$ rpki-client -vvf rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.mft File: WfIhqdcBRydJAka2joLCl2fHDTg.mft (raw, json) Hash identifier: valMPKXMCP7w2ngI7l8/g23mjvL8IPO4s7iu5hWueuU= Subject key identifier: 2C:20:58:9A:4F:B8:56:25:CB:6F:9D:5D:BF:C4:D1:74:87:92:D7:24 Authority key identifier: 59:F2:21:A9:D7:01:47:27:49:02:46:B6:8E:82:C2:97:67:C7:0D:38 Certificate issuer: /CN=A912CE21/serialNumber=59F221A9D7014727490246B68E82C29767C70D38 Certificate serial: 02E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WfIhqdcBRydJAka2joLCl2fHDTg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.mft Manifest number: 02DD Signing time: Fri 25 Jul 2025 01:45:07 +0000 Manifest this update: Fri 25 Jul 2025 01:45:07 +0000 Manifest next update: Fri 01 Aug 2025 01:45:07 +0000 Files and hashes: 1: WfIhqdcBRydJAka2joLCl2fHDTg.crl (hash: yt4yHnlUJFwnQfjsTUIkxkAV110fZlza7qknEi1msso=) 2: A033FFB4F7F511ECADEAB528C4F9AE02.roa (hash: S2C+VMQaXNDpZ4wrKaK1oLzxt+RZ0aWeTadlNJ8ZR5Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.crl rsync://rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WfIhqdcBRydJAka2joLCl2fHDTg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 01 Aug 2025 01:45:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 738 (0x2e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CE21, serialNumber=59F221A9D7014727490246B68E82C29767C70D38 Validity Not Before: Jul 25 01:45:07 2025 GMT Not After : Aug 1 01:45:07 2025 GMT Subject: CN=6882e1a3-a1c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a5:9e:96:38:2a:65:8b:0d:f5:c1:a5:cb:3c: 63:89:d4:a0:67:f0:17:7e:3e:80:05:12:3b:d9:cf: 5a:34:7b:5f:93:ef:bf:6f:05:6e:ed:ca:94:06:e3: 82:96:17:7c:ae:5e:e1:1d:62:b3:ee:3f:9e:ca:26: 91:ba:fc:f0:d4:ce:fa:df:80:8a:62:fd:d1:aa:95: d8:14:82:20:a7:df:3c:84:57:47:55:d1:a5:40:e8: 44:fd:2c:84:55:8b:ef:9e:5f:04:70:51:27:f8:0e: 99:34:b8:d2:29:5c:86:d2:ed:b7:5c:1c:a4:92:05: ed:44:eb:69:74:09:10:05:33:58:30:96:07:a7:ee: 04:bf:d5:2e:11:7c:53:65:7f:ac:27:d0:81:ad:44: 85:e8:53:0b:a6:ba:17:0e:06:3b:f6:0d:e6:c5:c7: a9:89:97:8b:97:28:f7:b2:52:0a:34:9f:07:d7:22: b0:58:4b:d9:ec:6c:ad:be:ca:d5:64:2c:5e:2b:50: 19:87:de:89:33:a5:e4:29:76:51:56:82:8c:15:6b: 38:13:39:95:e8:e1:50:2c:2f:ae:ce:9b:d0:b1:4f: 55:8d:ee:ba:8a:52:62:61:99:83:2e:00:bb:df:2f: 2c:65:4e:fb:73:15:b5:e3:df:a6:3c:eb:03:1b:0d: 36:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:20:58:9A:4F:B8:56:25:CB:6F:9D:5D:BF:C4:D1:74:87:92:D7:24 X509v3 Authority Key Identifier: keyid:59:F2:21:A9:D7:01:47:27:49:02:46:B6:8E:82:C2:97:67:C7:0D:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WfIhqdcBRydJAka2joLCl2fHDTg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CE21/CE48E7C8F19E11ECA9EE9B3DC4F9AE02/WfIhqdcBRydJAka2joLCl2fHDTg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:08:e3:22:b8:75:67:b9:45:7f:ae:35:fc:3e:c5:c3:1d:7f: 49:e9:20:97:49:d5:2b:9f:d0:c7:76:ba:d1:0c:bb:44:cd:13: 32:4e:6c:33:8e:9b:38:2d:26:ac:77:d0:7b:72:fe:9f:56:6a: 68:be:f1:90:7b:53:c4:73:22:a7:8d:1c:47:aa:8b:26:2a:2b: be:92:fc:12:14:80:87:60:c0:94:64:a1:67:25:fd:a0:7e:e0: f8:31:57:43:d3:71:4d:69:7a:7d:5d:fa:f1:aa:0b:c6:bc:2f: 1b:ff:12:a5:e3:f2:ff:56:cd:7e:e9:8e:0b:b9:22:b0:28:d1: 51:22:55:9d:20:f9:c8:ea:9a:88:00:29:55:70:08:be:53:cf: 19:97:4f:88:11:db:bd:f7:bb:68:b3:97:ee:c3:7f:e5:2d:17: e7:ee:f7:55:af:66:87:33:50:8c:ed:01:18:2b:41:7b:3c:e7: 1e:c2:d5:3c:c4:da:99:8c:28:67:28:05:e9:86:b1:f4:6e:16: 52:36:15:fb:61:2d:c3:71:69:49:e8:3b:e7:5b:00:b0:33:af: 21:31:39:eb:9b:b8:9d:4a:87:67:86:88:43:b4:ae:96:8f:5d: 15:1b:97:c1:93:6e:91:37:2d:32:52:a9:11:3d:65:ff:b8:45: 98:ef:b3:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAuIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNFMjExMTAvBgNVBAUTKDU5RjIyMUE5RDcwMTQ3Mjc0OTAyNDZCNjhFODJDMjk3 NjdDNzBEMzgwHhcNMjUwNzI1MDE0NTA3WhcNMjUwODAxMDE0NTA3WjAYMRYwFAYD VQQDEw02ODgyZTFhMy1hMWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApaWeljgqZYsN9cGlyzxjidSgZ/AXfj6ABRI72c9aNHtfk++/bwVu7cqUBuOC lhd8rl7hHWKz7j+eyiaRuvzw1M7634CKYv3RqpXYFIIgp988hFdHVdGlQOhE/SyE VYvvnl8EcFEn+A6ZNLjSKVyG0u23XBykkgXtROtpdAkQBTNYMJYHp+4Ev9UuEXxT ZX+sJ9CBrUSF6FMLproXDgY79g3mxcepiZeLlyj3slIKNJ8H1yKwWEvZ7GytvsrV ZCxeK1AZh96JM6XkKXZRVoKMFWs4EzmV6OFQLC+uzpvQsU9Vje66ilJiYZmDLgC7 3y8sZU77cxW149+mPOsDGw02TQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCwgWJpP uFYly2+dXb/E0XSHktckMB8GA1UdIwQYMBaAFFnyIanXAUcnSQJGto6Cwpdnxw04 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0UyMS9DRTQ4RTdDOEYx OUUxMUVDQTlFRTlCM0RDNEY5QUUwMi9XZklocWRjQlJ5ZEpBa2Eyam9MQ2wyZkhE VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dmSWhxZGNCUnlkSkFrYTJqb0xDbDJmSERUZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0UyMS9DRTQ4RTdDOEYxOUUxMUVDQTlFRTlCM0RDNEY5QUUwMi9XZklocWRjQlJ5 ZEpBa2Eyam9MQ2wyZkhEVGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfCOMiuHVnuUV/rjX8PsXDHX9J6SCXSdUrn9DHdrrRDLtEzRMyTmwz jps4LSasd9B7cv6fVmpovvGQe1PEcyKnjRxHqosmKiu+kvwSFICHYMCUZKFnJf2g fuD4MVdD03FNaXp9XfrxqgvGvC8b/xKl4/L/Vs1+6Y4LuSKwKNFRIlWdIPnI6pqI AClVcAi+U88Zl0+IEdu997tos5fuw3/lLRfn7vdVr2aHM1CM7QEYK0F7POcewtU8 xNqZjChnKAXphrH0bhZSNhX7YS3DcWlJ6DvnWwCwM68hMTnrm7idSodnhohDtK6W j10VG5fBk26RNy0yUqkRPWX/uEWY77NK -----END CERTIFICATE-----Generated at Sat Jul 26 07:35:55 2025 by rpki-client