$ rpki-client -vvf rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft File: zPKlJcCQFETKePBbk5LABFeVZ2E.mft (raw, json) Hash identifier: KJCkaqpahHsP/gLhhmaUhelDDTUK15PawZtCIUYRHro= Subject key identifier: 09:1C:2A:F3:7C:7F:71:CB:F5:F1:D8:5E:19:57:E5:45:2E:6F:AC:68 Authority key identifier: CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 Certificate issuer: /CN=A916A071/serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Certificate serial: 09DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft Manifest number: 09D3 Signing time: Tue 22 Jul 2025 20:12:03 +0000 Manifest this update: Tue 22 Jul 2025 20:12:03 +0000 Manifest next update: Tue 29 Jul 2025 20:12:03 +0000 Files and hashes: 1: zPKlJcCQFETKePBbk5LABFeVZ2E.crl (hash: G3Z7EMYP4G1ir2DOkRdXRO2xIxZmqi/o1x1GqbfJSUs=) 2: 9BAC68CC83C211EABCB66612C4F9AE02.roa (hash: W5ePsoGWgomEoWgiTPJkjSegEKVfUxA0uguQndmw+Ac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:12:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2522 (0x9da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A071, serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Validity Not Before: Jul 22 20:12:03 2025 GMT Not After : Jul 29 20:12:03 2025 GMT Subject: CN=687ff093-9158 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0d:38:86:ff:aa:0e:e1:cd:9c:31:79:82:6c: 1e:2c:22:d6:c4:59:85:96:39:69:fd:ed:19:97:71: ee:87:fe:f4:77:75:ce:7f:bd:ae:e1:f3:19:1b:f9: 42:ea:ff:7b:70:fd:48:0d:f7:f2:73:7c:54:33:28: c9:15:38:8c:da:7c:08:b5:62:bb:59:9f:38:1f:65: 25:59:41:d2:7d:ba:33:e1:eb:6d:15:2e:52:8e:6b: d2:30:1f:7d:2a:e6:da:7c:de:eb:b1:77:e2:23:d0: c5:c0:c6:ef:b3:eb:9f:35:e0:d2:41:86:82:e4:83: a1:f4:f9:5b:95:4e:da:1d:ae:bc:5a:dd:3f:eb:8b: 3a:14:ed:e3:db:77:ac:01:07:64:e6:a6:fc:d1:57: fb:25:06:36:fe:c7:9e:9e:f9:00:7b:f3:a2:2d:90: 0f:95:15:2d:af:07:97:c9:c8:11:7d:49:1c:6c:fe: f3:17:b6:55:bc:b5:b6:e0:43:42:5f:34:08:75:61: f5:ac:4d:68:33:4e:f8:02:96:bd:63:fc:80:8a:6d: 40:55:b6:c1:c5:b2:8b:3a:8b:dc:26:d3:3e:f3:59: ed:dc:82:f4:0d:9f:5b:0a:10:f5:7b:db:89:6b:0a: c0:2a:4e:ea:ab:b2:fd:77:2d:16:4d:7b:81:26:af: aa:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:1C:2A:F3:7C:7F:71:CB:F5:F1:D8:5E:19:57:E5:45:2E:6F:AC:68 X509v3 Authority Key Identifier: keyid:CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:5e:d9:71:f1:3c:4e:30:9e:d1:43:c9:13:08:c7:51:7d:2e: 88:7c:be:75:0f:d5:11:4f:ab:bc:bc:ae:0c:83:bc:58:be:5d: e6:bb:b8:94:af:33:90:fd:d0:5e:1f:0d:e8:f4:06:ab:67:ae: 62:18:50:cf:22:cc:07:bf:d1:50:5c:db:dd:7d:cf:74:ef:60: f2:19:b2:c3:d7:c7:59:07:4a:d3:42:5e:e0:b5:bc:f2:48:84: 9b:e8:56:9e:78:59:f5:0c:83:1d:a1:c3:a3:40:cf:c6:2b:14: 8d:ee:8f:cd:b0:9a:50:37:63:81:31:35:8b:f3:da:9b:a3:57: 89:a7:c2:7d:cd:f7:09:29:6e:ed:6b:1b:41:d8:4f:de:4e:b0: 6f:ef:df:30:fb:e1:1c:1a:59:3c:ff:39:0c:ad:43:98:8b:b6: 76:12:9e:1e:24:6c:25:e8:ba:b3:ae:f1:ec:7d:71:84:8f:97: 00:af:47:2f:3b:00:c0:94:a6:63:4c:b2:36:1c:05:c3:c8:7d: 9e:ff:d2:25:5d:b6:82:9f:1c:d6:ef:9c:ec:5e:79:42:df:ea: 1b:99:87:05:42:26:25:90:43:a7:e4:dd:d9:ab:4d:bd:30:f0: 08:85:aa:a3:74:f2:a5:97:9f:2a:7a:89:b5:3d:99:8f:6e:7c: 98:4f:64:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEwNzExMTAvBgNVBAUTKENDRjJBNTI1QzA5MDE0NDRDQTc4RjA1QjkzOTJDMDA0 NTc5NTY3NjEwHhcNMjUwNzIyMjAxMjAzWhcNMjUwNzI5MjAxMjAzWjAYMRYwFAYD VQQDEw02ODdmZjA5My05MTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0g04hv+qDuHNnDF5gmweLCLWxFmFljlp/e0Zl3Huh/70d3XOf72u4fMZG/lC 6v97cP1IDffyc3xUMyjJFTiM2nwItWK7WZ84H2UlWUHSfboz4ettFS5SjmvSMB99 KubafN7rsXfiI9DFwMbvs+ufNeDSQYaC5IOh9PlblU7aHa68Wt0/64s6FO3j23es AQdk5qb80Vf7JQY2/seenvkAe/OiLZAPlRUtrweXycgRfUkcbP7zF7ZVvLW24ENC XzQIdWH1rE1oM074Apa9Y/yAim1AVbbBxbKLOovcJtM+81nt3IL0DZ9bChD1e9uJ awrAKk7qq7L9dy0WTXuBJq+q5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAkcKvN8 f3HL9fHYXhlX5UUub6xoMB8GA1UdIwQYMBaAFMzypSXAkBREynjwW5OSwARXlWdh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTA3MS8yODBCMDlBNDgz QkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZFVEtlUEJiazVMQUJGZVZa MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pQS2xKY0NRRkVUS2VQQmJrNUxBQkZlVloyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QTA3MS8yODBCMDlBNDgzQkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZF VEtlUEJiazVMQUJGZVZaMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5Xtlx8TxOMJ7RQ8kTCMdRfS6IfL51D9URT6u8vK4Mg7xYvl3mu7iU rzOQ/dBeHw3o9AarZ65iGFDPIswHv9FQXNvdfc9072DyGbLD18dZB0rTQl7gtbzy SISb6FaeeFn1DIMdocOjQM/GKxSN7o/NsJpQN2OBMTWL89qbo1eJp8J9zfcJKW7t axtB2E/eTrBv798w++EcGlk8/zkMrUOYi7Z2Ep4eJGwl6LqzrvHsfXGEj5cAr0cv OwDAlKZjTLI2HAXDyH2e/9IlXbaCnxzW75zsXnlC3+obmYcFQiYlkEOn5N3Zq029 MPAIhaqjdPKll58qeom1PZmPbnyYT2QU -----END CERTIFICATE-----Generated at Thu Jul 24 12:24:17 2025 by rpki-client