$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft File: SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft (raw, json) Hash identifier: rkC0QcIf6/sdCRfU7ah3amrZzBUkcpN+HRSRvJsy7zU= Subject key identifier: B4:B7:85:49:AC:40:0B:7A:8D:88:D1:6D:4E:21:43:31:7A:85:00:82 Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Certificate serial: 0CB4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft Manifest number: 0C73 Signing time: Sat 14 Jun 2025 18:20:07 +0000 Manifest this update: Sat 14 Jun 2025 18:20:06 +0000 Manifest next update: Sat 21 Jun 2025 18:20:06 +0000 Files and hashes: 1: SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl (hash: XhErsJv9VSbiHZfviSM90qzbGqW9pSp8HRI77R1KuzI=) 2: 0EF9BE4E276F11EEB328204AC4F9AE02.roa (hash: ySE2YBsbAXt0k1PEdiGam1s5GhhHLonIBlG28ashrzw=) 3: 451C283AFE4911ED9352E438C4F9AE02.roa (hash: 9xj2eLyG/tdesiN53tFy07gS2PXLIBFRo+Pfj6Aj7f4=) 4: D47B21C24FFE11EAA0E4ED42C4F9AE02.roa (hash: dJZrsN09jQhR1tV/MBGDtF9J2z2S5+/G8ySEaBQlIWI=) 5: 76BF7682061B11EAAD56521BC4F9AE02.roa (hash: 5k3lhIIOE5jK/yOHyIZ8i0wDdX2SrJVnqaK6Nl9SYpA=) 6: 430342A4C02B11EA85244830C4F9AE02.roa (hash: 0bKIGEsq8hLfPMAMaZjPiHvxpIZHU52fzssXfn7yiXU=) 7: E397AB78866F11EBA76EED3EC4F9AE02.roa (hash: DBPGuu5yRvDvP4FC/IjV2H3T+xTKFbXciVMjwanRb/4=) 8: E0848D606F7611EDB491621FC4F9AE02.roa (hash: /EuxmPPRYBaK5xLwAa5WDWDWOcYmzlBlj89Amjexk/E=) 9: CF257402276E11EEBE7B7B49C4F9AE02.roa (hash: DfS1XhJ0VY2l1Vl6FaTOWiiwrvVb4J6NRESIx8xEXkI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:20:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3252 (0xcb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174EB5, serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Validity Not Before: Jun 14 18:20:06 2025 GMT Not After : Jun 21 18:20:06 2025 GMT Subject: CN=684dbd57-a723 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5f:ec:43:9f:96:80:35:5e:6c:86:c7:28:c6: 27:0c:a3:d2:6c:3d:1a:91:6e:92:cb:f6:16:fe:1d: a5:8b:ec:f8:0c:dc:72:4b:ff:77:3c:bd:6d:ac:e6: 63:67:e1:79:3d:f8:68:10:07:3e:9d:d7:b4:20:d3: fc:64:48:ea:ed:5b:99:f0:29:03:d0:8c:f7:a0:12: eb:c5:30:aa:ce:22:b7:a3:42:62:a4:c2:51:2b:1f: c8:67:66:23:4c:87:a2:4e:ff:f0:1e:e4:00:6d:af: 58:47:89:cf:f1:90:2f:cd:88:37:01:8f:55:df:18: b7:5c:40:cc:6a:b8:43:4b:de:7d:19:59:a4:39:e3: a0:c7:46:3d:1c:5d:43:53:e1:da:9b:1a:d6:df:3d: 65:f5:f2:37:3c:c2:73:08:cf:df:df:65:10:a9:b1: e9:fe:db:9d:2f:53:af:cb:7e:06:e2:86:24:f3:ef: 68:f2:d6:4c:e4:a1:57:30:68:03:21:81:22:0a:98: 6b:c6:45:f0:b7:b9:e3:06:c0:cb:43:ff:0d:38:b2: ae:4f:33:5d:a5:f5:1b:17:04:be:26:2e:53:1c:b1: d1:fa:fa:ae:2e:af:d1:75:68:93:2f:22:e0:68:09: f7:8f:58:b9:ad:50:a4:d7:60:0c:07:20:49:4e:ec: 91:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:B7:85:49:AC:40:0B:7A:8D:88:D1:6D:4E:21:43:31:7A:85:00:82 X509v3 Authority Key Identifier: keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:9a:d8:13:6f:50:75:73:7d:5f:11:80:17:bc:cc:dc:eb:86: 01:74:02:56:03:db:6b:48:cd:f5:92:f5:28:e4:ad:c7:41:c9: 27:c8:92:2a:b7:7f:44:86:a1:8c:b3:72:a2:44:12:f6:b1:a3: a0:be:a0:c0:a5:9d:68:91:b4:a0:ee:23:54:19:b1:f4:ba:9c: 63:66:d2:6a:44:39:c6:d9:95:70:e1:73:e7:2c:32:8e:6a:b6: 7b:bf:1a:39:a7:cf:55:c6:8a:ab:dd:0f:a7:27:b4:36:63:19: 6d:e2:d1:b0:a8:30:76:86:d9:61:5d:f3:0f:fd:eb:a5:e2:8f: 69:92:a1:a0:9f:07:ed:7d:75:5b:6e:13:ed:86:23:97:fc:a8: 66:f2:c4:99:e5:e6:86:6e:ed:56:d1:6b:8e:e7:b3:5a:ba:e1: dc:0b:b6:37:53:00:ed:9d:5a:71:98:53:ef:e5:4e:8c:bb:2f: 91:c6:53:63:f4:e9:d6:a3:a8:e5:59:4f:f9:a9:b7:99:28:88: 34:a2:7d:17:55:53:1b:96:21:ae:0a:0f:6e:2b:98:f3:a2:61: 15:3d:83:1e:c4:27:af:1a:6b:37:94:ab:7c:9b:50:f9:11:27: 2e:fd:76:e4:2c:6b:a7:a5:a8:13:27:33:92:7f:9f:62:a0:8b: 55:f5:ce:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My MEVEMUE4QzQwHhcNMjUwNjE0MTgyMDA2WhcNMjUwNjIxMTgyMDA2WjAYMRYwFAYD VQQDEw02ODRkYmQ1Ny1hNzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxF/sQ5+WgDVebIbHKMYnDKPSbD0akW6Sy/YW/h2li+z4DNxyS/93PL1trOZj Z+F5PfhoEAc+nde0INP8ZEjq7VuZ8CkD0Iz3oBLrxTCqziK3o0JipMJRKx/IZ2Yj TIeiTv/wHuQAba9YR4nP8ZAvzYg3AY9V3xi3XEDMarhDS959GVmkOeOgx0Y9HF1D U+HamxrW3z1l9fI3PMJzCM/f32UQqbHp/tudL1Ovy34G4oYk8+9o8tZM5KFXMGgD IYEiCphrxkXwt7njBsDLQ/8NOLKuTzNdpfUbFwS+Ji5THLHR+vquLq/RdWiTLyLg aAn3j1i5rVCk12AMByBJTuyRiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLS3hUms QAt6jYjRbU4hQzF6hQCCMB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2 MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NEVCNS9BRkVBMjlDMjA2MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1w SWJobVpPTUx4WHdnN1JxTVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChmtgTb1B1c31fEYAXvMzc64YBdAJWA9trSM31kvUo5K3HQcknyJIq t39EhqGMs3KiRBL2saOgvqDApZ1okbSg7iNUGbH0upxjZtJqRDnG2ZVw4XPnLDKO arZ7vxo5p89Vxoqr3Q+nJ7Q2Yxlt4tGwqDB2htlhXfMP/eul4o9pkqGgnwftfXVb bhPthiOX/Khm8sSZ5eaGbu1W0WuO57NauuHcC7Y3UwDtnVpxmFPv5U6Muy+RxlNj 9OnWo6jlWU/5qbeZKIg0on0XVVMbliGuCg9uK5jzomEVPYMexCevGms3lKt8m1D5 EScu/XbkLGunpagTJzOSf59ioItV9c5g -----END CERTIFICATE-----Generated at Sun Jun 15 08:08:39 2025 by rpki-client