$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft File: 2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json) Hash identifier: /XA8u9Dc3AqhwF2hgKHH2M0sMilGMYmJEqjG8yhH+mA= Subject key identifier: 3B:7B:FC:BE:F1:5E:47:30:92:F8:24:FA:2C:C1:6D:58:44:17:44:B0 Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A Certificate issuer: /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Certificate serial: 0695 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft Manifest number: 07C3 Signing time: Fri 18 Jul 2025 21:09:18 +0000 Manifest this update: Fri 18 Jul 2025 21:09:18 +0000 Manifest next update: Fri 25 Jul 2025 21:09:18 +0000 Files and hashes: 1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: +FKHuLeo2KmCY/o1wZ++SBWHCj8bQ6vAOcdOKzD3juM=) 2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1685 (0x695) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Validity Not Before: Jul 18 21:09:18 2025 GMT Not After : Jul 25 21:09:18 2025 GMT Subject: CN=687ab7fe-e9f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:21:b6:8a:d7:56:7b:9c:c1:80:5a:30:90:06: 05:65:f6:9a:dc:33:c9:8d:85:cd:8f:f9:91:d2:3b: e2:3a:e4:0a:e8:fa:4d:f8:14:65:92:a9:63:2f:27: 8f:56:37:02:96:5c:e6:20:84:42:30:23:14:65:67: 0a:01:3f:23:db:da:5b:73:47:f0:d0:d7:97:75:94: 99:a9:79:df:09:96:d6:f0:6f:d2:5c:d3:c3:f6:41: 8e:db:c2:be:f5:59:e3:5f:9b:64:d4:bd:d3:e6:52: ee:16:f8:3e:9a:3d:86:11:eb:47:06:5a:da:1d:7f: 63:93:2d:57:27:a8:4d:bb:9b:20:b5:30:c7:59:c2: 4e:12:31:0a:ba:07:dd:24:5b:ab:87:90:13:94:de: 80:fc:7b:fc:53:38:ef:bc:51:2c:0c:61:37:20:33: ea:9a:f7:9b:2f:31:b4:9d:59:39:10:57:3a:f6:8b: a0:42:c5:0e:c2:e7:50:f6:c5:3e:78:51:c7:10:ab: bc:48:da:5c:e1:8c:c9:35:b3:ee:84:1d:d6:78:26: 61:dc:91:a5:0c:84:33:75:e5:bb:b4:7e:bb:e9:a2: 16:c3:57:82:cc:2c:f5:07:6a:2c:b8:7c:9c:4b:98: ca:a9:e9:ba:38:87:2a:4e:f0:01:77:35:46:60:83: 37:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:7B:FC:BE:F1:5E:47:30:92:F8:24:FA:2C:C1:6D:58:44:17:44:B0 X509v3 Authority Key Identifier: keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:72:64:27:32:b0:e5:6a:9d:2f:bc:76:29:8a:ff:c3:c0:10: cb:79:6f:dd:15:9d:11:79:6c:cb:bc:58:98:12:54:94:7c:d7: 8e:1a:04:77:97:06:bc:2c:92:07:c5:90:42:f6:26:74:1f:af: 7d:1e:1b:12:41:c6:aa:17:e3:1b:00:ad:96:ce:f2:32:04:43: eb:46:3d:12:ff:c3:2b:1c:97:36:c1:7d:42:3d:f1:1a:49:47: 5f:35:38:36:fa:e7:a6:a2:55:3d:59:f1:72:0e:85:8e:b5:36: 15:65:5d:2f:b9:2f:fd:f4:44:59:69:98:1a:8a:ee:f4:74:42: 44:6f:fc:e9:b2:80:5a:97:ea:2d:d5:6e:cb:3d:95:c8:2a:f0: 27:7b:c7:04:f1:08:f2:d0:8f:00:02:39:2b:36:99:d8:02:d1: b3:0e:76:59:0c:84:80:81:5a:54:31:fb:95:89:14:58:7e:8b: ff:e4:81:27:7d:48:5e:8b:95:50:10:ae:54:5b:ee:20:e4:89: b2:c7:9a:b6:cf:73:c2:f7:b9:e2:63:ef:1f:cc:1b:4b:ca:99: b3:3b:f1:da:e2:b7:d0:ec:e4:12:d8:5d:d8:a0:24:cb:33:99: 11:bc:43:b2:10:d9:dc:eb:3d:d6:43:29:82:60:14:73:e2:28: 8f:b1:0f:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF NTIyMzdFOEEwHhcNMjUwNzE4MjEwOTE4WhcNMjUwNzI1MjEwOTE4WjAYMRYwFAYD VQQDEw02ODdhYjdmZS1lOWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAryG2itdWe5zBgFowkAYFZfaa3DPJjYXNj/mR0jviOuQK6PpN+BRlkqljLyeP VjcCllzmIIRCMCMUZWcKAT8j29pbc0fw0NeXdZSZqXnfCZbW8G/SXNPD9kGO28K+ 9VnjX5tk1L3T5lLuFvg+mj2GEetHBlraHX9jky1XJ6hNu5sgtTDHWcJOEjEKugfd JFurh5ATlN6A/Hv8UzjvvFEsDGE3IDPqmvebLzG0nVk5EFc69ougQsUOwudQ9sU+ eFHHEKu8SNpc4YzJNbPuhB3WeCZh3JGlDIQzdeW7tH676aIWw1eCzCz1B2osuHyc S5jKqem6OIcqTvABdzVGYIM3owIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDt7/L7x Xkcwkvgk+izBbVhEF0SwMB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4 NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBcmQnMrDlap0vvHYpiv/DwBDLeW/dFZ0ReWzLvFiYElSUfNeOGgR3 lwa8LJIHxZBC9iZ0H699HhsSQcaqF+MbAK2WzvIyBEPrRj0S/8MrHJc2wX1CPfEa SUdfNTg2+uemolU9WfFyDoWOtTYVZV0vuS/99ERZaZgaiu70dEJEb/zpsoBal+ot 1W7LPZXIKvAne8cE8Qjy0I8AAjkrNpnYAtGzDnZZDISAgVpUMfuViRRYfov/5IEn fUhei5VQEK5UW+4g5Imyx5q2z3PC97niY+8fzBtLypmzO/Ha4rfQ7OQS2F3YoCTL M5kRvEOyENnc6z3WQymCYBRz4iiPsQ/H -----END CERTIFICATE-----Generated at Sun Jul 20 07:36:25 2025 by rpki-client