$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft File: tUMZgoesmRJSAHhil7k2l_jySK4.mft (raw, json) Hash identifier: L2NAG9YZY4Cjvsfr5m0dVc9kV2IGONJFE/AVAGNotWM= Subject key identifier: 63:7C:88:1D:7C:24:77:E5:C9:8A:07:E3:6A:A7:B0:1E:4C:EB:FB:05 Authority key identifier: B5:43:19:82:87:AC:99:12:52:00:78:62:97:B9:36:97:F8:F2:48:AE Certificate issuer: /CN=A9142DBC/serialNumber=B543198287AC99125200786297B93697F8F248AE Certificate serial: 0C54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft Manifest number: 0C47 Signing time: Fri 18 Jul 2025 18:43:31 +0000 Manifest this update: Fri 18 Jul 2025 18:43:31 +0000 Manifest next update: Fri 25 Jul 2025 18:43:31 +0000 Files and hashes: 1: tUMZgoesmRJSAHhil7k2l_jySK4.crl (hash: MAOC+m1u6XWE8xZCGlFRmfdswKLUcNRvzQ1idBo4t9U=) 2: DBE709060AA511EA86C8E31DC4F9AE02.roa (hash: YQqO3/GsQMAf9ewsQANIfWPP9RflccXF2o5PRECWCc4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.crl rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:43:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3156 (0xc54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142DBC, serialNumber=B543198287AC99125200786297B93697F8F248AE Validity Not Before: Jul 18 18:43:31 2025 GMT Not After : Jul 25 18:43:31 2025 GMT Subject: CN=687a95d3-0df9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a4:0a:c9:84:70:66:52:08:7c:d8:1e:a8:e1: 44:26:bf:5b:80:00:11:3c:33:7a:78:bb:b3:de:7a: e5:0c:c9:ff:62:9c:a8:e3:15:b7:e4:6e:2e:b5:31: 9b:0a:1e:68:b0:8b:7c:da:bf:7c:4d:57:63:c3:c6: c3:55:fd:e9:40:ad:a0:3b:c7:fa:30:55:b9:bc:88: 3c:85:a6:00:f3:54:0d:4e:71:aa:1a:81:4d:ae:20: 78:7d:a6:4a:b6:c6:21:d7:3c:37:8a:62:11:b6:c6: c0:32:73:6d:e3:95:1b:7e:68:1e:5f:40:ed:d4:65: ac:eb:69:93:17:1a:98:10:fe:2f:5a:0f:28:3a:87: 83:5e:f8:a5:7d:f1:c4:3b:d0:95:cb:e2:c7:0d:1a: 21:bc:e1:20:98:e1:1b:ea:3a:05:d9:c9:71:d6:31: d7:d8:53:e2:87:a2:b7:1a:99:d6:41:79:99:d7:03: a7:e5:ee:ee:73:c8:ca:6e:d3:47:c1:c2:2d:de:65: 5b:f2:e1:63:67:e2:86:a9:f1:53:e5:71:57:c5:7d: 1f:27:c4:c8:b4:a7:2d:dc:98:cf:4b:52:fa:6d:27: ba:b2:4c:ad:16:30:fa:9f:ea:8a:a9:fd:b4:0d:e8: b8:56:2f:14:f7:80:9a:da:82:54:9c:d6:bd:00:71: 9c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:7C:88:1D:7C:24:77:E5:C9:8A:07:E3:6A:A7:B0:1E:4C:EB:FB:05 X509v3 Authority Key Identifier: keyid:B5:43:19:82:87:AC:99:12:52:00:78:62:97:B9:36:97:F8:F2:48:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:75:88:5b:0d:8b:2e:33:f9:1c:c9:1f:fc:54:48:ff:4a:b2: 54:d0:8a:e6:0c:f1:e1:18:b9:48:83:a6:c0:0d:60:8c:fb:53: 2a:f7:00:27:ca:31:bd:66:b7:e9:a6:51:b5:93:25:32:25:27: 0d:0b:6c:48:9e:64:31:1d:82:f9:33:41:3d:87:1d:4c:9a:d1: a5:13:9d:4e:5e:35:75:d6:58:59:b8:31:43:e1:02:89:bd:e4: 56:af:51:dd:25:2c:67:94:a9:ab:77:b5:67:bb:db:65:26:3c: b1:00:2a:0c:f2:6f:a4:5f:25:4e:e1:db:ab:86:1b:d6:7c:d8: cc:88:02:0a:11:51:43:88:e8:0b:5c:5a:54:f4:df:9d:95:5f: 84:f9:e2:60:b4:ee:b7:95:cf:d0:71:12:f2:1b:da:5a:b4:34: 29:82:6c:0b:1e:52:26:81:9a:ec:50:83:75:49:d5:a7:cd:94: d9:8b:00:42:2e:0a:01:5a:6f:e2:1f:06:56:c5:1c:80:16:08: c8:17:45:18:fa:ce:f4:61:91:b0:54:eb:ae:99:fe:ea:8d:ac: 11:fd:00:65:f2:ae:7a:15:b2:b7:60:a2:3a:67:48:4d:9f:fd: 1b:17:e8:b1:d7:99:c2:3f:7f:6b:40:6b:a9:74:56:8e:b4:3f: 5c:9f:08:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDJEQkMxMTAvBgNVBAUTKEI1NDMxOTgyODdBQzk5MTI1MjAwNzg2Mjk3QjkzNjk3 RjhGMjQ4QUUwHhcNMjUwNzE4MTg0MzMxWhcNMjUwNzI1MTg0MzMxWjAYMRYwFAYD VQQDEw02ODdhOTVkMy0wZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqQKyYRwZlIIfNgeqOFEJr9bgAARPDN6eLuz3nrlDMn/Ypyo4xW35G4utTGb Ch5osIt82r98TVdjw8bDVf3pQK2gO8f6MFW5vIg8haYA81QNTnGqGoFNriB4faZK tsYh1zw3imIRtsbAMnNt45UbfmgeX0Dt1GWs62mTFxqYEP4vWg8oOoeDXvilffHE O9CVy+LHDRohvOEgmOEb6joF2clx1jHX2FPih6K3GpnWQXmZ1wOn5e7uc8jKbtNH wcIt3mVb8uFjZ+KGqfFT5XFXxX0fJ8TItKct3JjPS1L6bSe6skytFjD6n+qKqf20 Dei4Vi8U94Ca2oJUnNa9AHGcDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGN8iB18 JHflyYoH42qnsB5M6/sFMB8GA1UdIwQYMBaAFLVDGYKHrJkSUgB4Ype5Npf48kiu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRCQy82OUZBMjU2ODBB QTQxMUVBOEM1QTgzMUJDNEY5QUUwMi90VU1aZ29lc21SSlNBSGhpbDdrMmxfanlT SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RVTVpnb2VzbVJKU0FIaGlsN2sybF9qeVNLNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MkRCQy82OUZBMjU2ODBBQTQxMUVBOEM1QTgzMUJDNEY5QUUwMi90VU1aZ29lc21S SlNBSGhpbDdrMmxfanlTSzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBdYhbDYsuM/kcyR/8VEj/SrJU0IrmDPHhGLlIg6bADWCM+1Mq9wAn yjG9ZrfpplG1kyUyJScNC2xInmQxHYL5M0E9hx1MmtGlE51OXjV11lhZuDFD4QKJ veRWr1HdJSxnlKmrd7Vnu9tlJjyxACoM8m+kXyVO4durhhvWfNjMiAIKEVFDiOgL XFpU9N+dlV+E+eJgtO63lc/QcRLyG9patDQpgmwLHlImgZrsUIN1SdWnzZTZiwBC LgoBWm/iHwZWxRyAFgjIF0UY+s70YZGwVOuumf7qjawR/QBl8q56FbK3YKI6Z0hN n/0bF+ix15nCP39rQGupdFaOtD9cnwhU -----END CERTIFICATE-----Generated at Sun Jul 20 11:34:13 2025 by rpki-client