$ rpki-client -vvf rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft File: lSpNx8TWEJWYvu5awKIG0nuFxWo.mft (raw, json) Hash identifier: UwFALode+Ckx/CQyfoUIc1pNnQ7cuxCLidcR1yQG8mE= Subject key identifier: 79:9C:DD:EA:D5:54:0E:49:D2:63:18:27:70:59:64:5E:67:C8:18:23 Authority key identifier: 95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A Certificate issuer: /CN=A912D71D/serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft Manifest number: 10 Signing time: Sat 21 Jun 2025 07:02:15 +0000 Manifest this update: Sat 21 Jun 2025 07:02:15 +0000 Manifest next update: Sat 28 Jun 2025 07:02:15 +0000 Files and hashes: 1: lSpNx8TWEJWYvu5awKIG0nuFxWo.crl (hash: Cvm3K+9B12ClHgPpPqyBPcKPprj9UVzm0KiQJ00C1Xg=) 2: 4002AE6236CF11F0AA705D26C4F9AE02.roa (hash: mqzypacDD7xIbwYv9NK8trW6oiDHkBTrKySSx1uZLFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Jun 2025 07:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D71D, serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Validity Not Before: Jun 21 07:02:15 2025 GMT Not After : Jun 28 07:02:15 2025 GMT Subject: CN=685658f7-8036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:63:9c:3b:d4:9b:6d:f9:cb:fb:e8:78:10:89: 8a:a3:7e:36:95:2d:8f:c0:ee:d1:0b:e3:19:28:48: 85:24:4a:d9:7a:d7:4b:64:20:36:87:dd:2c:0c:90: 95:93:cf:9e:45:ad:fa:44:28:44:9d:7c:1d:0a:34: 33:42:53:d6:ab:8d:b4:dc:9c:fd:09:0a:9c:a1:8b: d9:38:c1:96:93:46:80:08:ea:36:6c:f8:93:f5:f9: 0a:87:38:40:57:97:e3:17:9f:2a:56:b1:5f:5c:22: ca:2f:6f:b0:c8:1c:b0:0d:47:57:88:b8:21:e2:d0: e7:1d:e2:12:ba:5a:85:e5:5a:9e:96:f9:c1:90:29: 69:e6:34:68:f0:7d:7b:23:ec:e7:9f:6e:47:23:eb: a4:6f:ee:3c:b5:9e:1b:7b:d5:1b:39:22:42:0b:f0: 4a:79:0a:1f:ad:82:a2:1e:18:14:95:98:f5:8c:75: 96:04:de:9f:a1:29:ed:95:b3:89:21:a3:23:27:58: 69:84:bd:cd:49:e9:ba:3a:0e:a8:3a:0a:b4:26:7b: 60:ae:d8:0f:27:a4:6c:11:0b:5a:3e:ae:66:36:91: 1b:f0:7c:36:ff:a2:c0:6e:06:02:d0:11:a6:0e:5c: 71:45:de:d2:0f:f5:08:9e:62:42:96:3b:c8:35:06: e8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:9C:DD:EA:D5:54:0E:49:D2:63:18:27:70:59:64:5E:67:C8:18:23 X509v3 Authority Key Identifier: keyid:95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:76:3c:0e:2a:07:2d:fc:4c:0d:a9:77:28:fe:ff:b1:0a:17: ba:bb:3d:3f:a7:ce:ef:73:6c:31:1a:99:c7:38:b2:b1:26:be: 8d:2d:df:0a:11:30:19:4e:bb:d1:75:fe:b0:40:77:2a:03:ed: 3f:4b:9a:bc:60:f7:c9:82:58:69:2b:fd:35:21:43:b2:82:28: b0:80:8a:4e:28:9f:f7:4b:4c:a9:48:3c:ec:b9:49:04:7a:fc: ff:56:bc:3e:34:96:bc:b6:eb:d0:ca:6f:4c:46:f4:87:6d:91: 06:d3:10:11:ca:9f:9a:77:74:8b:20:06:c8:7f:ff:d2:d4:3b: e1:7d:26:17:b7:4c:6e:f4:a5:26:98:44:07:9f:c6:e7:8d:a2: c5:a2:ce:c6:00:7f:9c:32:a5:1a:06:a9:fd:13:99:24:57:b1: dc:55:a7:ed:dc:8b:93:13:41:0e:c2:82:2a:6e:c6:15:07:09: a5:91:6a:f3:96:d9:6f:1d:ab:d8:94:bd:34:aa:e2:df:c6:df: b9:3e:1c:42:31:0a:13:53:03:15:cf:d1:d4:d6:75:5c:f9:36: 93:46:ec:38:d1:67:77:f4:9c:86:ed:df:59:e3:d5:9e:e2:af: b4:38:05:2c:23:83:00:ee:ea:99:14:f3:9f:7a:ba:bb:d5:74: 6f:f1:20:25 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RDcxRDExMC8GA1UEBRMoOTUyQTREQzdDNEQ2MTA5NTk4QkVFRTVBQzBBMjA2RDI3 Qjg1QzU2QTAeFw0yNTA2MjEwNzAyMTVaFw0yNTA2MjgwNzAyMTVaMBgxFjAUBgNV BAMTDTY4NTY1OGY3LTgwMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDaY5w71Jtt+cv76HgQiYqjfjaVLY/A7tEL4xkoSIUkStl610tkIDaH3SwMkJWT z55FrfpEKESdfB0KNDNCU9arjbTcnP0JCpyhi9k4wZaTRoAI6jZs+JP1+QqHOEBX l+MXnypWsV9cIsovb7DIHLANR1eIuCHi0Ocd4hK6WoXlWp6W+cGQKWnmNGjwfXsj 7Oefbkcj66Rv7jy1nht71Rs5IkIL8Ep5Ch+tgqIeGBSVmPWMdZYE3p+hKe2Vs4kh oyMnWGmEvc1J6bo6Dqg6CrQme2Cu2A8npGwRC1o+rmY2kRvwfDb/osBuBgLQEaYO XHFF3tIP9QieYkKWO8g1BuhBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUeZzd6tVU DknSYxgncFlkXmfIGCMwHwYDVR0jBBgwFoAUlSpNx8TWEJWYvu5awKIG0nuFxWow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJENzFELzFFMEY5OTJFMzZD RTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpXWXZ1NWF3S0lHMG51RnhX by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbFNwTng4VFdFSldZdnU1YXdLSUcwbnVGeFdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJE NzFELzFFMEY5OTJFMzZDRTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpX WXZ1NWF3S0lHMG51RnhXby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAI92PA4qBy38TA2pdyj+/7EKF7q7PT+nzu9zbDEamcc4srEmvo0t3woR MBlOu9F1/rBAdyoD7T9Lmrxg98mCWGkr/TUhQ7KCKLCAik4on/dLTKlIPOy5SQR6 /P9WvD40lry269DKb0xG9IdtkQbTEBHKn5p3dIsgBsh//9LUO+F9Jhe3TG70pSaY RAefxueNosWizsYAf5wypRoGqf0TmSRXsdxVp+3ci5MTQQ7CgipuxhUHCaWRavOW 2W8dq9iUvTSq4t/G37k+HEIxChNTAxXP0dTWdVz5NpNG7DjRZ3f0nIbt31nj1Z7i r7Q4BSwjgwDu6pkU8596urvVdG/xICU= -----END CERTIFICATE-----Generated at Sun Jun 22 08:56:45 2025 by rpki-client