$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: 5KMMtwrZGv/AHWFxpspbp1paKbCFY3vuUIKTGvHbfy8= Subject key identifier: 49:E6:46:14:CF:A6:17:B1:B6:2B:60:74:E7:DB:55:56:46:1E:81:B4 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 012E Signing time: Fri 13 Jun 2025 03:34:26 +0000 Manifest this update: Fri 13 Jun 2025 03:34:25 +0000 Manifest next update: Fri 20 Jun 2025 03:34:25 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: Hq7D2p1XfR416xpCVTanes6GSqSg9DrNco+w8ULkDnI=) 2: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: s0CFqQaJE4zfLQbz4CeHwWhJkg8L6CDsaxGgDdisTeI=) 3: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: tQp/nzqfCovKInVuREO99dY4qu3efR3x/X9HpDvqlY0=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: Dsh7pIT1SQfv6ivkNmsm2ZCHRytBDFAmEgjeRNzC7do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 03:34:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: Jun 13 03:34:25 2025 GMT Not After : Jun 20 03:34:25 2025 GMT Subject: CN=684b9c42-5884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1d:71:88:87:84:e3:fb:1d:77:28:c4:93:ed: 0c:ee:16:58:c1:e9:fe:7f:3c:f5:60:9e:1e:0d:c9: ee:ab:b5:fa:1f:c1:0a:a3:c3:24:43:b3:8b:aa:2c: f5:43:a2:65:a9:61:7f:4d:38:5a:78:3a:e8:f6:cf: 66:77:9c:a9:da:66:26:0f:a8:9d:53:01:71:8e:f2: 36:1c:0d:b8:d7:02:f9:92:04:54:7c:d9:c4:9c:33: 18:d7:82:9f:3d:41:69:3c:fa:1e:77:16:08:fe:c7: 25:a0:69:31:8a:d2:48:53:91:18:4a:64:f1:99:13: 3c:69:d2:c7:84:56:0f:01:da:fa:2c:8e:fd:0b:1f: 5b:1c:c5:06:fd:cd:26:b8:65:5a:42:14:8a:9e:33: d4:6c:d3:79:5f:0e:b4:ae:04:ba:02:c3:c5:62:06: e9:68:ee:19:b3:85:50:d5:4d:62:2f:fb:cc:ca:02: 4c:a4:f0:cc:80:6e:4a:52:3e:9c:04:50:f1:fa:0d: 70:3e:ec:31:dc:0c:c4:7c:2a:3d:0d:40:b3:39:2f: 93:a3:c8:1f:89:9a:87:f4:d1:1d:a5:08:17:18:7b: ae:91:a3:c6:8a:fa:9b:3d:89:42:db:e6:e5:80:1d: 7d:d7:51:26:fb:8e:1e:22:98:95:ca:49:27:fe:6b: 37:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:E6:46:14:CF:A6:17:B1:B6:2B:60:74:E7:DB:55:56:46:1E:81:B4 X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:02:60:5a:1a:d0:bd:14:6e:5c:8b:84:7c:db:5a:2b:b5:ab: b9:89:6a:00:1e:86:7b:06:bb:ca:4b:9c:bf:22:a6:30:5c:f9: 7b:cd:16:3c:39:0f:97:56:97:53:fc:51:f2:6f:08:03:cf:3a: c5:6b:9c:ab:55:02:e0:58:39:01:5f:af:ca:84:61:16:16:ce: 37:d8:10:10:1a:bd:0c:e5:01:a3:31:85:a2:68:bc:7a:77:d0: ea:02:84:2b:c5:54:56:fa:8f:fa:a9:cc:4b:af:a0:38:84:04: e0:3c:be:41:14:9f:86:82:7e:b4:09:b0:26:94:78:89:c8:a9: 87:92:43:2f:9f:bf:c2:a8:a8:31:73:01:41:0c:18:5b:f3:e4: 9e:af:1c:df:41:3e:d2:6c:40:2a:4b:95:19:02:1e:13:96:65: 9c:54:9f:59:e0:2d:2d:2b:5a:f8:d6:07:d0:60:48:a7:ab:12: e2:ca:bc:d3:eb:7c:96:18:e6:8d:b3:e5:ce:3c:5c:ec:7a:8c: 82:7a:d1:0c:0d:df:5a:0a:5a:98:0a:88:ad:cd:a2:5e:3d:16: 33:2f:e6:2e:69:45:48:ea:26:a6:3e:fe:73:70:41:9c:10:a7: be:61:e2:d9:20:b6:a9:38:57:d0:6b:d9:32:fb:52:49:a3:ea: f5:97:82:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUwNjEzMDMzNDI1WhcNMjUwNjIwMDMzNDI1WjAYMRYwFAYD VQQDEw02ODRiOWM0Mi01ODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvx1xiIeE4/sddyjEk+0M7hZYwen+fzz1YJ4eDcnuq7X6H8EKo8MkQ7OLqiz1 Q6JlqWF/TThaeDro9s9md5yp2mYmD6idUwFxjvI2HA241wL5kgRUfNnEnDMY14Kf PUFpPPoedxYI/scloGkxitJIU5EYSmTxmRM8adLHhFYPAdr6LI79Cx9bHMUG/c0m uGVaQhSKnjPUbNN5Xw60rgS6AsPFYgbpaO4Zs4VQ1U1iL/vMygJMpPDMgG5KUj6c BFDx+g1wPuwx3AzEfCo9DUCzOS+To8gfiZqH9NEdpQgXGHuukaPGivqbPYlC2+bl gB1911Em+44eIpiVykkn/ms3MQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEnmRhTP phextitgdOfbVVZGHoG0MB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARAmBaGtC9FG5ci4R821ortau5iWoAHoZ7BrvKS5y/IqYwXPl7zRY8 OQ+XVpdT/FHybwgDzzrFa5yrVQLgWDkBX6/KhGEWFs432BAQGr0M5QGjMYWiaLx6 d9DqAoQrxVRW+o/6qcxLr6A4hATgPL5BFJ+Ggn60CbAmlHiJyKmHkkMvn7/CqKgx cwFBDBhb8+SerxzfQT7SbEAqS5UZAh4TlmWcVJ9Z4C0tK1r41gfQYEinqxLiyrzT 63yWGOaNs+XOPFzseoyCetEMDd9aClqYCoitzaJePRYzL+YuaUVI6iamPv5zcEGc EKe+YeLZILapOFfQa9ky+1JJo+r1l4JS -----END CERTIFICATE-----Generated at Sat Jun 14 19:35:15 2025 by rpki-client