$ rpki-client -vvf rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.mft File: g1KnNOghRPMixQtyik92WjPXIlY.mft (raw, json) Hash identifier: myEP1KUPXIqrULx+QIAO5Ks3/HR7+fyaDKZO4b40/nE= Subject key identifier: E6:46:23:CD:5F:C8:BB:E2:BA:2F:6A:8E:D9:78:CA:C0:CB:08:5C:5E Authority key identifier: 83:52:A7:34:E8:21:44:F3:22:C5:0B:72:8A:4F:76:5A:33:D7:22:56 Certificate issuer: /CN=A917357E/serialNumber=8352A734E82144F322C50B728A4F765A33D72256 Certificate serial: 0242 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1KnNOghRPMixQtyik92WjPXIlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.mft Manifest number: 0676 Signing time: Sat 19 Jul 2025 00:37:27 +0000 Manifest this update: Sat 19 Jul 2025 00:37:26 +0000 Manifest next update: Sat 26 Jul 2025 00:37:26 +0000 Files and hashes: 1: g1KnNOghRPMixQtyik92WjPXIlY.crl (hash: KRejq7fecQ5T8ZrmndjAxZMKNnPNSYD6TFKBvAjmg44=) 2: 21E1440A1E7711EFB69BE070C4F9AE02.roa (hash: 6xK46XhJtyZvl0GV6Tg9wg5kNg7cdtZOaQsNEIc5Pf4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.crl rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1KnNOghRPMixQtyik92WjPXIlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:37:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 578 (0x242) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917357E, serialNumber=8352A734E82144F322C50B728A4F765A33D72256 Validity Not Before: Jul 19 00:37:26 2025 GMT Not After : Jul 26 00:37:26 2025 GMT Subject: CN=687ae8c7-2f8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3f:a0:e1:2c:c7:71:42:17:85:6b:06:16:3e: 2a:6e:e6:d0:df:59:08:39:e9:00:ae:11:3a:71:72: b1:06:d2:41:ed:ec:7e:18:4d:f8:ce:84:ad:20:f2: d3:6b:71:50:28:8a:1f:5d:37:a5:26:df:de:3c:5e: ff:27:c0:01:14:0c:ec:cc:de:d4:0e:66:b1:a9:b9: ba:03:53:e1:a9:46:b0:70:43:e2:c9:0f:5f:58:e3: 3a:1f:22:e3:3d:07:55:e7:12:59:ed:2f:b4:fa:f5: e7:d8:bb:2d:9d:87:23:5e:d3:af:2b:bc:aa:10:48: b1:a6:2a:a4:89:34:d8:e4:da:24:ba:20:fc:f0:24: bb:0d:11:c3:e3:a7:38:83:c0:f7:49:2e:0c:ef:ea: e5:cc:d1:72:5f:b3:15:e0:45:7a:7e:c3:16:30:8f: 89:9e:a6:0f:d7:5b:f4:15:8a:4c:75:94:ba:85:81: b6:45:6c:ea:90:7b:f0:06:bc:63:37:4e:17:2e:6f: a3:7c:61:48:01:c0:09:13:40:5b:14:63:a3:5b:4c: 54:a5:1e:a7:a0:ed:9f:4c:8e:78:c0:ad:0f:36:5c: b9:11:47:f7:ed:f6:50:e6:3b:07:d2:2f:a4:9d:45: 77:9e:5a:f8:fa:48:fb:a9:f3:16:b0:d6:3a:d7:5c: 78:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:46:23:CD:5F:C8:BB:E2:BA:2F:6A:8E:D9:78:CA:C0:CB:08:5C:5E X509v3 Authority Key Identifier: keyid:83:52:A7:34:E8:21:44:F3:22:C5:0B:72:8A:4F:76:5A:33:D7:22:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1KnNOghRPMixQtyik92WjPXIlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/g1KnNOghRPMixQtyik92WjPXIlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:88:f4:8b:5e:2a:b2:99:d1:05:02:e6:c7:7d:16:6d:71:2a: 93:54:bc:c4:c6:d1:61:de:38:da:87:c8:d6:2c:71:8d:61:0a: 2f:45:ad:86:b8:e0:a6:73:0e:2e:10:80:d0:58:25:f9:ba:0f: c2:1b:6c:7c:73:66:01:16:9a:1a:f4:e8:06:34:64:0a:c3:4b: 4d:7a:eb:1d:75:93:ac:e7:2b:f3:c3:93:e7:23:65:0d:ee:73: 8d:6e:cc:e1:75:0d:5d:0f:c4:5a:ef:a4:50:63:85:c7:aa:01: 04:29:b6:32:1a:e5:50:a9:6a:eb:52:35:69:d2:66:ae:cc:67: d2:f9:85:7c:24:c4:6a:7c:e9:ef:e2:ee:f3:f1:45:5a:10:5c: 04:d9:ee:58:45:d9:2d:d5:ec:be:2c:95:4d:4f:0f:c2:de:3d: bb:31:2d:47:44:ba:7f:e8:0a:6b:3d:1a:34:54:e5:74:89:5e: db:71:b3:b3:92:09:97:b4:fc:3a:cb:9c:c5:ab:98:ae:68:ef: 2b:4f:e0:b1:2e:82:00:36:97:76:d1:78:6f:da:48:6e:6c:e3: df:a5:34:bd:f9:b0:de:5e:41:24:02:28:c6:6b:1e:6e:5d:70: 6d:25:23:b4:cd:fa:f6:ca:61:c7:5d:35:56:41:16:ed:14:b6: 67:94:65:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzM1N0UxMTAvBgNVBAUTKDgzNTJBNzM0RTgyMTQ0RjMyMkM1MEI3MjhBNEY3NjVB MzNENzIyNTYwHhcNMjUwNzE5MDAzNzI2WhcNMjUwNzI2MDAzNzI2WjAYMRYwFAYD VQQDEw02ODdhZThjNy0yZjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuz+g4SzHcUIXhWsGFj4qbubQ31kIOekArhE6cXKxBtJB7ex+GE34zoStIPLT a3FQKIofXTelJt/ePF7/J8ABFAzszN7UDmaxqbm6A1PhqUawcEPiyQ9fWOM6HyLj PQdV5xJZ7S+0+vXn2LstnYcjXtOvK7yqEEixpiqkiTTY5NokuiD88CS7DRHD46c4 g8D3SS4M7+rlzNFyX7MV4EV6fsMWMI+JnqYP11v0FYpMdZS6hYG2RWzqkHvwBrxj N04XLm+jfGFIAcAJE0BbFGOjW0xUpR6noO2fTI54wK0PNly5EUf37fZQ5jsH0i+k nUV3nlr4+kj7qfMWsNY611x4UwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOZGI81f yLviui9qjtl4ysDLCFxeMB8GA1UdIwQYMBaAFINSpzToIUTzIsULcopPdloz1yJW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzU3RS82MDJENzZEODVE NzMxMUVDQTMyNDg4NTNDNEY5QUUwMi9nMUtuTk9naFJQTWl4UXR5aWs5MldqUFhJ bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2cxS25OT2doUlBNaXhRdHlpazkyV2pQWElsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MzU3RS82MDJENzZEODVENzMxMUVDQTMyNDg4NTNDNEY5QUUwMi9nMUtuTk9naFJQ TWl4UXR5aWs5MldqUFhJbFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXiPSLXiqymdEFAubHfRZtcSqTVLzExtFh3jjah8jWLHGNYQovRa2G uOCmcw4uEIDQWCX5ug/CG2x8c2YBFpoa9OgGNGQKw0tNeusddZOs5yvzw5PnI2UN 7nONbszhdQ1dD8Ra76RQY4XHqgEEKbYyGuVQqWrrUjVp0mauzGfS+YV8JMRqfOnv 4u7z8UVaEFwE2e5YRdkt1ey+LJVNTw/C3j27MS1HRLp/6AprPRo0VOV0iV7bcbOz kgmXtPw6y5zFq5iuaO8rT+CxLoIANpd20Xhv2khubOPfpTS9+bDeXkEkAijGax5u XXBtJSO0zfr2ymHHXTVWQRbtFLZnlGVG -----END CERTIFICATE-----Generated at Sun Jul 20 16:35:58 2025 by rpki-client