$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft File: 1AsQwSJMYeDTGML8YAOTeOz3LQA.mft (raw, json) Hash identifier: G0xDroO+DwcS6RYiIJtNN63K2RGIFATi9/MiqTY/VWk= Subject key identifier: D2:EA:6B:67:0B:46:C3:2A:EA:0D:F6:BB:B7:6C:97:11:14:D1:CC:1B Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0ADE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft Manifest number: 0AD6 Signing time: Sun 22 Jun 2025 19:07:44 +0000 Manifest this update: Sun 22 Jun 2025 19:07:43 +0000 Manifest next update: Sun 29 Jun 2025 19:07:43 +0000 Files and hashes: 1: 1AsQwSJMYeDTGML8YAOTeOz3LQA.crl (hash: 8PsyvSDkk3Irf6Ctbgt+ZqCwQ2GPMssNMo1zj41ffTs=) 2: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (hash: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Jun 2025 18:17:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2782 (0xade) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: Jun 22 19:07:43 2025 GMT Not After : Jun 29 19:07:43 2025 GMT Subject: CN=68585480-8f1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ea:e6:8c:4d:b9:cf:59:ca:fd:09:79:9b:ef: df:71:30:fe:8b:bf:87:52:58:b0:ee:22:09:cf:5a: f3:be:3a:8a:4a:3e:b1:cd:64:c3:64:4f:cd:ed:66: 3c:68:fe:c2:7e:0f:c8:11:77:3e:6c:89:10:21:ce: 78:6a:cb:68:ff:e5:38:3c:8b:9a:ee:80:99:99:26: a3:69:d5:84:22:8e:b6:da:30:aa:75:61:c2:28:7e: f0:6f:8e:d9:58:7d:dc:da:46:32:92:e6:93:ec:a4: 9d:02:1d:bf:6b:48:e7:f6:a2:99:6a:8d:9e:ff:bc: 43:65:7c:0b:5d:8b:2e:31:8e:03:76:5b:43:61:de: 20:17:f2:a2:91:48:1e:6e:7c:3d:70:e2:aa:f2:6c: 46:8a:75:95:58:42:f6:06:e1:55:52:ce:d3:8f:94: 4d:75:c1:40:ff:a2:50:1f:aa:04:7a:e7:69:fe:b0: 6a:0d:e1:d7:46:7b:3d:4c:fe:8f:57:59:e8:b9:5c: 38:e5:1a:df:db:44:3a:c9:3c:e2:74:7f:62:50:d4: cb:bb:e0:00:a5:4e:37:88:cf:a0:df:7c:85:71:39: c6:09:11:43:f4:e4:56:a7:55:1c:a4:b9:5a:32:e3: bc:fe:25:dc:ea:7e:a3:2c:93:8f:a1:08:e0:a3:b2: c6:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EA:6B:67:0B:46:C3:2A:EA:0D:F6:BB:B7:6C:97:11:14:D1:CC:1B X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:13:72:07:19:72:de:05:9b:4e:04:9d:a4:3b:fc:11:de:ff: 03:c1:7f:55:19:10:82:df:19:0d:be:a1:f3:fa:46:86:ce:02: 16:d4:6a:20:be:fc:ad:94:7d:b1:0c:5d:11:b2:26:48:4c:d7: 3b:9d:69:1d:ab:ee:33:9c:b0:c5:b3:a3:d5:6f:86:b3:bd:5f: 42:77:21:76:6b:e6:e5:3b:bb:d3:3a:f0:4a:fd:33:10:91:73: b6:5e:07:b0:a1:05:3e:6b:94:10:f2:49:8a:89:80:4c:e6:7a: 33:ab:96:b9:a9:c0:24:5d:83:37:b2:0b:03:8e:6e:a5:6c:b7: 44:a4:40:95:ae:bf:87:45:cb:53:36:d9:50:27:a6:81:bb:7b: 5f:f0:9d:0c:8c:2e:94:ed:42:05:0b:fc:d6:ea:ea:ca:72:b1: 3a:1d:b9:38:3e:4e:12:19:ee:2a:36:cd:e4:10:c3:4f:cd:22: 6c:32:96:80:21:fc:29:80:fc:65:9e:ff:9c:7e:1e:5e:b1:3b: 22:ae:ea:dd:e4:0d:b7:7c:90:72:03:f6:32:ef:2b:5a:a3:33: ec:42:46:c3:ca:1a:ef:7b:e2:4f:dd:b8:b4:5e:da:18:78:fd: 7b:4d:27:8e:c2:4e:4f:5c:c9:24:8d:7e:cf:38:98:a7:c7:07: b4:be:f2:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCt4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUwNjIyMTkwNzQzWhcNMjUwNjI5MTkwNzQzWjAYMRYwFAYD VQQDEw02ODU4NTQ4MC04ZjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuermjE25z1nK/Ql5m+/fcTD+i7+HUliw7iIJz1rzvjqKSj6xzWTDZE/N7WY8 aP7Cfg/IEXc+bIkQIc54asto/+U4PIua7oCZmSajadWEIo622jCqdWHCKH7wb47Z WH3c2kYykuaT7KSdAh2/a0jn9qKZao2e/7xDZXwLXYsuMY4DdltDYd4gF/KikUge bnw9cOKq8mxGinWVWEL2BuFVUs7Tj5RNdcFA/6JQH6oEeudp/rBqDeHXRns9TP6P V1nouVw45Rrf20Q6yTzidH9iUNTLu+AApU43iM+g33yFcTnGCRFD9ORWp1UcpLla MuO8/iXc6n6jLJOPoQjgo7LGzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNLqa2cL RsMq6g32u7dslxEU0cwbMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0MyMC84NjU3MUMxMDRFQTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVll RFRHTUw4WUFPVGVPejNMUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTE3IHGXLeBZtOBJ2kO/wR3v8DwX9VGRCC3xkNvqHz+kaGzgIW1Gog vvytlH2xDF0RsiZITNc7nWkdq+4znLDFs6PVb4azvV9CdyF2a+blO7vTOvBK/TMQ kXO2XgewoQU+a5QQ8kmKiYBM5nozq5a5qcAkXYM3sgsDjm6lbLdEpECVrr+HRctT NtlQJ6aBu3tf8J0MjC6U7UIFC/zW6urKcrE6Hbk4Pk4SGe4qNs3kEMNPzSJsMpaA IfwpgPxlnv+cfh5esTsirurd5A23fJByA/Yy7ytaozPsQkbDyhrve+JP3bi0XtoY eP17TSeOwk5PXMkkjX7POJinxwe0vvJL -----END CERTIFICATE-----Generated at Mon Jun 23 01:53:18 2025 by rpki-client