$ rpki-client -vvf rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft File: _ksuVPGAyAmvHsmemnx-JzLZ3aY.mft (raw, json) Hash identifier: 0nCwgzCftue7AOhxidQ97FzayCpTr0McWxL0KzxZbyc= Subject key identifier: 08:43:96:76:8C:73:79:93:E8:45:7C:E1:1A:B3:2C:A8:B0:0B:17:66 Authority key identifier: FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6 Certificate issuer: /CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6 Certificate serial: 0FF2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft Manifest number: 0FE3 Signing time: Sun 20 Jul 2025 17:30:50 +0000 Manifest this update: Sun 20 Jul 2025 17:30:50 +0000 Manifest next update: Sun 27 Jul 2025 17:30:50 +0000 Files and hashes: 1: _ksuVPGAyAmvHsmemnx-JzLZ3aY.crl (hash: MvoVR3V8mmTzDp+lQuAt5tOVKEhHEixUEPfj4lbLtfU=) 2: 8F75257455E911E9AE112D6CC4F9AE02.roa (hash: thEUPRHmxogbvRJ6Y3FkP32LyqLTW2o8NNUuKxB2tbk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:30:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4082 (0xff2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914BE96, serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6 Validity Not Before: Jul 20 17:30:50 2025 GMT Not After : Jul 27 17:30:50 2025 GMT Subject: CN=687d27ca-0bfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:2a:38:7c:83:2c:b0:13:55:8f:26:ce:3a:9b: e7:dd:d6:e6:24:21:d9:98:a0:47:dc:e2:89:b7:2e: 64:8e:e6:76:25:d0:a0:75:ca:a1:e5:81:b0:d3:1b: 98:bf:a4:63:4e:ef:57:f2:94:fd:0e:6e:15:b5:6f: c1:59:9f:41:e7:77:fb:ec:4f:36:9c:26:28:ca:d2: c3:20:79:dd:c9:cd:af:78:e3:3b:17:54:fc:15:e7: 65:0b:65:24:cd:9f:fe:03:22:c4:2c:8b:81:7a:90: 2c:fb:fa:a8:d6:cf:dd:78:f6:90:03:9a:00:dd:bd: cd:49:8e:be:b4:64:b9:a7:21:f6:08:86:a0:fc:a9: a5:77:25:55:49:2f:b2:a9:ea:71:62:2a:34:2b:00: c7:26:5e:8a:3e:49:87:e7:3c:bc:67:56:de:28:7d: 8e:6e:29:fa:29:d4:a3:08:dd:39:e4:30:a4:ae:19: 40:28:e2:9d:16:9d:6f:db:22:0d:7b:c6:85:46:e6: 4f:41:0b:fa:6e:f0:89:17:dd:82:2b:b7:c4:0d:6a: ee:e7:57:d8:00:e2:ad:f3:79:27:83:38:3f:65:ae: 37:66:5c:4c:d1:68:49:bd:7f:66:92:06:2a:bb:80: 7b:3c:60:02:91:c5:70:61:1d:29:f9:0f:61:33:ff: d5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:43:96:76:8C:73:79:93:E8:45:7C:E1:1A:B3:2C:A8:B0:0B:17:66 X509v3 Authority Key Identifier: keyid:FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:5d:f9:08:0c:0a:1b:cf:b8:51:21:70:27:6b:38:96:03:6e: 8f:a9:35:f4:50:44:39:3b:96:28:a5:92:72:83:79:b6:a6:3d: 89:11:d2:46:1d:42:d7:25:ab:11:d6:43:44:b8:60:3d:95:5b: 53:1c:ad:14:ab:80:a2:8b:aa:bb:aa:ab:a0:49:15:53:54:1e: 9a:7a:f9:c2:7b:94:b2:cc:73:d3:ea:6b:00:71:f0:e5:7b:d5: a7:8d:25:f4:b7:f1:0f:8f:ea:22:e5:39:75:fe:b4:e4:46:8e: c0:64:ca:b3:4b:9e:eb:c6:35:cd:53:4e:fa:64:57:0c:a3:94: 7a:83:d7:11:02:e9:fd:13:33:45:b4:3d:16:62:35:9c:e5:a2: 8c:10:bb:c6:ce:d7:92:8c:05:0e:4d:8c:a1:f8:ca:6e:13:d6: cf:4e:ff:f3:0f:de:14:b0:87:54:d1:42:b6:e9:f4:23:1f:6c: 1d:1e:02:45:b1:d5:fb:10:d2:fb:ba:b7:0b:54:50:a4:ff:7e: bd:07:2b:6e:32:e9:2e:09:7e:b8:53:11:7a:7d:6e:37:2e:02: 14:f4:b8:58:2b:2f:1b:67:1f:1e:71:cc:8b:77:29:a0:94:53: 01:55:e5:e9:da:3a:55:da:41:df:1c:24:6a:c1:55:f2:a5:eb: bc:58:19:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEJFOTYxMTAvBgNVBAUTKEZFNEIyRTU0RjE4MEM4MDlBRjFFQzk5RTlBN0M3RTI3 MzJEOUREQTYwHhcNMjUwNzIwMTczMDUwWhcNMjUwNzI3MTczMDUwWjAYMRYwFAYD VQQDEw02ODdkMjdjYS0wYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3yo4fIMssBNVjybOOpvn3dbmJCHZmKBH3OKJty5kjuZ2JdCgdcqh5YGw0xuY v6RjTu9X8pT9Dm4VtW/BWZ9B53f77E82nCYoytLDIHndyc2veOM7F1T8FedlC2Uk zZ/+AyLELIuBepAs+/qo1s/dePaQA5oA3b3NSY6+tGS5pyH2CIag/KmldyVVSS+y qepxYio0KwDHJl6KPkmH5zy8Z1beKH2Obin6KdSjCN055DCkrhlAKOKdFp1v2yIN e8aFRuZPQQv6bvCJF92CK7fEDWru51fYAOKt83kngzg/Za43ZlxM0WhJvX9mkgYq u4B7PGACkcVwYR0p+Q9hM//VuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAhDlnaM c3mT6EV84RqzLKiwCxdmMB8GA1UdIwQYMBaAFP5LLlTxgMgJrx7Jnpp8ficy2d2m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkU5Ni9FREE2NUFDNDU1 RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlBbXZIc21lbW54LUp6TFoz YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19rc3VWUEdBeUFtdkhzbWVtbngtSnpMWjNhWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QkU5Ni9FREE2NUFDNDU1RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlB bXZIc21lbW54LUp6TFozYVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaXfkIDAobz7hRIXAnaziWA26PqTX0UEQ5O5YopZJyg3m2pj2JEdJG HULXJasR1kNEuGA9lVtTHK0Uq4Cii6q7qqugSRVTVB6aevnCe5SyzHPT6msAcfDl e9WnjSX0t/EPj+oi5Tl1/rTkRo7AZMqzS57rxjXNU076ZFcMo5R6g9cRAun9EzNF tD0WYjWc5aKMELvGzteSjAUOTYyh+MpuE9bPTv/zD94UsIdU0UK26fQjH2wdHgJF sdX7ENL7urcLVFCk/369BytuMukuCX64UxF6fW43LgIU9LhYKy8bZx8eccyLdymg lFMBVeXp2jpV2kHfHCRqwVXypeu8WBnO -----END CERTIFICATE-----Generated at Mon Jul 21 07:07:55 2025 by rpki-client