$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: mWRvHap12Q1pkcQI+WRMYzuwHy8N0v58KNJowS/NMRU= Subject key identifier: B3:A3:CA:2D:1E:9A:1C:83:E4:30:29:2E:78:A1:53:67:25:57:BD:43 Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0C23 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0C1D Signing time: Fri 18 Jul 2025 18:08:39 +0000 Manifest this update: Fri 18 Jul 2025 18:08:38 +0000 Manifest next update: Fri 25 Jul 2025 18:08:38 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: F+gQYrXDNC8VJ1WwYJcmUPwGGKeS5tstZ5tKKAe82Zg=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: fJj5V7B0tj2U/amxOYn7MfT1h8cR0RvRgHTxKdHbOM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:08:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3107 (0xc23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624, serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: Jul 18 18:08:38 2025 GMT Not After : Jul 25 18:08:38 2025 GMT Subject: CN=687a8da7-b01b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:42:8f:3d:01:3e:2a:4f:42:9a:c3:3e:c6:3d: 1f:0d:ea:75:98:66:36:e1:dd:a6:f8:36:da:a3:2b: dc:40:8a:31:5d:12:f9:c8:91:f4:a5:30:fc:1e:bb: b6:62:c3:29:ec:e0:ac:b3:4f:b9:e6:62:97:1f:ce: 97:24:5e:64:85:0d:be:a2:3b:46:56:e9:22:ab:88: 5e:03:72:fd:0e:d1:62:84:cd:6e:dd:d6:83:69:c9: 39:90:49:a1:17:f5:7d:e4:9a:71:0f:7b:4e:c8:c3: cb:f5:79:c3:45:7b:c4:10:6d:92:52:5b:38:8f:c6: 7a:46:bc:80:71:0f:e6:9c:24:28:be:3b:5b:2a:c5: d6:c8:ca:59:49:54:7b:86:af:1e:94:43:c7:41:39: b2:19:f5:60:16:fa:17:61:f2:36:86:1a:34:6e:a5: 03:98:2e:84:1c:a0:95:f4:35:99:a9:69:85:6b:59: 16:98:d1:bc:e9:bf:45:7d:4c:73:d0:c8:c7:c7:76: a3:a5:ba:5e:d7:a0:d5:39:30:e0:65:44:88:2d:a7: 3c:4c:82:dc:98:08:d1:ab:48:66:79:f2:5a:c9:8b: ea:b0:91:cb:08:57:50:d4:9b:87:6b:c6:1b:5b:25: 55:00:bc:02:5d:d1:7c:56:93:ec:c4:0d:78:be:9f: 2b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:A3:CA:2D:1E:9A:1C:83:E4:30:29:2E:78:A1:53:67:25:57:BD:43 X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:d5:c0:06:dd:d9:d7:ed:2a:16:91:1e:aa:28:58:62:42:5d: 9b:70:6f:85:61:e8:b0:ca:22:30:a2:f9:b5:99:e0:42:8f:2d: 65:6e:fd:2c:34:75:b8:aa:25:5f:56:0d:c5:7a:d8:0e:76:d8: ba:06:0a:03:44:d5:d5:b3:74:e6:32:2b:19:5c:f3:58:55:ec: 45:e4:f1:d8:6c:39:c7:30:41:3a:a5:ff:7c:7d:b6:25:3d:bf: d3:f7:7f:a4:35:68:6b:af:32:f2:5b:bd:dc:42:06:15:6d:b4: 6f:55:5f:09:ca:e8:9c:61:73:54:e3:3d:f5:fa:68:0f:c7:14: 28:fd:15:4e:cf:5a:86:20:64:9b:21:65:f8:40:83:c8:67:ea: e3:2f:32:27:0b:4b:4c:25:24:5c:f7:8b:d2:c8:65:86:dd:94: f0:1e:df:19:48:e0:f3:f9:61:86:ac:46:08:67:24:7b:65:17: 8b:32:69:28:7c:e3:8a:c6:bc:da:51:46:d4:12:36:52:94:d0: 11:43:75:89:07:2a:96:4d:79:09:51:f4:3c:86:93:68:fa:17: 33:d6:53:cd:55:dd:ff:de:60:5a:d9:25:98:b3:1b:d0:09:d9: 9b:4f:d1:96:c0:d9:b6:b1:1a:8b:78:47:68:dc:cd:f4:7d:f1: a5:c4:b7:99 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjUwNzE4MTgwODM4WhcNMjUwNzI1MTgwODM4WjAYMRYwFAYD VQQDEw02ODdhOGRhNy1iMDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2UKPPQE+Kk9CmsM+xj0fDep1mGY24d2m+DbaoyvcQIoxXRL5yJH0pTD8Hru2 YsMp7OCss0+55mKXH86XJF5khQ2+ojtGVukiq4heA3L9DtFihM1u3daDack5kEmh F/V95JpxD3tOyMPL9XnDRXvEEG2SUls4j8Z6RryAcQ/mnCQovjtbKsXWyMpZSVR7 hq8elEPHQTmyGfVgFvoXYfI2hho0bqUDmC6EHKCV9DWZqWmFa1kWmNG86b9FfUxz 0MjHx3ajpbpe16DVOTDgZUSILac8TILcmAjRq0hmefJayYvqsJHLCFdQ1JuHa8Yb WyVVALwCXdF8VpPsxA14vp8r3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLOjyi0e mhyD5DApLnihU2clV71DMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH1cAG3dnX7SoWkR6qKFhiQl2bcG+FYeiwyiIwovm1meBCjy1lbv0s NHW4qiVfVg3FetgOdti6BgoDRNXVs3TmMisZXPNYVexF5PHYbDnHMEE6pf98fbYl Pb/T93+kNWhrrzLyW73cQgYVbbRvVV8JyuicYXNU4z31+mgPxxQo/RVOz1qGIGSb IWX4QIPIZ+rjLzInC0tMJSRc94vSyGWG3ZTwHt8ZSODz+WGGrEYIZyR7ZReLMmko fOOKxrzaUUbUEjZSlNARQ3WJByqWTXkJUfQ8hpNo+hcz1lPNVd3/3mBa2SWYsxvQ CdmbT9GWwNm2sRqLeEdo3M30ffGlxLeZ -----END CERTIFICATE-----Generated at Sun Jul 20 10:48:34 2025 by rpki-client