$ rpki-client -vvf rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.mft File: PUXFozv53U06Htp-0mQGWOH4Mf8.mft (raw, json) Hash identifier: kr8qJotLvu/7YlgdfhykUEtskkFwq1t0kOdErJijFVE= Subject key identifier: AC:54:D2:ED:A2:E5:CF:54:1B:78:07:04:6F:17:9A:2D:6D:84:B9:48 Authority key identifier: 3D:45:C5:A3:3B:F9:DD:4D:3A:1E:DA:7E:D2:64:06:58:E1:F8:31:FF Certificate issuer: /CN=A9166F0E/serialNumber=3D45C5A33BF9DD4D3A1EDA7ED2640658E1F831FF Certificate serial: 0BBA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUXFozv53U06Htp-0mQGWOH4Mf8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.mft Manifest number: 0BB3 Signing time: Fri 18 Jul 2025 19:08:03 +0000 Manifest this update: Fri 18 Jul 2025 19:08:02 +0000 Manifest next update: Fri 25 Jul 2025 19:08:02 +0000 Files and hashes: 1: PUXFozv53U06Htp-0mQGWOH4Mf8.crl (hash: 2tt2N8iER0LadRLtWI84yfCbADhrUVk2sswtEvDpjrM=) 2: A11D7694261F11EAA88CE128C4F9AE02.roa (hash: UABSLYRv5F+q/4e5iQCmZDPY3VJdi+9iaRXz535SqfM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.crl rsync://rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUXFozv53U06Htp-0mQGWOH4Mf8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 19:08:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3002 (0xbba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166F0E, serialNumber=3D45C5A33BF9DD4D3A1EDA7ED2640658E1F831FF Validity Not Before: Jul 18 19:08:02 2025 GMT Not After : Jul 25 19:08:02 2025 GMT Subject: CN=687a9b92-36fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:aa:96:fb:2c:33:b9:1c:79:6c:f4:38:2d:4a: 4d:35:1a:3e:d9:78:13:49:f7:03:9f:03:e4:ba:63: 0d:2c:c4:ec:b6:5b:da:e5:32:c2:dd:69:0d:26:a6: da:7f:5c:59:23:66:05:4a:45:ca:df:d4:74:5b:9b: 0a:3c:a5:08:8c:27:3e:bc:60:60:28:78:ba:bc:db: f7:f3:f8:33:38:64:74:8a:b6:07:3b:95:45:2d:46: 0c:13:00:69:4d:88:54:79:73:fd:40:3a:d4:0f:b1: e1:92:e0:3b:fc:de:20:1e:bf:c8:21:db:08:0a:04: 4d:d5:09:0a:b5:5b:d3:d6:0b:96:cf:87:e3:eb:cc: 0d:b0:30:0f:24:7f:99:19:0e:79:6f:ea:d3:24:36: 6c:85:b5:e2:57:6c:87:e4:57:f8:33:38:21:b3:45: 69:7d:c6:f5:38:97:72:22:d3:46:0a:f4:46:1e:82: df:ec:d2:5d:67:59:e8:f6:ca:b2:dd:5a:a8:dd:94: 17:5a:01:20:0f:28:e1:e7:10:cd:c3:b7:7d:be:af: 8e:b3:20:cb:1a:a2:89:97:b3:b1:a9:25:20:99:b1: 30:eb:83:90:45:71:7e:0d:64:77:a3:c9:c2:ef:41: 0c:f2:32:80:bb:09:f1:b2:4a:c1:51:0e:a5:3b:ea: c2:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:54:D2:ED:A2:E5:CF:54:1B:78:07:04:6F:17:9A:2D:6D:84:B9:48 X509v3 Authority Key Identifier: keyid:3D:45:C5:A3:3B:F9:DD:4D:3A:1E:DA:7E:D2:64:06:58:E1:F8:31:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUXFozv53U06Htp-0mQGWOH4Mf8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166F0E/1A758B0E261F11EAAE2E8F28C4F9AE02/PUXFozv53U06Htp-0mQGWOH4Mf8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:cc:a9:45:c2:fa:1c:9a:d1:a6:0f:85:e9:01:90:5a:33:99: 6a:7c:98:d4:7c:78:bd:7f:07:8d:98:1e:e1:99:87:9d:7c:90: 68:2c:ac:c3:47:1e:6c:2f:b3:d5:bc:8c:df:75:2f:54:3f:24: 50:3e:d1:ba:58:ec:49:29:10:74:e7:b2:0b:30:d5:a8:ba:a6: 36:d2:1e:37:a8:f4:12:f0:52:46:ac:c7:af:19:9f:88:bd:65: 9f:f1:4f:45:a2:8b:55:a8:ba:c0:a7:78:c4:40:5c:c6:aa:24: d5:55:32:4e:dd:a6:45:1d:37:01:a1:4f:41:58:43:b8:ad:95: fc:df:58:60:6d:8f:cb:fa:f9:91:03:05:2f:2e:bc:a0:1a:e1: 52:8c:c1:63:66:cd:60:58:53:44:4a:1c:4a:1c:0d:63:d0:cc: 20:0a:95:bd:58:c4:0d:63:06:be:21:e8:7b:40:bb:d0:b3:57: cd:49:c7:8b:2e:b9:0a:f6:a1:63:08:24:bd:ea:44:13:57:e4: 51:c5:32:4c:d0:49:95:60:52:85:ba:15:c0:64:8b:eb:38:de: 04:02:bf:7c:ba:38:c8:a1:01:a2:71:a4:20:8f:0f:90:07:84: 5b:c8:8d:b4:74:84:e2:4d:65:ed:53:02:32:b5:15:5d:56:20: 01:d2:0b:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZGMEUxMTAvBgNVBAUTKDNENDVDNUEzM0JGOURENEQzQTFFREE3RUQyNjQwNjU4 RTFGODMxRkYwHhcNMjUwNzE4MTkwODAyWhcNMjUwNzI1MTkwODAyWjAYMRYwFAYD VQQDEw02ODdhOWI5Mi0zNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1aqW+ywzuRx5bPQ4LUpNNRo+2XgTSfcDnwPkumMNLMTstlva5TLC3WkNJqba f1xZI2YFSkXK39R0W5sKPKUIjCc+vGBgKHi6vNv38/gzOGR0irYHO5VFLUYMEwBp TYhUeXP9QDrUD7HhkuA7/N4gHr/IIdsICgRN1QkKtVvT1guWz4fj68wNsDAPJH+Z GQ55b+rTJDZshbXiV2yH5Ff4Mzghs0Vpfcb1OJdyItNGCvRGHoLf7NJdZ1no9sqy 3Vqo3ZQXWgEgDyjh5xDNw7d9vq+OsyDLGqKJl7OxqSUgmbEw64OQRXF+DWR3o8nC 70EM8jKAuwnxskrBUQ6lO+rCawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKxU0u2i 5c9UG3gHBG8Xmi1thLlIMB8GA1UdIwQYMBaAFD1FxaM7+d1NOh7aftJkBljh+DH/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkYwRS8xQTc1OEIwRTI2 MUYxMUVBQUUyRThGMjhDNEY5QUUwMi9QVVhGb3p2NTNVMDZIdHAtMG1RR1dPSDRN ZjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BVWEZvenY1M1UwNkh0cC0wbVFHV09INE1mOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkYwRS8xQTc1OEIwRTI2MUYxMUVBQUUyRThGMjhDNEY5QUUwMi9QVVhGb3p2NTNV MDZIdHAtMG1RR1dPSDRNZjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCzKlFwvocmtGmD4XpAZBaM5lqfJjUfHi9fweNmB7hmYedfJBoLKzD Rx5sL7PVvIzfdS9UPyRQPtG6WOxJKRB057ILMNWouqY20h43qPQS8FJGrMevGZ+I vWWf8U9FootVqLrAp3jEQFzGqiTVVTJO3aZFHTcBoU9BWEO4rZX831hgbY/L+vmR AwUvLrygGuFSjMFjZs1gWFNEShxKHA1j0MwgCpW9WMQNYwa+Ieh7QLvQs1fNSceL LrkK9qFjCCS96kQTV+RRxTJM0EmVYFKFuhXAZIvrON4EAr98ujjIoQGicaQgjw+Q B4RbyI20dITiTWXtUwIytRVdViAB0gtK -----END CERTIFICATE-----Generated at Sun Jul 20 03:42:24 2025 by rpki-client