$ rpki-client -vvf rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft File: ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft (raw, json) Hash identifier: ihtxdXchcWvpGm465gOf08VRs2dxlzqrSyT+FHdMMC4= Subject key identifier: 8E:CE:70:2A:A8:70:21:22:80:E4:97:AC:E8:2D:EC:F7:D0:97:3D:37 Authority key identifier: 21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC Certificate issuer: /CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Certificate serial: 18BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft Manifest number: 18B5 Signing time: Fri 18 Jul 2025 16:35:59 +0000 Manifest this update: Fri 18 Jul 2025 16:35:59 +0000 Manifest next update: Fri 25 Jul 2025 16:35:59 +0000 Files and hashes: 1: ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl (hash: y6XraYodfq+8n5Mldt7ZSVeiWKjELgcg7yNFJ0J5jDo=) 2: BD843CCE984011E79A256C82C4F9AE02.roa (hash: cv0ZUc0lebxpCeCaHLbic5zL6MtIPbL3843SH+qN9Dk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:35:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6334 (0x18be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912382E, serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Validity Not Before: Jul 18 16:35:59 2025 GMT Not After : Jul 25 16:35:59 2025 GMT Subject: CN=687a77ef-0a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:34:8c:a5:4e:32:f6:bb:8b:6c:a2:3f:bc:42: ab:db:e7:ec:d3:fc:56:fa:da:54:e6:04:af:c7:28: ae:9b:ec:6e:22:6c:19:1d:a7:01:d0:03:ce:14:08: 4f:ae:62:ba:8b:f5:fc:5f:a9:a5:2f:00:4c:90:f8: 67:33:2a:40:bd:b5:b3:44:74:ec:93:19:b4:4b:6c: d5:d9:68:c6:a1:e1:b7:9f:36:cc:a0:2c:1b:90:c5: 9e:da:12:f3:3b:96:94:a8:5a:03:65:9c:9f:fd:d1: d4:5e:77:67:f1:85:73:27:97:bd:ab:82:48:6f:26: 92:a2:03:f8:c4:f2:01:2b:cb:b7:62:eb:1a:0d:f2: 7b:8b:81:f2:cd:69:0a:c4:84:d7:0a:c4:89:fd:a3: 66:02:8e:44:59:14:60:69:21:83:2b:1f:65:06:89: 35:bc:8e:c7:ad:f8:2b:29:d3:0f:de:7b:01:5a:42: 46:80:e6:45:90:4c:64:5c:1f:74:e3:a6:b1:05:24: b7:b5:00:42:39:5b:62:0c:c7:c4:40:15:03:6d:c2: 2f:74:a7:79:28:a7:58:08:f9:f8:7e:68:97:3e:9a: 09:1e:36:6d:57:34:03:f5:3b:16:78:42:27:d6:19: 13:cf:4c:ea:0b:16:7c:9a:a5:f2:6a:a3:1c:29:c9: e8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:CE:70:2A:A8:70:21:22:80:E4:97:AC:E8:2D:EC:F7:D0:97:3D:37 X509v3 Authority Key Identifier: keyid:21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:9d:c3:67:c7:93:58:72:3d:c1:6e:54:0e:da:8a:76:d5:f1: ac:08:71:5b:6b:46:cb:4d:2d:8d:bb:2c:52:d6:2a:9e:b4:6f: d7:53:ec:cd:e5:d9:8c:34:29:cc:3c:90:b9:7a:92:09:16:9f: 90:35:5d:60:f5:b8:0f:68:8e:85:1b:fc:be:90:c2:1b:6e:49: 36:ea:c1:42:e5:9f:aa:bc:77:37:fa:1f:9b:90:e9:c7:24:1b: 52:2c:b5:23:9b:89:1a:7b:c5:d3:07:08:f8:15:8c:f2:d7:b8: 19:92:a5:ef:d3:09:35:86:80:23:96:1d:4c:ea:ec:fe:51:0f: 06:46:9f:3f:63:1e:06:eb:65:e1:89:48:6d:e3:a3:14:12:43: 50:23:4c:6c:4a:6a:f2:1b:b4:50:20:23:c1:1d:ed:cb:14:fe: 70:d8:88:4f:21:40:61:64:5b:31:cb:27:0e:8b:1d:1c:9c:ca: cc:95:5b:22:04:d4:54:a2:1f:5b:9d:2e:69:04:9c:c4:db:df: 3c:93:60:95:ba:00:6a:ae:80:6a:0b:a4:a1:61:65:5e:a0:c8: 91:0c:fc:6b:9c:a8:52:e2:01:84:f0:20:b5:89:ae:cc:7c:8f: ff:fa:66:61:1e:ea:73:9e:a9:42:4d:09:36:31:7c:d6:56:ea: 03:cb:fc:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4MkUxMTAvBgNVBAUTKDIxMzQzNkJBMjNBOUFGMjUwQkYyNURERUE1MEM3NjIy MTlGOTA2QkMwHhcNMjUwNzE4MTYzNTU5WhcNMjUwNzI1MTYzNTU5WjAYMRYwFAYD VQQDEw02ODdhNzdlZi0wYThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyzSMpU4y9ruLbKI/vEKr2+fs0/xW+tpU5gSvxyium+xuImwZHacB0APOFAhP rmK6i/X8X6mlLwBMkPhnMypAvbWzRHTskxm0S2zV2WjGoeG3nzbMoCwbkMWe2hLz O5aUqFoDZZyf/dHUXndn8YVzJ5e9q4JIbyaSogP4xPIBK8u3YusaDfJ7i4HyzWkK xITXCsSJ/aNmAo5EWRRgaSGDKx9lBok1vI7HrfgrKdMP3nsBWkJGgOZFkExkXB90 46axBSS3tQBCOVtiDMfEQBUDbcIvdKd5KKdYCPn4fmiXPpoJHjZtVzQD9TsWeEIn 1hkTz0zqCxZ8mqXyaqMcKcnonQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI7OcCqo cCEigOSXrOgt7PfQlz03MB8GA1UdIwQYMBaAFCE0Nrojqa8lC/Jd3qUMdiIZ+Qa8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgyRS8zMTFFQUM1Njk4 NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5VUw4bDNlcFF4MklobjVC cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lUUTJ1aU9wcnlVTDhsM2VwUXgySWhuNUJydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgyRS8zMTFFQUM1Njk4NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5 VUw4bDNlcFF4MklobjVCcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmncNnx5NYcj3BblQO2op21fGsCHFba0bLTS2NuyxS1iqetG/XU+zN 5dmMNCnMPJC5epIJFp+QNV1g9bgPaI6FG/y+kMIbbkk26sFC5Z+qvHc3+h+bkOnH JBtSLLUjm4kae8XTBwj4FYzy17gZkqXv0wk1hoAjlh1M6uz+UQ8GRp8/Yx4G62Xh iUht46MUEkNQI0xsSmryG7RQICPBHe3LFP5w2IhPIUBhZFsxyycOix0cnMrMlVsi BNRUoh9bnS5pBJzE2988k2CVugBqroBqC6ShYWVeoMiRDPxrnKhS4gGE8CC1ia7M fI//+mZhHupznqlCTQk2MXzWVuoDy/z2 -----END CERTIFICATE-----Generated at Sun Jul 20 03:41:08 2025 by rpki-client