$ rpki-client -vvf rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.mft File: PxScskgQcfFD-NFWCCear8cdEVw.mft (raw, json) Hash identifier: BrjfN0BvtlMJQO/++7weR1xRX5Yea5D3havQ52zNJ6E= Subject key identifier: A5:89:E4:A7:21:48:57:A8:87:F8:3F:86:58:A8:51:E3:B9:5A:1E:95 Authority key identifier: 3F:14:9C:B2:48:10:71:F1:43:F8:D1:56:08:27:9A:AF:C7:1D:11:5C Certificate issuer: /CN=A911C18F/serialNumber=3F149CB2481071F143F8D15608279AAFC71D115C Certificate serial: 1F04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxScskgQcfFD-NFWCCear8cdEVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.mft Manifest number: 1EFA Signing time: Sun 20 Jul 2025 16:03:15 +0000 Manifest this update: Sun 20 Jul 2025 16:03:14 +0000 Manifest next update: Sun 27 Jul 2025 16:03:14 +0000 Files and hashes: 1: PxScskgQcfFD-NFWCCear8cdEVw.crl (hash: RBj5JzgR07efhjGCbu32vnmGD6NOMafdG04/ElvXvUY=) 2: A9FAE7FA5E1911E6B8CE9C5BC4F9AE02.roa (hash: C7LM+OrofkS8APK8eFVOJJHm9mqxZuAPAA0InGQkpPc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.crl rsync://rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxScskgQcfFD-NFWCCear8cdEVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 16:03:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7940 (0x1f04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C18F, serialNumber=3F149CB2481071F143F8D15608279AAFC71D115C Validity Not Before: Jul 20 16:03:14 2025 GMT Not After : Jul 27 16:03:14 2025 GMT Subject: CN=687d1343-dd63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:30:9e:20:52:d2:0c:40:cf:9b:3f:d1:b7:c1: 36:13:61:f2:60:78:5e:7b:66:54:2c:0e:e2:37:18: 99:7d:05:a0:15:79:ab:4e:45:62:93:bc:f7:8c:51: 2a:3a:35:db:4b:dd:32:4c:8c:58:cf:e8:b3:43:a4: eb:af:6c:ac:78:19:68:64:56:5e:72:ba:f8:82:ef: 97:af:cf:6e:e9:63:9c:ef:84:a3:ca:84:92:44:b8: 0e:a6:70:59:db:c3:e2:3d:fc:5a:a8:c3:fa:4e:7c: 36:2d:3e:fe:a2:28:ed:bd:74:e8:3d:bc:11:8c:5f: 4c:6a:db:14:c3:c1:b1:ee:37:ba:15:41:78:d3:15: 78:96:48:4c:5f:bf:c5:89:ae:11:e7:0e:ab:bc:01: 68:fa:0a:80:9c:a7:df:23:01:b8:d8:2b:ab:f5:80: 08:fe:65:73:2b:5e:b5:72:a7:25:39:c9:91:0a:a5: 85:64:8b:a2:b8:50:91:ba:bd:a4:d7:31:5d:ba:73: c9:8c:58:e1:54:f8:29:d5:ae:b7:23:2f:67:71:b1: 7b:31:16:34:68:1e:62:8d:4a:01:f2:4a:13:16:7e: a0:8d:c2:3d:54:45:68:86:1b:25:a3:f6:03:f0:e3: 0d:21:58:6e:f6:c1:93:53:c7:0e:2e:d6:c8:8f:c7: a2:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:89:E4:A7:21:48:57:A8:87:F8:3F:86:58:A8:51:E3:B9:5A:1E:95 X509v3 Authority Key Identifier: keyid:3F:14:9C:B2:48:10:71:F1:43:F8:D1:56:08:27:9A:AF:C7:1D:11:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PxScskgQcfFD-NFWCCear8cdEVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C18F/8E7A9BAC5E1811E6AC66C559C4F9AE02/PxScskgQcfFD-NFWCCear8cdEVw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:0f:45:52:54:f7:30:5a:9d:13:77:cb:bb:55:17:d6:94:cf: fb:94:d5:5e:6c:78:cc:5b:55:6d:24:fe:5c:41:76:6b:ed:96: 99:3b:58:a7:47:d1:ef:83:d6:31:98:b5:52:b8:79:17:36:77: 8b:84:cb:ab:5c:25:a7:17:5e:4d:a3:61:60:7e:aa:52:54:58: a0:8f:90:e9:60:dd:ee:3d:64:bb:4e:43:11:46:88:ae:57:49: 80:ab:6d:79:62:31:78:79:3e:b4:8c:78:36:cd:5a:9f:99:a1: 1e:0d:e3:83:bb:44:51:de:86:9f:8c:4f:04:97:d1:4f:c7:60: 91:7b:a2:83:d4:4b:7d:e4:51:8e:a5:c3:22:65:06:ae:4a:8c: 39:22:b0:d9:50:1e:3e:54:db:0b:b3:8e:56:79:4d:0b:7c:33: fd:8d:0f:a4:9d:8d:b4:cc:ee:ab:f5:30:78:ff:38:0b:06:50: a8:32:48:29:d4:21:2d:ed:98:24:55:4f:cf:52:66:bd:7d:4a: 3c:87:73:58:56:33:af:c2:c9:fa:9b:1b:83:57:ea:ca:5a:05: bf:41:5e:e1:e1:fb:55:22:eb:94:10:98:46:21:5d:d6:76:34: 0c:cf:e9:6c:94:7f:b0:4b:96:c0:0d:1e:ee:74:1c:92:2d:6a: 66:a0:95:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMxOEYxMTAvBgNVBAUTKDNGMTQ5Q0IyNDgxMDcxRjE0M0Y4RDE1NjA4Mjc5QUFG QzcxRDExNUMwHhcNMjUwNzIwMTYwMzE0WhcNMjUwNzI3MTYwMzE0WjAYMRYwFAYD VQQDEw02ODdkMTM0My1kZDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsTCeIFLSDEDPmz/Rt8E2E2HyYHhee2ZULA7iNxiZfQWgFXmrTkVik7z3jFEq OjXbS90yTIxYz+izQ6Trr2yseBloZFZecrr4gu+Xr89u6WOc74SjyoSSRLgOpnBZ 28PiPfxaqMP6Tnw2LT7+oijtvXToPbwRjF9MatsUw8Gx7je6FUF40xV4lkhMX7/F ia4R5w6rvAFo+gqAnKffIwG42Cur9YAI/mVzK161cqclOcmRCqWFZIuiuFCRur2k 1zFdunPJjFjhVPgp1a63Iy9ncbF7MRY0aB5ijUoB8koTFn6gjcI9VEVohhslo/YD 8OMNIVhu9sGTU8cOLtbIj8ei2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKWJ5Kch SFeoh/g/hlioUeO5Wh6VMB8GA1UdIwQYMBaAFD8UnLJIEHHxQ/jRVggnmq/HHRFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzE4Ri84RTdBOUJBQzVF MTgxMUU2QUM2NkM1NTlDNEY5QUUwMi9QeFNjc2tnUWNmRkQtTkZXQ0NlYXI4Y2RF VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1B4U2Nza2dRY2ZGRC1ORldDQ2VhcjhjZEVWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzE4Ri84RTdBOUJBQzVFMTgxMUU2QUM2NkM1NTlDNEY5QUUwMi9QeFNjc2tnUWNm RkQtTkZXQ0NlYXI4Y2RFVncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQD0VSVPcwWp0Td8u7VRfWlM/7lNVebHjMW1VtJP5cQXZr7ZaZO1in R9Hvg9YxmLVSuHkXNneLhMurXCWnF15No2FgfqpSVFigj5DpYN3uPWS7TkMRRoiu V0mAq215YjF4eT60jHg2zVqfmaEeDeODu0RR3oafjE8El9FPx2CRe6KD1Et95FGO pcMiZQauSow5IrDZUB4+VNsLs45WeU0LfDP9jQ+knY20zO6r9TB4/zgLBlCoMkgp 1CEt7ZgkVU/PUma9fUo8h3NYVjOvwsn6mxuDV+rKWgW/QV7h4ftVIuuUEJhGIV3W djQMz+lslH+wS5bADR7udBySLWpmoJVA -----END CERTIFICATE-----Generated at Mon Jul 21 06:52:37 2025 by rpki-client