$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft File: 2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json) Hash identifier: JPL0qFVcKHM8Msf5OIEXM7A3HkB4DpEmEjY+cgc9p98= Subject key identifier: 5F:16:21:AD:5D:75:57:10:D8:83:FB:4E:89:20:52:5B:9E:91:84:7C Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A Certificate issuer: /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Certificate serial: 0685 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft Manifest number: 07B3 Signing time: Mon 16 Jun 2025 20:43:34 +0000 Manifest this update: Mon 16 Jun 2025 20:43:33 +0000 Manifest next update: Mon 23 Jun 2025 20:43:33 +0000 Files and hashes: 1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: dT3yVFCwywKsmoWxAIuvtA0AFB1l5at+GW8tCS6er6k=) 2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 20:43:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1669 (0x685) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Validity Not Before: Jun 16 20:43:33 2025 GMT Not After : Jun 23 20:43:33 2025 GMT Subject: CN=685081f6-9869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e6:36:7f:a5:41:4c:2e:d4:d4:67:0d:5e:6d: 8e:c6:19:50:89:8e:cd:88:61:87:3d:63:7f:77:84: 1a:f4:6a:0f:e6:62:42:f3:e5:2d:be:3e:b1:9f:0e: 0c:5f:fd:7c:3a:c2:17:88:81:77:56:1d:2f:94:c4: 18:a6:d8:b4:2c:9b:82:00:09:91:3e:92:09:d6:38: 11:8f:dc:2e:0e:e4:50:d0:6d:4d:fe:36:26:7c:50: da:92:db:3d:7e:6a:01:9f:84:f8:48:13:30:3e:a4: ab:6e:f2:c2:d4:e1:01:c4:cb:0b:a2:83:03:39:6b: de:42:f8:d2:56:75:26:b3:87:52:c1:a3:fc:da:91: c1:22:36:c3:5f:b1:e8:8d:57:41:70:3c:e1:76:d7: 99:1b:de:54:8b:47:1b:05:9e:56:63:62:52:70:02: a3:65:30:68:38:ac:ca:ce:e2:4e:92:39:cf:dd:24: 90:22:43:b3:e6:18:b6:29:b8:6f:05:a5:08:fe:7f: cd:ed:d0:67:24:82:fb:79:92:29:17:38:05:df:05: 60:1e:c0:5f:21:3a:3d:13:46:33:39:31:88:f1:ba: 44:8c:14:54:12:a7:80:07:e0:4a:34:d7:4d:e5:c5: 92:04:37:69:2f:df:fb:69:eb:31:6c:67:4b:c7:ec: 0d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:16:21:AD:5D:75:57:10:D8:83:FB:4E:89:20:52:5B:9E:91:84:7C X509v3 Authority Key Identifier: keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:e4:a1:e4:c9:8c:51:27:c4:50:5d:94:14:17:23:c8:49:62: fa:0c:ad:62:8a:19:be:55:af:f2:61:f4:5a:0f:18:36:37:09: 2e:db:a7:58:a0:5f:55:33:1e:36:e8:bd:6b:85:ab:02:42:7e: 0d:f6:79:27:00:6a:ec:3f:12:32:78:16:af:46:8e:a8:ab:9c: 54:3b:62:54:fc:96:de:76:ed:69:d6:80:f6:d1:b1:5a:d6:b5: 70:c6:33:75:4d:a1:e1:c2:36:b0:25:e4:0c:ff:12:0d:14:11: 6f:38:19:1d:0f:bd:bb:84:e6:77:d7:c3:10:07:36:04:3f:45: bd:95:fb:db:f4:a5:da:f6:0d:6e:66:11:92:d7:45:7f:15:0d: d3:e3:96:1c:56:da:cc:02:d2:e2:64:4f:cd:74:61:cc:bd:43: c2:dc:cf:6a:77:f8:a4:30:ce:4b:49:2e:0d:0e:24:a2:f2:5c: f7:ed:45:f6:e4:52:f4:e3:72:f4:7a:be:55:41:bb:37:29:a6: cd:5d:dc:43:07:6c:14:1b:ca:dc:d3:32:2f:ce:2b:b6:6b:d3: da:2b:95:72:90:d4:d1:08:74:0b:58:10:80:0e:48:a1:2f:08: 3b:97:c0:4a:ce:ad:78:57:15:62:38:ff:0f:48:90:3a:a1:40: 35:4a:18:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF NTIyMzdFOEEwHhcNMjUwNjE2MjA0MzMzWhcNMjUwNjIzMjA0MzMzWjAYMRYwFAYD VQQDEw02ODUwODFmNi05ODY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4OY2f6VBTC7U1GcNXm2OxhlQiY7NiGGHPWN/d4Qa9GoP5mJC8+Utvj6xnw4M X/18OsIXiIF3Vh0vlMQYpti0LJuCAAmRPpIJ1jgRj9wuDuRQ0G1N/jYmfFDakts9 fmoBn4T4SBMwPqSrbvLC1OEBxMsLooMDOWveQvjSVnUms4dSwaP82pHBIjbDX7Ho jVdBcDzhdteZG95Ui0cbBZ5WY2JScAKjZTBoOKzKzuJOkjnP3SSQIkOz5hi2Kbhv BaUI/n/N7dBnJIL7eZIpFzgF3wVgHsBfITo9E0YzOTGI8bpEjBRUEqeAB+BKNNdN 5cWSBDdpL9/7aesxbGdLx+wNVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF8WIa1d dVcQ2IP7TokgUluekYR8MB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4 NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBA5KHkyYxRJ8RQXZQUFyPISWL6DK1iihm+Va/yYfRaDxg2Nwku26dY oF9VMx426L1rhasCQn4N9nknAGrsPxIyeBavRo6oq5xUO2JU/Jbedu1p1oD20bFa 1rVwxjN1TaHhwjawJeQM/xINFBFvOBkdD727hOZ318MQBzYEP0W9lfvb9KXa9g1u ZhGS10V/FQ3T45YcVtrMAtLiZE/NdGHMvUPC3M9qd/ikMM5LSS4NDiSi8lz37UX2 5FL043L0er5VQbs3KabNXdxDB2wUG8rc0zIvziu2a9PaK5VykNTRCHQLWBCADkih Lwg7l8BKzq14VxViOP8PSJA6oUA1Shia -----END CERTIFICATE-----Generated at Wed Jun 18 13:56:10 2025 by rpki-client