$ rpki-client -vvf rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.mft File: fnLYAbOKcqtLA3bhLJVBJKrkPG0.mft (raw, json) Hash identifier: x0IgKKQXCtMD6ApcweRa5MdmbdhRp335Z28x8xwbwpw= Subject key identifier: D6:51:59:46:87:32:83:B5:1C:97:13:2D:F5:07:1A:85:48:30:FD:A7 Authority key identifier: 7E:72:D8:01:B3:8A:72:AB:4B:03:76:E1:2C:95:41:24:AA:E4:3C:6D Certificate issuer: /CN=A918753F/serialNumber=7E72D801B38A72AB4B0376E12C954124AAE43C6D Certificate serial: 08AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fnLYAbOKcqtLA3bhLJVBJKrkPG0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.mft Manifest number: 08A4 Signing time: Sat 14 Jun 2025 20:20:50 +0000 Manifest this update: Sat 14 Jun 2025 20:20:49 +0000 Manifest next update: Sat 21 Jun 2025 20:20:49 +0000 Files and hashes: 1: fnLYAbOKcqtLA3bhLJVBJKrkPG0.crl (hash: 3HnuLw/Ya/Hnk5JXZ1yIMutHOzU1iYWh3+ead+XzTLk=) 2: 10A6E062B70A11EDB851464EC4F9AE02.roa (hash: FH1SU9GKJvbucv0gXmHk6Vc7dPieI2aucBrxBlxHAdE=) 3: 38B92F54E17D11EDBCAFC081C4F9AE02.roa (hash: KcabN84FuC1RCZKB2biZEnUyMb0N5RBlFWlu2grfP8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.crl rsync://rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fnLYAbOKcqtLA3bhLJVBJKrkPG0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 20:20:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2223 (0x8af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918753F, serialNumber=7E72D801B38A72AB4B0376E12C954124AAE43C6D Validity Not Before: Jun 14 20:20:49 2025 GMT Not After : Jun 21 20:20:49 2025 GMT Subject: CN=684dd9a1-9b2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:de:2f:0b:74:89:18:97:3e:d6:c4:79:dc:b4: f6:25:c5:3e:93:a4:40:fa:75:81:be:76:4b:51:17: cf:ab:1a:f8:dc:79:d6:bc:29:26:66:a8:bb:b7:e5: f9:68:dc:a1:77:7b:f8:5f:26:a9:20:fd:5d:12:c0: f6:ff:60:41:40:06:bb:73:b3:b8:8b:20:fa:c2:d9: 92:23:e2:b9:8a:d9:bd:14:26:95:73:7e:1b:96:86: a4:c9:12:27:b5:cb:a0:d1:8e:25:02:1d:21:50:21: 76:8d:70:f1:f0:ba:e4:8f:a5:d2:0a:e3:2f:ac:50: 94:7e:ed:a1:5e:4c:81:03:f9:eb:ab:08:b2:f9:39: 73:c5:1f:cc:99:5e:0b:0e:75:2e:58:ca:74:d0:76: 24:b8:ca:55:be:52:c1:1f:fa:b7:29:49:77:51:df: 60:25:a4:7e:5a:19:36:58:70:bd:37:13:0e:48:0a: c7:b9:92:b0:90:0f:78:65:77:b7:90:38:3a:ea:96: 2e:45:e3:85:f2:17:18:bd:f7:e9:a6:d8:68:3b:7b: 61:af:5b:65:72:ae:c4:67:5d:d9:f6:9f:4a:7a:9c: 75:6c:0e:0c:f1:66:0a:08:24:31:ef:b1:8f:e7:f4: b7:88:b2:f7:75:0f:3f:95:5b:60:df:51:cc:a3:b8: 95:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:51:59:46:87:32:83:B5:1C:97:13:2D:F5:07:1A:85:48:30:FD:A7 X509v3 Authority Key Identifier: keyid:7E:72:D8:01:B3:8A:72:AB:4B:03:76:E1:2C:95:41:24:AA:E4:3C:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fnLYAbOKcqtLA3bhLJVBJKrkPG0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918753F/BDA57FFEBC1611EA9F2B7412C4F9AE02/fnLYAbOKcqtLA3bhLJVBJKrkPG0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:5c:e9:90:d7:db:44:3d:c6:88:d8:80:51:00:7c:63:3f:d0: 97:20:f0:2f:6c:3f:67:ab:5e:99:06:62:81:76:92:7b:b2:01: a4:c3:70:f3:c2:66:c4:e5:da:66:de:7c:0c:b0:7c:56:c9:0f: 33:f3:a7:d5:dd:99:2c:cc:20:ac:34:4f:8c:0f:6a:42:63:52: 84:2a:d1:54:a5:47:65:b6:64:6e:be:b4:29:98:04:ad:01:b6: ea:c7:86:2f:ba:9f:33:dc:9f:58:2b:fe:21:23:d5:5a:de:3e: 29:1c:05:9a:69:84:6f:04:e6:76:4c:ae:f8:0b:71:30:66:a1: 82:43:2a:10:37:65:ad:af:a6:cb:5c:3e:f4:92:c0:91:33:16: 56:53:cf:cc:5a:42:35:0f:5e:b6:58:71:d6:e5:43:04:1c:4a: 6a:e7:5b:bc:c6:83:2a:51:69:f3:90:00:a2:f9:ba:ab:ab:28: 2f:7d:0f:7d:38:60:1b:04:01:7c:d2:aa:ec:90:f6:98:ff:b1: d5:e8:03:c0:d7:e9:f2:95:4c:9e:98:75:2e:f2:64:3d:8a:fa: fa:b4:eb:0f:9b:f4:17:f8:ee:7a:e4:0b:73:28:aa:91:e9:05: e6:90:af:ea:67:57:ee:0d:0c:44:1d:10:e1:9a:b6:03:69:ae: 2c:a2:72:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODc1M0YxMTAvBgNVBAUTKDdFNzJEODAxQjM4QTcyQUI0QjAzNzZFMTJDOTU0MTI0 QUFFNDNDNkQwHhcNMjUwNjE0MjAyMDQ5WhcNMjUwNjIxMjAyMDQ5WjAYMRYwFAYD VQQDEw02ODRkZDlhMS05YjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuN4vC3SJGJc+1sR53LT2JcU+k6RA+nWBvnZLURfPqxr43HnWvCkmZqi7t+X5 aNyhd3v4XyapIP1dEsD2/2BBQAa7c7O4iyD6wtmSI+K5itm9FCaVc34bloakyRIn tcug0Y4lAh0hUCF2jXDx8Lrkj6XSCuMvrFCUfu2hXkyBA/nrqwiy+TlzxR/MmV4L DnUuWMp00HYkuMpVvlLBH/q3KUl3Ud9gJaR+Whk2WHC9NxMOSArHuZKwkA94ZXe3 kDg66pYuReOF8hcYvffppthoO3thr1tlcq7EZ13Z9p9Kepx1bA4M8WYKCCQx77GP 5/S3iLL3dQ8/lVtg31HMo7iVwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNZRWUaH MoO1HJcTLfUHGoVIMP2nMB8GA1UdIwQYMBaAFH5y2AGzinKrSwN24SyVQSSq5Dxt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzUzRi9CREE1N0ZGRUJD MTYxMUVBOUYyQjc0MTJDNEY5QUUwMi9mbkxZQWJPS2NxdExBM2JoTEpWQkpLcmtQ RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZuTFlBYk9LY3F0TEEzYmhMSlZCSktya1BHMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NzUzRi9CREE1N0ZGRUJDMTYxMUVBOUYyQjc0MTJDNEY5QUUwMi9mbkxZQWJPS2Nx dExBM2JoTEpWQkpLcmtQRzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANXOmQ19tEPcaI2IBRAHxjP9CXIPAvbD9nq16ZBmKBdpJ7sgGkw3Dz wmbE5dpm3nwMsHxWyQ8z86fV3ZkszCCsNE+MD2pCY1KEKtFUpUdltmRuvrQpmASt Abbqx4Yvup8z3J9YK/4hI9Va3j4pHAWaaYRvBOZ2TK74C3EwZqGCQyoQN2Wtr6bL XD70ksCRMxZWU8/MWkI1D162WHHW5UMEHEpq51u8xoMqUWnzkACi+bqrqygvfQ99 OGAbBAF80qrskPaY/7HV6APA1+nylUyemHUu8mQ9ivr6tOsPm/QX+O565AtzKKqR 6QXmkK/qZ1fuDQxEHRDhmrYDaa4sonK1 -----END CERTIFICATE-----Generated at Sun Jun 15 09:47:49 2025 by rpki-client