$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: lVwMkqYRPVfN3N9pHrt+XcJLI2xB8k4GeL/nVW6j6Cg= Subject key identifier: 2C:DB:28:88:1D:4E:D9:06:79:13:6D:6F:41:BE:89:53:08:21:A1:66 Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D23 Signing time: Sat 14 Jun 2025 17:56:16 +0000 Manifest this update: Sat 14 Jun 2025 17:56:15 +0000 Manifest next update: Sat 21 Jun 2025 17:56:15 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: okBlyZ/rd02bjIpgihnkoZZ9F9ZMgu9hMXfAfLjbFt0=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:56:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3372 (0xd2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Jun 14 17:56:15 2025 GMT Not After : Jun 21 17:56:15 2025 GMT Subject: CN=684db7bf-a85b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b5:b1:8f:0e:be:47:14:04:dc:99:ff:20:b8: 64:a0:7c:6d:33:d5:d2:64:1f:93:a6:8f:1e:38:2c: be:3a:ad:75:a6:ed:f8:ed:2d:6c:be:1f:2b:5b:49: ed:25:66:a7:cd:47:01:6c:01:9d:f7:d7:be:81:83: dc:89:57:67:96:c2:88:32:6f:cf:e4:8b:79:6f:25: cb:c4:a0:fa:6b:71:3b:9c:16:bd:b1:9a:af:34:25: 0b:c8:ee:89:d7:06:39:00:37:08:72:a7:37:f0:40: db:3e:03:3e:36:0f:d0:97:b4:40:14:34:24:0c:e1: 37:ee:59:90:fe:41:1e:f0:8a:72:96:f6:ba:4a:6d: 6a:9b:ef:28:f4:4b:ad:9d:cc:77:ff:bd:10:5f:c8: 29:a1:57:a4:79:9f:c3:62:9f:8a:13:f2:2e:f7:c4: 87:4e:0a:71:24:89:70:45:92:c6:79:a3:3f:5c:bc: af:83:63:18:5e:57:a1:c5:2f:26:62:eb:1c:7d:8f: fe:a6:e4:da:eb:93:aa:90:83:00:95:96:81:80:14: ff:3f:47:20:b1:0a:e5:19:b8:7a:87:cf:cb:5c:41: 2a:b7:44:29:f4:e8:31:72:23:74:97:a9:a5:ed:10: 26:d1:60:aa:84:fc:2b:c9:4e:eb:b0:f0:ed:d4:27: 31:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DB:28:88:1D:4E:D9:06:79:13:6D:6F:41:BE:89:53:08:21:A1:66 X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:b6:61:64:34:97:e6:4c:65:d1:4b:49:df:48:07:9d:c1:67: 03:f6:3e:5d:a1:70:a9:e4:a3:16:0f:14:31:19:28:bb:db:9a: fd:67:ec:16:d6:74:4c:e4:0a:df:5f:e6:03:c9:4d:a3:f7:f0: 95:d2:4b:44:23:23:62:b1:7f:1b:97:d4:27:7f:6c:28:90:d0: 15:f8:92:b4:97:18:09:ed:e9:35:47:30:1c:86:17:0d:2d:5c: 23:71:12:4e:36:1d:96:17:78:95:28:01:46:fb:7a:bd:cf:43: c3:3c:3f:23:f9:6b:67:a9:8a:9a:41:7a:e6:84:4d:ae:a4:b4: 50:6f:4a:bb:40:f2:9c:c9:0e:79:f4:56:65:76:e6:03:a0:2d: ee:6f:77:cd:f6:63:8c:92:dd:39:96:a2:93:9b:10:9f:3a:c2: d0:00:71:37:7a:ea:e6:11:01:82:9f:5f:13:08:bf:51:00:ef: 34:c4:42:cd:36:73:a7:af:c0:3a:e7:0c:c5:4c:f7:fd:d2:7e: 11:e7:2a:ba:0b:13:aa:38:52:54:e1:ce:dd:10:a5:92:68:e7: 6a:a2:36:78:a1:93:34:40:4c:a0:7c:a6:eb:e6:79:ef:db:ba: 1b:b7:23:eb:ca:04:02:0f:07:fc:e1:1b:9f:1a:c9:8b:16:8c: 81:1c:b4:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUwNjE0MTc1NjE1WhcNMjUwNjIxMTc1NjE1WjAYMRYwFAYD VQQDEw02ODRkYjdiZi1hODViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6rWxjw6+RxQE3Jn/ILhkoHxtM9XSZB+Tpo8eOCy+Oq11pu347S1svh8rW0nt JWanzUcBbAGd99e+gYPciVdnlsKIMm/P5It5byXLxKD6a3E7nBa9sZqvNCULyO6J 1wY5ADcIcqc38EDbPgM+Ng/Ql7RAFDQkDOE37lmQ/kEe8Ipylva6Sm1qm+8o9Eut ncx3/70QX8gpoVekeZ/DYp+KE/Iu98SHTgpxJIlwRZLGeaM/XLyvg2MYXlehxS8m YuscfY/+puTa65OqkIMAlZaBgBT/P0cgsQrlGbh6h8/LXEEqt0Qp9OgxciN0l6ml 7RAm0WCqhPwryU7rsPDt1CcxfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCzbKIgd TtkGeRNtb0G+iVMIIaFmMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCotmFkNJfmTGXRS0nfSAedwWcD9j5doXCp5KMWDxQxGSi725r9Z+wW 1nRM5ArfX+YDyU2j9/CV0ktEIyNisX8bl9Qnf2wokNAV+JK0lxgJ7ek1RzAchhcN LVwjcRJONh2WF3iVKAFG+3q9z0PDPD8j+WtnqYqaQXrmhE2upLRQb0q7QPKcyQ55 9FZlduYDoC3ub3fN9mOMkt05lqKTmxCfOsLQAHE3eurmEQGCn18TCL9RAO80xELN NnOnr8A65wzFTPf90n4R5yq6CxOqOFJU4c7dEKWSaOdqojZ4oZM0QEygfKbr5nnv 27obtyPrygQCDwf84RufGsmLFoyBHLQQ -----END CERTIFICATE-----Generated at Sun Jun 15 09:56:29 2025 by rpki-client