$ rpki-client -vvf rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.mft File: Loy7jCYAxqCYyVi5ZMMtyxi4A1w.mft (raw, json) Hash identifier: echL/70OmWgN1r+0MZSkuQ0hLuB0UkTF6FoOkUvqpKk= Subject key identifier: C3:94:9A:FA:8D:D3:5C:7A:E8:30:07:B7:9B:3A:85:F1:57:47:DD:BA Authority key identifier: 2E:8C:BB:8C:26:00:C6:A0:98:C9:58:B9:64:C3:2D:CB:18:B8:03:5C Certificate issuer: /CN=A911E9B6/serialNumber=2E8CBB8C2600C6A098C958B964C32DCB18B8035C Certificate serial: 020B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.mft Manifest number: 01EB Signing time: Mon 21 Jul 2025 02:43:46 +0000 Manifest this update: Mon 21 Jul 2025 02:43:46 +0000 Manifest next update: Mon 28 Jul 2025 02:43:46 +0000 Files and hashes: 1: Loy7jCYAxqCYyVi5ZMMtyxi4A1w.crl (hash: 1iShwgQNAZ0DUk9uz1g64pvYnIATBQUKl0h26EUVIEs=) 2: C3E640EE917811ED904ACF83C4F9AE02.roa (hash: U1JZUMbZcbonZCdC7TOrqHH67lPPcra0baMZ+HxHTq0=) 3: E260EBC4914011EDABD5F778C4F9AE02.roa (hash: ieGx5NwyYQJ4P+cWYrdmLdfua1T4xQkG1QlYm44YGuI=) 4: E1D3A69C914011EDABD5F778C4F9AE02.roa (hash: l7RVqMwsQP+9xoPqxUjrdLeHKAHmKPEPtw0sLICnu70=) 5: 7606086E914611ED8DE00A16C4F9AE02.roa (hash: hpbgzGpeyu8RgvOZ/gDqbosdneW/3yUsLvzIbPJJbgI=) 6: E07C4E34914011EDABD5F778C4F9AE02.roa (hash: yq9F1kGLoVyjrkyUECiqJ2bBsjfNg/O48zntGXKXjfA=) 7: E137AAE4914011EDABD5F778C4F9AE02.roa (hash: 7GFXCtaT3I6JbgFcVp9k1/EsFIeLns+26mNrxLbyEic=) 8: C3481400917811ED904ACF83C4F9AE02.roa (hash: AsDGm3VcGz1RYmwwFN/U13xvQEyWavpIqYrnGKd5AJQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.crl rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 02:43:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 523 (0x20b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E9B6, serialNumber=2E8CBB8C2600C6A098C958B964C32DCB18B8035C Validity Not Before: Jul 21 02:43:46 2025 GMT Not After : Jul 28 02:43:46 2025 GMT Subject: CN=687da962-265f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:41:3c:47:4e:4e:74:c8:8b:87:95:d8:cd:3d: b3:ba:f0:5a:a3:43:3f:00:85:93:8a:7d:cd:80:d9: bc:a5:a7:e2:76:d0:55:3b:0c:36:43:cd:5c:a4:13: 72:10:8a:68:cb:8e:6f:2e:3c:ea:43:25:75:04:47: ba:97:c2:98:24:68:3c:4b:8f:58:fc:8e:b1:7a:8d: 58:97:47:77:ba:e0:a4:09:a5:79:94:ae:11:f6:99: 16:1f:4f:2d:c4:f0:ed:09:fe:32:41:91:cc:f4:4b: 91:d9:b3:98:51:fa:13:59:96:39:8c:07:52:77:4b: 58:17:40:48:59:a3:b4:04:96:9d:4e:33:e1:b2:b9: f8:0f:e4:54:34:8a:69:c2:85:57:dd:36:42:2f:c4: 6f:71:78:82:4f:c0:60:ce:a9:6f:83:3b:9b:29:da: c5:2d:5d:1d:f9:0a:b7:40:08:1f:41:aa:bc:8e:ba: 3d:8e:77:7c:50:a2:ad:e4:97:8f:4d:8e:05:7d:f4: 0b:3e:77:e5:f0:ba:3e:35:b6:55:f1:92:05:61:fa: 7c:ba:fd:d4:99:fc:32:1b:17:b4:d9:4f:17:6b:74: 21:23:91:88:54:9e:21:1c:cd:18:54:44:14:8c:5f: bd:00:af:35:75:21:c6:c4:e1:6b:d0:1c:28:a0:0b: ef:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:94:9A:FA:8D:D3:5C:7A:E8:30:07:B7:9B:3A:85:F1:57:47:DD:BA X509v3 Authority Key Identifier: keyid:2E:8C:BB:8C:26:00:C6:A0:98:C9:58:B9:64:C3:2D:CB:18:B8:03:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:29:20:78:87:1b:e1:8f:8b:58:dc:7b:f3:fe:1e:a2:0a:b7: 0d:2b:d6:28:41:e1:95:88:8d:11:7d:a3:9b:5d:e1:09:04:b1: 4f:50:d8:91:f6:6e:50:32:65:4e:bc:e5:1f:31:9a:b4:01:a5: e2:53:ce:d2:63:d4:39:15:9e:a4:03:a2:65:07:33:91:12:f8: 48:e1:ad:3a:0b:fd:b3:ed:43:47:1f:ab:bd:92:68:44:4f:7d: 3e:70:4a:bf:09:40:54:ce:e8:78:cb:2e:53:97:f0:90:17:2a: 8a:13:ac:af:32:a2:90:35:a3:fe:76:f5:5c:c7:7a:9e:aa:d3: e0:f4:2f:5e:26:17:de:ac:ca:bb:ea:0f:9c:7d:ce:85:12:e7: d4:07:90:88:8e:ce:ab:9e:0c:df:32:de:b8:17:93:4b:0a:bf: 12:03:df:32:6b:66:17:72:7b:61:40:b7:6c:9b:13:b7:a7:d3: ab:62:d5:5c:b2:ba:ed:60:b8:f3:9f:24:dd:d4:58:bb:b6:ab: d2:a1:b5:19:27:9f:51:e9:8b:bf:41:99:08:ee:10:48:95:05: c3:92:be:cc:37:aa:50:52:3b:46:e8:23:91:cb:82:e6:5b:5d: 63:6a:30:4f:c9:eb:c2:7b:ae:8c:42:98:aa:cc:d2:0b:63:b3: 39:ff:8a:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU5QjYxMTAvBgNVBAUTKDJFOENCQjhDMjYwMEM2QTA5OEM5NThCOTY0QzMyRENC MThCODAzNUMwHhcNMjUwNzIxMDI0MzQ2WhcNMjUwNzI4MDI0MzQ2WjAYMRYwFAYD VQQDEw02ODdkYTk2Mi0yNjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxEE8R05OdMiLh5XYzT2zuvBao0M/AIWTin3NgNm8pafidtBVOww2Q81cpBNy EIpoy45vLjzqQyV1BEe6l8KYJGg8S49Y/I6xeo1Yl0d3uuCkCaV5lK4R9pkWH08t xPDtCf4yQZHM9EuR2bOYUfoTWZY5jAdSd0tYF0BIWaO0BJadTjPhsrn4D+RUNIpp woVX3TZCL8RvcXiCT8BgzqlvgzubKdrFLV0d+Qq3QAgfQaq8jro9jnd8UKKt5JeP TY4FffQLPnfl8Lo+NbZV8ZIFYfp8uv3UmfwyGxe02U8Xa3QhI5GIVJ4hHM0YVEQU jF+9AK81dSHGxOFr0BwooAvvhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOUmvqN 01x66DAHt5s6hfFXR926MB8GA1UdIwQYMBaAFC6Mu4wmAMagmMlYuWTDLcsYuANc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTlCNi83OTE4Q0IwQzdG RjUxMUVEOUVENDY0MURDNEY5QUUwMi9Mb3k3akNZQXhxQ1l5Vmk1Wk1NdHl4aTRB MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xveTdqQ1lBeHFDWXlWaTVaTU10eXhpNEExdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTlCNi83OTE4Q0IwQzdGRjUxMUVEOUVENDY0MURDNEY5QUUwMi9Mb3k3akNZQXhx Q1l5Vmk1Wk1NdHl4aTRBMXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFKSB4hxvhj4tY3Hvz/h6iCrcNK9YoQeGViI0RfaObXeEJBLFPUNiR 9m5QMmVOvOUfMZq0AaXiU87SY9Q5FZ6kA6JlBzOREvhI4a06C/2z7UNHH6u9kmhE T30+cEq/CUBUzuh4yy5Tl/CQFyqKE6yvMqKQNaP+dvVcx3qeqtPg9C9eJhferMq7 6g+cfc6FEufUB5CIjs6rngzfMt64F5NLCr8SA98ya2YXcnthQLdsmxO3p9OrYtVc srrtYLjznyTd1Fi7tqvSobUZJ59R6Yu/QZkI7hBIlQXDkr7MN6pQUjtG6CORy4Lm W11jajBPyevCe66MQpiqzNILY7M5/4rS -----END CERTIFICATE-----Generated at Mon Jul 21 12:43:35 2025 by rpki-client