$ rpki-client -vvf rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft File: PS2TrIsQhlgX2adMyBoDDX010HQ.mft (raw, json) Hash identifier: BTFQ2XL/6yb/a2xzck/3Z9ORTxHui5we6h13kknCSQU= Subject key identifier: 64:3E:01:07:17:15:6D:5A:E0:51:1C:8F:4C:BA:C0:62:2B:FC:99:5A Authority key identifier: 3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74 Certificate issuer: /CN=A9196D9E/serialNumber=3D2D93AC8B10865817D9A74CC81A030D7D35D074 Certificate serial: 012D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft Manifest number: 012C Signing time: Tue 17 Jun 2025 03:36:33 +0000 Manifest this update: Tue 17 Jun 2025 03:36:32 +0000 Manifest next update: Tue 24 Jun 2025 03:36:32 +0000 Files and hashes: 1: PS2TrIsQhlgX2adMyBoDDX010HQ.crl (hash: 1tIrQe2X6ru9yI9aZP5u/6Iqv+UpFSnRjd+02O3OkZE=) 2: C8BDA37CF68A11EFB7F91E24C4F9AE02.roa (hash: aRDWwCB81f6X4Sbu5aqqdwftigSG3lRUiRjjd/98tJw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.crl rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 03:36:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 301 (0x12d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196D9E, serialNumber=3D2D93AC8B10865817D9A74CC81A030D7D35D074 Validity Not Before: Jun 17 03:36:32 2025 GMT Not After : Jun 24 03:36:32 2025 GMT Subject: CN=6850e2c1-c16f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:cc:35:f1:fb:4a:0a:0b:4c:2b:1e:b2:d9:8e: 69:5a:ab:13:d4:b5:16:30:f7:df:fb:68:ce:13:3f: 44:8f:21:1d:4d:46:0b:90:07:3c:19:fe:c1:25:fb: b3:44:2f:7a:62:0f:26:38:f2:74:6f:22:17:3a:ce: 66:cb:fa:54:93:66:6e:9f:c3:de:38:ae:6c:3e:61: ff:6f:4b:70:c2:39:2f:a5:4d:a7:ba:39:5f:d7:c3: a6:9e:d6:21:59:d2:12:90:71:32:fc:17:31:eb:d2: 49:40:ad:38:52:0d:59:12:4e:4e:e3:ba:4e:7d:4d: 3d:df:04:eb:0f:37:78:e1:79:b2:ba:3c:87:81:f1: a4:20:4c:54:e4:c7:a0:29:92:02:67:04:ca:63:ff: 78:55:00:11:72:20:6c:c0:55:a5:c4:43:7f:b9:34: 0d:8f:38:75:36:15:c5:47:16:ae:35:0b:67:d6:09: 6e:83:74:52:4d:28:34:d2:11:0d:13:9a:9c:33:81: 75:18:25:97:97:bc:be:b5:fd:96:3a:d1:9d:d4:69: 2c:9f:50:ba:ed:83:80:c2:42:03:3c:14:61:09:2b: 21:9f:77:1b:bb:74:19:70:c6:58:21:69:f2:c7:3e: 65:24:86:b5:9f:e9:ae:39:1a:66:f1:df:ca:fa:47: 5a:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:3E:01:07:17:15:6D:5A:E0:51:1C:8F:4C:BA:C0:62:2B:FC:99:5A X509v3 Authority Key Identifier: keyid:3D:2D:93:AC:8B:10:86:58:17:D9:A7:4C:C8:1A:03:0D:7D:35:D0:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PS2TrIsQhlgX2adMyBoDDX010HQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196D9E/77BB984C7D6111EEB463C85AC4F9AE02/PS2TrIsQhlgX2adMyBoDDX010HQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:6f:4d:db:f5:28:f0:24:78:4f:34:62:9a:a3:5a:ac:ab:01: 05:5d:73:2f:83:52:61:6d:5b:c1:c3:b5:c8:61:3b:ea:44:9f: 06:7d:d0:04:ed:e8:ee:15:45:7e:4c:76:9b:5c:0c:d1:ec:8e: be:0f:54:59:48:30:d1:d7:74:76:51:aa:2e:2e:1e:2a:02:ac: 9a:60:28:f3:f1:aa:18:e7:59:14:27:ba:80:56:ed:bc:c6:05: f6:b1:e2:ef:03:c3:11:1d:1a:76:c0:fd:50:a2:06:7c:ae:fc: a4:10:33:45:df:ec:53:d9:c6:36:b1:e6:8b:c5:40:a0:5c:d8: 40:8e:8f:fd:06:92:8f:19:44:63:ea:95:6a:9c:1c:5b:c7:80: 50:0e:4a:4f:12:50:8e:08:88:5f:a6:79:a0:38:5c:d0:8f:e8: 19:c6:26:fb:c2:b5:4d:c3:52:a5:da:6b:70:67:c5:16:02:8c: 03:95:d6:aa:4f:9a:14:15:b0:98:c3:65:f1:0f:68:ce:0c:1f: 1e:40:a6:2a:07:31:3d:2f:0c:e1:ff:e9:bf:d0:03:de:b8:6f: 1f:c5:37:22:9d:00:b2:b3:de:49:d6:7b:ad:e5:a2:24:47:a7: 5b:9a:0c:b4:7b:23:59:ae:b5:df:e9:a3:dd:a0:75:69:c7:9c: ab:7b:55:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZEOUUxMTAvBgNVBAUTKDNEMkQ5M0FDOEIxMDg2NTgxN0Q5QTc0Q0M4MUEwMzBE N0QzNUQwNzQwHhcNMjUwNjE3MDMzNjMyWhcNMjUwNjI0MDMzNjMyWjAYMRYwFAYD VQQDEw02ODUwZTJjMS1jMTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAosw18ftKCgtMKx6y2Y5pWqsT1LUWMPff+2jOEz9EjyEdTUYLkAc8Gf7BJfuz RC96Yg8mOPJ0byIXOs5my/pUk2Zun8PeOK5sPmH/b0twwjkvpU2nujlf18OmntYh WdISkHEy/Bcx69JJQK04Ug1ZEk5O47pOfU093wTrDzd44XmyujyHgfGkIExU5Meg KZICZwTKY/94VQARciBswFWlxEN/uTQNjzh1NhXFRxauNQtn1glug3RSTSg00hEN E5qcM4F1GCWXl7y+tf2WOtGd1Gksn1C67YOAwkIDPBRhCSshn3cbu3QZcMZYIWny xz5lJIa1n+muORpm8d/K+kdaBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGQ+AQcX FW1a4FEcj0y6wGIr/JlaMB8GA1UdIwQYMBaAFD0tk6yLEIZYF9mnTMgaAw19NdB0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkQ5RS83N0JCOTg0QzdE NjExMUVFQjQ2M0M4NUFDNEY5QUUwMi9QUzJUcklzUWhsZ1gyYWRNeUJvRERYMDEw SFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BTMlRySXNRaGxnWDJhZE15Qm9ERFgwMTBIUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkQ5RS83N0JCOTg0QzdENjExMUVFQjQ2M0M4NUFDNEY5QUUwMi9QUzJUcklzUWhs Z1gyYWRNeUJvRERYMDEwSFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXb03b9SjwJHhPNGKao1qsqwEFXXMvg1JhbVvBw7XIYTvqRJ8GfdAE 7ejuFUV+THabXAzR7I6+D1RZSDDR13R2UaouLh4qAqyaYCjz8aoY51kUJ7qAVu28 xgX2seLvA8MRHRp2wP1QogZ8rvykEDNF3+xT2cY2seaLxUCgXNhAjo/9BpKPGURj 6pVqnBxbx4BQDkpPElCOCIhfpnmgOFzQj+gZxib7wrVNw1Kl2mtwZ8UWAowDldaq T5oUFbCYw2XxD2jODB8eQKYqBzE9Lwzh/+m/0APeuG8fxTcinQCys95J1nut5aIk R6dbmgy0eyNZrrXf6aPdoHVpx5yre1VI -----END CERTIFICATE-----Generated at Tue Jun 17 13:58:24 2025 by rpki-client