$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.mft File: gYE9avls8KB0gHHNux4nD2tcYRM.mft (raw, json) Hash identifier: hmaTLuAE84lY4bEp8Spmwy1THaefsFL5bet+07v79sU= Subject key identifier: 87:18:DF:42:FC:B7:FE:B5:AB:E9:3B:2E:20:1F:10:F1:FB:BA:4C:A2 Authority key identifier: 81:81:3D:6A:F9:6C:F0:A0:74:80:71:CD:BB:1E:27:0F:6B:5C:61:13 Certificate issuer: /CN=A9128DE9/serialNumber=81813D6AF96CF0A0748071CDBB1E270F6B5C6113 Certificate serial: 0BFB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYE9avls8KB0gHHNux4nD2tcYRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.mft Manifest number: 0BEA Signing time: Fri 18 Jul 2025 18:59:18 +0000 Manifest this update: Fri 18 Jul 2025 18:59:17 +0000 Manifest next update: Fri 25 Jul 2025 18:59:17 +0000 Files and hashes: 1: gYE9avls8KB0gHHNux4nD2tcYRM.crl (hash: bhf2hmBAh7aXVIsH6Bi9n1SLTt2EMWGVQATEy8MgfP8=) 2: 1D77B4081BD911EAB49CC840C4F9AE02.roa (hash: jHX60u9ArdYh7GwRrx6uREAMvSVK0+kOgD9fYQ7pbX8=) 3: B3148DDA1BD711EAB801703AC4F9AE02.roa (hash: vAnu7lUAwo4HH4C945cyzFyVOcsgKeAbmVZGK6iXYjc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYE9avls8KB0gHHNux4nD2tcYRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:59:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3067 (0xbfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9, serialNumber=81813D6AF96CF0A0748071CDBB1E270F6B5C6113 Validity Not Before: Jul 18 18:59:17 2025 GMT Not After : Jul 25 18:59:17 2025 GMT Subject: CN=687a9985-c91e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:39:8f:df:d3:8c:24:eb:2a:70:0b:6c:1e:30: 03:09:90:70:2d:b1:7a:78:96:22:b0:a9:66:ca:10: 25:5c:e9:0c:d5:ff:1a:21:53:19:06:bd:37:40:d0: 7a:c3:59:ec:9b:1b:04:3e:16:41:68:18:4f:ab:a9: 86:f9:12:04:fc:70:16:c7:f3:75:89:4d:81:2a:69: 39:74:1c:34:46:48:b2:d6:63:90:94:5b:18:41:70: be:3c:d0:9a:ba:69:85:b2:80:65:5f:79:0b:e7:a8: f3:4a:67:0d:17:c8:6f:37:ab:2d:d2:3c:b6:0a:c3: 7e:e1:a5:ab:96:01:83:f8:a8:fc:60:ac:e0:bf:35: 80:3e:78:a8:e1:99:95:5f:13:3c:15:a3:fa:d1:72: d9:46:4c:49:90:15:42:d5:c7:fe:a7:c4:0c:13:07: c8:12:42:a6:aa:8e:c5:55:cf:81:1c:9c:f3:17:65: 50:a1:95:1b:d5:c2:1b:22:29:4d:00:1d:85:1e:c0: 55:f3:3d:5d:e7:70:a9:d4:fa:76:80:d8:73:de:1e: e7:bb:36:d7:01:97:19:46:7a:a2:6b:a1:14:e7:10: 3a:41:06:fb:68:d0:f2:3e:b3:20:fc:b7:db:bb:e9: d8:9f:11:b1:9d:41:fc:92:9f:00:1c:2b:fa:08:77: a0:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:18:DF:42:FC:B7:FE:B5:AB:E9:3B:2E:20:1F:10:F1:FB:BA:4C:A2 X509v3 Authority Key Identifier: keyid:81:81:3D:6A:F9:6C:F0:A0:74:80:71:CD:BB:1E:27:0F:6B:5C:61:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYE9avls8KB0gHHNux4nD2tcYRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D69B45E81BD511EA80CBCF36C4F9AE02/gYE9avls8KB0gHHNux4nD2tcYRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:8f:99:7d:d2:85:40:4b:07:a8:01:64:6f:2b:d0:62:1b:7e: da:c6:0d:5c:d0:f5:45:62:e2:7d:fa:71:61:b8:52:2c:b6:c9: d5:6c:01:8c:fd:2e:b6:52:65:3f:38:7d:e7:93:c5:d0:0f:d3: dd:8f:3b:8d:93:9b:fe:22:51:a2:82:fd:dd:a4:1d:3a:24:db: c1:2b:9e:f6:29:27:64:9c:27:63:cb:51:36:dd:c9:70:ab:19: 41:4f:05:ad:16:13:36:93:e9:58:0c:ef:58:7b:0a:c7:f6:20: 44:48:bf:19:47:bd:7b:c5:98:ed:58:3e:fe:19:4f:aa:d3:ce: bc:79:c1:c1:52:78:64:d6:9b:2f:25:9d:c0:be:c4:cf:2d:32: bf:41:6b:83:54:2d:53:12:71:dd:9b:c7:4a:6a:f4:58:35:59: 25:ee:e9:9e:a6:a6:4b:db:61:ee:b8:71:bd:aa:a2:21:9f:be: ff:00:ab:60:f5:c1:32:99:ca:ca:06:6d:e5:b1:68:aa:80:50: 18:1c:09:3b:c6:64:96:f7:8f:ad:a8:2e:b3:97:9f:5b:0f:9c: b8:55:7f:70:fb:bb:62:69:11:6d:0d:06:34:f4:37:c3:5a:80: 96:b7:ce:aa:3d:11:fe:6c:30:39:9d:d3:e3:60:29:8f:2b:a3: b0:b4:b5:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDgxODEzRDZBRjk2Q0YwQTA3NDgwNzFDREJCMUUyNzBG NkI1QzYxMTMwHhcNMjUwNzE4MTg1OTE3WhcNMjUwNzI1MTg1OTE3WjAYMRYwFAYD VQQDEw02ODdhOTk4NS1jOTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4DmP39OMJOsqcAtsHjADCZBwLbF6eJYisKlmyhAlXOkM1f8aIVMZBr03QNB6 w1nsmxsEPhZBaBhPq6mG+RIE/HAWx/N1iU2BKmk5dBw0Rkiy1mOQlFsYQXC+PNCa ummFsoBlX3kL56jzSmcNF8hvN6st0jy2CsN+4aWrlgGD+Kj8YKzgvzWAPnio4ZmV XxM8FaP60XLZRkxJkBVC1cf+p8QMEwfIEkKmqo7FVc+BHJzzF2VQoZUb1cIbIilN AB2FHsBV8z1d53Cp1Pp2gNhz3h7nuzbXAZcZRnqia6EU5xA6QQb7aNDyPrMg/Lfb u+nYnxGxnUH8kp8AHCv6CHeg2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIcY30L8 t/61q+k7LiAfEPH7ukyiMB8GA1UdIwQYMBaAFIGBPWr5bPCgdIBxzbseJw9rXGET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9ENjlCNDVFODFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9nWUU5YXZsczhLQjBnSEhOdXg0bkQydGNZ Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dZRTlhdmxzOEtCMGdISE51eDRuRDJ0Y1lSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9ENjlCNDVFODFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9nWUU5YXZsczhL QjBnSEhOdXg0bkQydGNZUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwj5l90oVASweoAWRvK9BiG37axg1c0PVFYuJ9+nFhuFIstsnVbAGM /S62UmU/OH3nk8XQD9PdjzuNk5v+IlGigv3dpB06JNvBK572KSdknCdjy1E23clw qxlBTwWtFhM2k+lYDO9YewrH9iBESL8ZR717xZjtWD7+GU+q0868ecHBUnhk1psv JZ3AvsTPLTK/QWuDVC1TEnHdm8dKavRYNVkl7umepqZL22HuuHG9qqIhn77/AKtg 9cEymcrKBm3lsWiqgFAYHAk7xmSW94+tqC6zl59bD5y4VX9w+7tiaRFtDQY09DfD WoCWt86qPRH+bDA5ndPjYCmPK6OwtLWs -----END CERTIFICATE-----Generated at Sun Jul 20 15:10:48 2025 by rpki-client