$ rpki-client -vvf rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft File: 28IYSbtMFwTSMZPEG3DGaxqWVi8.mft (raw, json) Hash identifier: ezght/wusRXe1vPhpUVSKfetoMs7AD6xDjw7GxgD9eo= Subject key identifier: 07:80:09:71:3E:77:C6:A2:E5:9F:68:60:65:C1:3D:05:B8:C8:73:0C Authority key identifier: DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F Certificate issuer: /CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Certificate serial: 1545 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft Manifest number: 153B Signing time: Mon 16 Jun 2025 16:50:44 +0000 Manifest this update: Mon 16 Jun 2025 16:50:43 +0000 Manifest next update: Mon 23 Jun 2025 16:50:43 +0000 Files and hashes: 1: 28IYSbtMFwTSMZPEG3DGaxqWVi8.crl (hash: 6qrU8kTCKjE1MpC/O+NXNuRYdZ6X2viMHkDO0DPJht8=) 2: C355C10243E611E8843B4E66C4F9AE02.roa (hash: 5VbFHuIW6aaxrhGlGBpgNLnc8AtIEGwJvLioejJi97Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 16:50:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5445 (0x1545) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C233, serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Validity Not Before: Jun 16 16:50:43 2025 GMT Not After : Jun 23 16:50:43 2025 GMT Subject: CN=68504b63-c97a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2f:0e:5a:4c:7a:08:30:cf:4e:00:b9:b6:72: 88:65:2d:25:99:50:e6:82:d3:ff:bb:23:df:47:8a: 56:71:de:b9:d6:88:1e:28:ca:83:0a:e4:f9:e3:a7: 55:aa:ee:8a:db:20:9b:88:15:7a:b5:8a:57:47:c5: a4:59:a8:e1:01:f5:14:6c:a5:bc:41:51:c6:16:75: fa:db:0f:1b:b5:9e:9c:47:1d:04:ef:14:b5:d2:e3: 1a:a8:af:b9:bc:35:0d:ce:dd:19:fd:e0:77:b3:f1: f9:f4:e5:4e:bb:15:a9:67:1d:df:ad:71:d2:38:71: 88:0a:00:21:9b:da:49:25:82:5d:0c:d4:bb:08:05: b7:0c:2d:e8:3c:63:5e:83:95:ed:34:eb:3b:39:13: 87:43:54:94:36:f2:6d:1f:24:ba:7c:de:21:d6:b2: 5d:ef:4b:1d:d9:9f:0e:d5:05:c7:b6:b3:ac:48:f1: a5:5f:f2:1f:a2:42:f3:46:11:ef:37:98:6e:64:48: b6:8a:97:bf:c8:99:dd:23:d1:4a:44:f3:ee:86:24: ea:6f:fb:5b:d7:23:ee:5a:12:b3:08:13:ec:55:9d: a6:2d:38:49:e0:f1:18:e8:d7:68:20:36:3c:b2:6e: 7c:af:5c:c2:0a:3d:17:35:77:40:dc:57:45:b8:94: 02:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:80:09:71:3E:77:C6:A2:E5:9F:68:60:65:C1:3D:05:B8:C8:73:0C X509v3 Authority Key Identifier: keyid:DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:3e:b3:8c:d5:79:37:d0:4f:f4:90:33:61:f4:c0:3b:51:da: a2:ad:bd:fe:74:1c:23:58:15:e1:2a:f3:09:04:17:a9:d2:81: e3:67:38:28:b6:2a:21:05:40:6f:6d:9d:a9:a8:ad:68:2e:c8: c6:4e:10:e0:3e:45:da:88:69:75:6c:12:b4:63:79:9a:33:b2: 05:ff:27:f6:04:50:95:c1:51:aa:0b:19:f2:eb:15:44:57:b7: 54:92:aa:93:3c:e7:c4:1b:1f:5a:0e:50:d5:66:9d:0b:2b:a6: 6d:2b:65:67:3e:01:5d:45:dc:88:01:7f:99:a7:23:cc:e9:5c: 33:97:df:54:08:5a:c5:38:13:7c:f3:a0:56:43:ae:ca:b0:88: d4:47:f9:e3:bc:68:56:5b:ab:34:8c:3e:f4:34:db:97:9a:f8: 40:97:10:14:2d:d4:c5:c4:f0:2f:46:6b:13:94:f9:74:a2:29: 0d:41:f5:73:7f:cc:d7:9c:b7:61:d1:d9:4e:49:e7:a4:be:35: e3:18:60:42:3f:88:52:6b:52:cc:2d:e7:30:6f:b2:97:1b:c3: 69:21:20:c3:0b:b6:08:77:90:ce:7e:9c:1c:d8:5b:8b:06:d2: 36:65:58:3b:b0:9a:a8:ce:60:f2:d0:4d:26:9c:81:40:d1:44: 91:00:9b:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMyMzMxMTAvBgNVBAUTKERCQzIxODQ5QkI0QzE3MDREMjMxOTNDNDFCNzBDNjZC MUE5NjU2MkYwHhcNMjUwNjE2MTY1MDQzWhcNMjUwNjIzMTY1MDQzWjAYMRYwFAYD VQQDEw02ODUwNGI2My1jOTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqS8OWkx6CDDPTgC5tnKIZS0lmVDmgtP/uyPfR4pWcd651ogeKMqDCuT546dV qu6K2yCbiBV6tYpXR8WkWajhAfUUbKW8QVHGFnX62w8btZ6cRx0E7xS10uMaqK+5 vDUNzt0Z/eB3s/H59OVOuxWpZx3frXHSOHGICgAhm9pJJYJdDNS7CAW3DC3oPGNe g5XtNOs7OROHQ1SUNvJtHyS6fN4h1rJd70sd2Z8O1QXHtrOsSPGlX/IfokLzRhHv N5huZEi2ipe/yJndI9FKRPPuhiTqb/tb1yPuWhKzCBPsVZ2mLThJ4PEY6NdoIDY8 sm58r1zCCj0XNXdA3FdFuJQCmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAeACXE+ d8ai5Z9oYGXBPQW4yHMMMB8GA1UdIwQYMBaAFNvCGEm7TBcE0jGTxBtwxmsallYv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzIzMy8xRkRBRkQ2MjQz RTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3VFNNWlBFRzNER2F4cVdW aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI4SVlTYnRNRndUU01aUEVHM0RHYXhxV1ZpOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzIzMy8xRkRBRkQ2MjQzRTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3 VFNNWlBFRzNER2F4cVdWaTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzPrOM1Xk30E/0kDNh9MA7Udqirb3+dBwjWBXhKvMJBBep0oHjZzgo tiohBUBvbZ2pqK1oLsjGThDgPkXaiGl1bBK0Y3maM7IF/yf2BFCVwVGqCxny6xVE V7dUkqqTPOfEGx9aDlDVZp0LK6ZtK2VnPgFdRdyIAX+ZpyPM6Vwzl99UCFrFOBN8 86BWQ67KsIjUR/njvGhWW6s0jD70NNuXmvhAlxAULdTFxPAvRmsTlPl0oikNQfVz f8zXnLdh0dlOSeekvjXjGGBCP4hSa1LMLecwb7KXG8NpISDDC7YId5DOfpwc2FuL BtI2ZVg7sJqozmDy0E0mnIFA0USRAJtz -----END CERTIFICATE-----Generated at Wed Jun 18 07:58:24 2025 by rpki-client