$ rpki-client -vvf rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft File: LOCE4B2sa01jSTjXbOraWWNVvVM.mft (raw, json) Hash identifier: j304NpHMoRRuJqnTnhedrMLIQix7DCZFDikKUTcYvIo= Subject key identifier: 93:DC:BB:34:CF:97:FC:E6:E5:7C:1C:D7:FD:9A:78:8A:7F:F8:00:75 Authority key identifier: 2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 Certificate issuer: /CN=A915EA8F/serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Certificate serial: 025C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft Manifest number: 0258 Signing time: Mon 21 Jul 2025 02:06:22 +0000 Manifest this update: Mon 21 Jul 2025 02:06:21 +0000 Manifest next update: Mon 28 Jul 2025 02:06:21 +0000 Files and hashes: 1: LOCE4B2sa01jSTjXbOraWWNVvVM.crl (hash: xTODplNnKW4IPMUh1kz4O2geVc7RAWdsV2rkPtdf2nw=) 2: 028640A8242B11ED9547B486C4F9AE02.roa (hash: dsbPmjXp/oYWvfHXOZsMcI3WqL8KWucAeTqSoUbpKas=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 02:06:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 604 (0x25c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EA8F, serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Validity Not Before: Jul 21 02:06:21 2025 GMT Not After : Jul 28 02:06:21 2025 GMT Subject: CN=687da09e-f4fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c7:b7:26:5a:2d:04:77:ff:d2:ed:37:22:29: 70:9b:44:57:ba:f9:bf:11:a4:9a:30:b9:f2:26:ce: c7:6f:f2:0b:b9:e3:5f:ee:49:a1:06:b4:36:72:6b: 90:59:48:db:f5:b5:5f:0a:38:09:b9:dc:92:f6:6d: 74:f8:1c:f7:4a:b8:4a:5d:cd:54:d9:01:a9:c8:05: c5:bc:b9:3a:40:84:d4:48:f5:3d:ed:53:13:19:c0: ff:cc:0e:e1:8e:5a:1b:33:a2:b2:1a:b7:b1:11:32: e1:21:df:51:60:40:fc:5e:99:ed:10:ce:4b:f6:a5: 24:6b:e1:3c:77:cc:8a:da:fc:70:d1:7a:59:82:70: 03:cc:8d:d8:b9:10:9b:a6:e8:08:f1:6c:4e:ec:1c: 66:1e:37:7b:c6:13:ef:d1:97:1b:1f:00:51:83:79: b6:c5:22:ee:63:33:be:dc:ee:48:4d:89:3e:a3:f0: 69:77:d4:9e:6a:42:56:9a:39:d8:6d:91:37:40:d2: b5:c8:cd:41:8f:7f:5e:17:81:f1:bb:a9:b7:cb:12: dc:b7:86:ce:e2:49:5e:aa:46:85:f4:b5:fc:d1:09: 5a:b0:8a:e1:f6:fc:8d:5f:a9:e8:cf:a8:1f:b8:ef: 3b:d0:33:30:16:82:86:fb:32:e1:59:ef:04:5f:dd: 8b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:DC:BB:34:CF:97:FC:E6:E5:7C:1C:D7:FD:9A:78:8A:7F:F8:00:75 X509v3 Authority Key Identifier: keyid:2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:48:01:91:2c:71:f8:ff:e1:dd:25:b4:ee:c6:ca:96:cd:25: 65:86:59:40:05:be:5b:48:37:47:32:03:9d:dc:87:63:18:70: fc:c0:67:e9:7a:1f:35:86:d8:12:f4:ea:ef:f1:d9:05:ac:62: b8:df:1e:64:b5:18:57:e4:43:ad:d3:31:ea:7f:bc:88:6c:a8: 20:93:b2:6a:81:a0:32:8e:d5:e1:70:e0:d6:f9:7d:4e:57:53: 82:58:80:2d:f6:a5:95:d3:a6:2e:59:50:a0:5a:89:e1:86:12: 88:f5:60:60:e9:f9:a1:2b:5c:95:3d:16:1c:b6:2a:34:76:37: e4:8b:7e:2f:17:60:86:af:32:4b:4e:23:b4:3b:cf:f7:3d:48: 28:3e:76:e6:22:6d:db:05:c5:b0:5b:61:8d:43:5c:8a:1b:b1: 64:dc:00:ff:da:b3:9a:76:34:a8:43:6b:7a:56:5f:b2:2b:2e: 0e:01:99:5c:22:53:ca:61:32:18:51:81:d7:18:f6:d0:db:ce: fd:e9:7c:51:9b:8a:49:00:76:37:5d:9b:75:0a:14:82:01:58: 34:8b:a4:fd:ea:c9:f7:2a:46:8e:77:ca:3c:de:69:2c:57:67: 11:ce:1c:a4:68:0a:4f:2f:cb:c8:97:c4:1c:3f:4e:36:ed:a4: 2e:b9:53:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVBOEYxMTAvBgNVBAUTKDJDRTA4NEUwMURBQzZCNEQ2MzQ5MzhENzZDRUFEQTU5 NjM1NUJENTMwHhcNMjUwNzIxMDIwNjIxWhcNMjUwNzI4MDIwNjIxWjAYMRYwFAYD VQQDEw02ODdkYTA5ZS1mNGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApMe3JlotBHf/0u03Iilwm0RXuvm/EaSaMLnyJs7Hb/ILueNf7kmhBrQ2cmuQ WUjb9bVfCjgJudyS9m10+Bz3SrhKXc1U2QGpyAXFvLk6QITUSPU97VMTGcD/zA7h jlobM6KyGrexETLhId9RYED8XpntEM5L9qUka+E8d8yK2vxw0XpZgnADzI3YuRCb pugI8WxO7BxmHjd7xhPv0ZcbHwBRg3m2xSLuYzO+3O5ITYk+o/Bpd9SeakJWmjnY bZE3QNK1yM1Bj39eF4Hxu6m3yxLct4bO4kleqkaF9LX80QlasIrh9vyNX6noz6gf uO870DMwFoKG+zLhWe8EX92LaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPcuzTP l/zm5Xwc1/2aeIp/+AB1MB8GA1UdIwQYMBaAFCzghOAdrGtNY0k412zq2lljVb1T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUE4Ri9FM0EzNUJCNDI0 MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2EwMWpTVGpYYk9yYVdXTlZ2 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xPQ0U0QjJzYTAxalNUalhiT3JhV1dOVnZWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RUE4Ri9FM0EzNUJCNDI0MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2Ew MWpTVGpYYk9yYVdXTlZ2Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPSAGRLHH4/+HdJbTuxsqWzSVlhllABb5bSDdHMgOd3IdjGHD8wGfp eh81htgS9Orv8dkFrGK43x5ktRhX5EOt0zHqf7yIbKggk7JqgaAyjtXhcODW+X1O V1OCWIAt9qWV06YuWVCgWonhhhKI9WBg6fmhK1yVPRYctio0djfki34vF2CGrzJL TiO0O8/3PUgoPnbmIm3bBcWwW2GNQ1yKG7Fk3AD/2rOadjSoQ2t6Vl+yKy4OAZlc IlPKYTIYUYHXGPbQ28796XxRm4pJAHY3XZt1ChSCAVg0i6T96sn3KkaOd8o83mks V2cRzhykaApPL8vIl8QcP0427aQuuVOL -----END CERTIFICATE-----Generated at Mon Jul 21 07:30:06 2025 by rpki-client