$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: q4hvWWLTSJLQvOeWWABE8asuF8i2OuU17zfSkJjOi5c= Subject key identifier: 73:25:3C:29:2E:57:18:84:3A:5A:A2:41:34:DC:0D:17:DD:B9:88:2C Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 0998 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 098E Signing time: Sat 14 Jun 2025 19:55:35 +0000 Manifest this update: Sat 14 Jun 2025 19:55:35 +0000 Manifest next update: Sat 21 Jun 2025 19:55:35 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: C4T3wWiyGr/WvJfxQLSGcFl1TJnb1t/6e2DzRZ/cAGE=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:55:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2456 (0x998) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Jun 14 19:55:35 2025 GMT Not After : Jun 21 19:55:35 2025 GMT Subject: CN=684dd3b7-e7bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f0:b3:89:a7:0b:02:9f:f9:79:88:d6:b5:41: a9:b6:28:a5:1a:75:b3:e8:29:a5:96:a0:6c:1f:94: e9:f3:83:b6:5c:f1:49:dd:b4:5e:b1:9c:b6:b3:56: 7d:cb:5f:79:4c:3d:60:04:67:ac:51:12:54:27:80: 3b:11:78:b9:2a:84:56:0e:79:ed:48:b8:c3:9c:6a: d7:05:c1:02:8c:45:3f:e7:f6:8a:8e:fa:77:94:84: c6:12:fb:22:80:ff:20:ba:24:e5:0d:52:f6:c8:11: 85:af:c3:6e:ca:bd:b3:23:ab:05:d5:fc:c0:58:c9: f7:48:8b:e8:4d:f1:4c:ae:e3:8d:5d:9e:d4:d1:59: bf:aa:5c:39:ac:df:66:38:e4:35:e0:0e:c9:c5:fc: 48:c5:6e:a3:dc:4c:23:4e:36:9a:3f:4c:8d:a0:6c: ad:0f:72:c6:e4:ca:48:4e:02:f1:30:d8:4d:6a:30: 99:59:50:17:35:c1:79:a8:d2:81:52:95:64:55:35: 51:e4:55:62:fc:3c:31:b9:50:2f:30:34:28:12:4a: 42:92:be:4e:40:98:3c:97:bf:ea:20:b2:4a:17:4d: d8:66:a1:e0:c5:e8:f7:3c:19:a2:d1:25:39:e4:69: 13:42:63:9c:f6:bf:14:10:ef:d9:fc:75:3f:4f:63: e3:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:25:3C:29:2E:57:18:84:3A:5A:A2:41:34:DC:0D:17:DD:B9:88:2C X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:87:d4:61:52:f9:7f:74:ba:27:8d:88:c4:d2:6c:52:17:27: 12:5b:50:83:bc:16:25:7b:49:55:ac:1b:7f:d2:1c:8f:72:e8: 59:af:c6:1e:03:57:29:9f:99:74:1e:f6:40:96:01:cd:b3:38: c4:e9:9a:6a:0d:ba:c2:3e:1c:0b:a3:3a:ff:bc:00:aa:97:d6: 51:6c:4b:6e:7e:02:fa:4a:96:a2:5c:00:25:87:e1:10:9d:e0: a7:c6:a5:85:0a:bd:23:5c:b3:37:7e:a6:ba:9f:bc:72:8b:f0: 05:72:8c:67:e4:43:20:f5:17:bc:de:b4:b3:9c:60:73:60:39: bf:73:44:8c:c5:51:4f:de:94:51:59:67:1a:f1:3d:3e:24:e7: 66:18:5e:f2:19:85:79:02:a5:32:1b:4f:cc:bc:13:0e:e4:82: 04:b4:55:cf:59:db:03:d9:df:6c:41:4b:fc:f6:c7:09:ab:62: 2b:03:a7:70:39:b2:75:02:4f:43:d5:0d:a4:e4:f1:ed:a1:dd: b8:23:c6:55:6a:f2:29:38:24:8a:1f:ef:9d:fe:c1:36:c5:e4: b5:61:12:ea:5c:61:7d:ad:b3:42:b4:69:76:ae:bc:bb:ac:e0: da:01:c4:2e:b1:d0:7f:ad:24:f5:ef:46:b8:df:1b:ed:96:54: ad:25:d0:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUwNjE0MTk1NTM1WhcNMjUwNjIxMTk1NTM1WjAYMRYwFAYD VQQDEw02ODRkZDNiNy1lN2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlvCziacLAp/5eYjWtUGptiilGnWz6CmllqBsH5Tp84O2XPFJ3bResZy2s1Z9 y195TD1gBGesURJUJ4A7EXi5KoRWDnntSLjDnGrXBcECjEU/5/aKjvp3lITGEvsi gP8guiTlDVL2yBGFr8Nuyr2zI6sF1fzAWMn3SIvoTfFMruONXZ7U0Vm/qlw5rN9m OOQ14A7JxfxIxW6j3EwjTjaaP0yNoGytD3LG5MpITgLxMNhNajCZWVAXNcF5qNKB UpVkVTVR5FVi/DwxuVAvMDQoEkpCkr5OQJg8l7/qILJKF03YZqHgxej3PBmi0SU5 5GkTQmOc9r8UEO/Z/HU/T2PjiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHMlPCku VxiEOlqiQTTcDRfduYgsMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCh9RhUvl/dLonjYjE0mxSFycSW1CDvBYle0lVrBt/0hyPcuhZr8Ye A1cpn5l0HvZAlgHNszjE6ZpqDbrCPhwLozr/vACql9ZRbEtufgL6SpaiXAAlh+EQ neCnxqWFCr0jXLM3fqa6n7xyi/AFcoxn5EMg9Re83rSznGBzYDm/c0SMxVFP3pRR WWca8T0+JOdmGF7yGYV5AqUyG0/MvBMO5IIEtFXPWdsD2d9sQUv89scJq2IrA6dw ObJ1Ak9D1Q2k5PHtod24I8ZVavIpOCSKH++d/sE2xeS1YRLqXGF9rbNCtGl2rry7 rODaAcQusdB/rST170a43xvtllStJdC2 -----END CERTIFICATE-----Generated at Sun Jun 15 09:54:50 2025 by rpki-client