1B:4C:BC:74:42:23:D4:CD:7D X509v3 Authority Key Identifier: keyid:E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:7c:86:28:7f:49:d5:68:91:d0:df:14:6d:7e:59:58:fa:e5: 42:9c:e6:91:b2:fa:2b:5b:fc:b3:3e:08:5f:d9:86:41:5e:fc: 06:9c:ea:e5:58:3b:84:39:ff:6c:8b:d4:2d:78:50:86:f8:52: 0f:ae:68:01:99:22:02:b6:7f:4d:b2:4f:8a:09:86:0c:8d:b7: 10:75:65:f3:65:38:2a:ce:c2:be:ad:de:ad:20:10:4a:5c:01: 2f:03:a7:80:96:70:be:5a:bf:96:dc:0b:34:a6:a4:b0:4c:ca: 9a:13:f0:1a:03:ea:3b:bd:20:9d:68:9b:4f:9d:47:00:0a:76: 1b:14:84:bb:28:34:4c:e2:b0:1e:8f:b7:63:66:b2:15:37:5f: 7d:d4:ab:fd:1b:25:51:ed:0c:e3:24:01:76:3d:88:bd:43:2e: a6:6c:bf:f4:1b:8d:5e:da:35:25:7c:d7:f1:f3:01:3c:94:1b: 10:9c:9e:c3:a2:ab:0c:34:d7:82:7b:26:74:8c:af:ed:88:b4: 48:f6:e8:37:e6:33:f3:49:f4:ea:1c:f2:73:5e:76:12:e4:9b: 94:ae:3f:b7:0f:ae:f5:96:e4:f9:c2:e3:e5:ea:3d:31:b3:92: e8:78:cd:2d:ae:16:ca:c0:64:e1:7a:c2:f5:77:11:28:47:68: 71:00:a2:2d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGTwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTg3OTkxMTAvBgNVBAUTKEUwQ0FBRDE3QzA2OEQ4NjAyQkNDRUI0NjdCNDU1NTEw QkM1MjM5MEUwHhcNMjUwNjE0MTYyMzE5WhcNMjUwNjIxMTYyMzE5WjAYMRYwFAYD VQQDEw02ODRkYTFmNy1jYzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsVz3p8uuUdnQ38cqZDcOH3D4u9TffGRV8xCiTcSicGoL9NEdTMq/6vLRFvNC hs8RBS1e30I5iCpWsgdGiZrj47SI3wMyO5i9r/U+aIwUKO/DYv5hW9jh/sFPUtPI IquIQM/NqggJItamFZh7wax3yVQ8zbZCB1XqoQ1N1vlytJ5imKKrlE0NkPEQuubA +23XWdWoNQvu7anaTzNb2NF+wPchMMzqV8e123UFVpYik+pX3GKRc92M868PORwX pQKLdWOeLI4BYz+eXXjXCPzL7DuweG+Rx2vtt9DCFl7nuxhnI3zhNDT1Ui1QI7fm FTj2aVX2Qhl/y6Hzq+i9wFQ6fwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGXSLFLx NkgaHXC4G0y8dEIj1M19MB8GA1UdIwQYMBaAFODKrRfAaNhgK8zrRntFVRC8UjkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODc5OS8zMjg3QkZBMjdF QzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJHQXJ6T3RHZTBWVkVMeFNP UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRNcXRGOEJvMkdBcnpPdEdlMFZWRUx4U09RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODc5OS8zMjg3QkZBMjdFQzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJH QXJ6T3RHZTBWVkVMeFNPUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkfIYof0nVaJHQ3xRtfllY+uVCnOaRsvorW/yzPghf2YZBXvwGnOrl WDuEOf9si9QteFCG+FIPrmgBmSICtn9Nsk+KCYYMjbcQdWXzZTgqzsK+rd6tIBBK XAEvA6eAlnC+Wr+W3As0pqSwTMqaE/AaA+o7vSCdaJtPnUcACnYbFIS7KDRM4rAe j7djZrIVN1991Kv9GyVR7QzjJAF2PYi9Qy6mbL/0G41e2jUlfNfx8wE8lBsQnJ7D oqsMNNeCeyZ0jK/tiLRI9ug35jPzSfTqHPJzXnYS5JuUrj+3D671luT5wuPl6j0x s5LoeM0trhbKwGThesL1dxEoR2hxAKIt -----END CERTIFICATE-----Generated at Sun Jun 15 09:30:03 2025 by rpki-client