$ rpki-client -vvf rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.mft File: 8qiUEKVLBHj2ArcxIAUVHClcc3k.mft (raw, json) Hash identifier: RbSV95R6xmrZiyIyGHOt7/CT80gKUnc1OOzPN7fzyCM= Subject key identifier: 4C:D0:FF:FF:73:2E:A6:82:F2:6F:58:FA:BB:47:40:AB:BA:30:E5:35 Authority key identifier: F2:A8:94:10:A5:4B:04:78:F6:02:B7:31:20:05:15:1C:29:5C:73:79 Certificate issuer: /CN=A9175300/serialNumber=F2A89410A54B0478F602B7312005151C295C7379 Certificate serial: 0CC8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.mft Manifest number: 0CC1 Signing time: Sun 20 Jul 2025 18:09:43 +0000 Manifest this update: Sun 20 Jul 2025 18:09:42 +0000 Manifest next update: Sun 27 Jul 2025 18:09:42 +0000 Files and hashes: 1: 8qiUEKVLBHj2ArcxIAUVHClcc3k.crl (hash: Wtr00ig8Nrw+sCI/4HOTNQmOs0RkdI/3scOzPEgxe/o=) 2: 68EB3B00F18E11E997528762C4F9AE02.roa (hash: ag4btEEr8nwGBlqow86nAvtb1JX6B7t93yhnFSFUrc4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.crl rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 18:09:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3272 (0xcc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175300, serialNumber=F2A89410A54B0478F602B7312005151C295C7379 Validity Not Before: Jul 20 18:09:42 2025 GMT Not After : Jul 27 18:09:42 2025 GMT Subject: CN=687d30e7-bfa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:49:bc:a2:56:a6:a3:be:62:16:4d:15:32:b4: ed:90:46:57:9f:f8:a3:cb:b4:ca:9e:f9:94:0b:9b: 4a:15:54:82:d7:6b:26:90:43:b3:55:60:af:42:c4: cf:63:1d:87:c5:69:90:fc:53:ee:05:fe:53:85:46: b1:db:d8:34:b3:0b:43:f2:d5:66:e8:fe:d6:86:df: b6:46:f2:65:2f:77:2e:e4:8f:bb:31:43:75:28:50: d9:ac:7c:b9:e7:b9:71:3b:02:60:44:82:bf:08:3a: e1:38:35:1e:25:99:7e:c9:79:e9:7d:9b:c9:71:82: 4a:80:9b:25:b0:57:9c:d2:f6:87:80:f8:92:d6:71: e3:1e:1d:72:d3:0d:ad:b5:e6:f1:3f:29:95:86:40: 4d:e2:52:81:d1:4c:45:27:d9:93:57:8d:e1:76:e1: ed:82:e1:ab:75:3e:de:9e:93:a0:12:67:35:a2:c3: d8:8d:4c:74:2f:e6:f9:8c:f2:66:3b:ee:8f:0b:9c: c5:ea:6e:51:11:67:e9:a0:03:c8:86:b0:a9:9c:11: 7c:fa:e1:d6:b8:46:95:57:aa:75:0b:e1:96:60:af: dc:48:10:8b:00:b4:a4:74:ac:94:0b:78:dd:ec:ef: f4:c1:1b:79:dd:82:04:49:8f:73:ce:11:26:30:c4: be:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:D0:FF:FF:73:2E:A6:82:F2:6F:58:FA:BB:47:40:AB:BA:30:E5:35 X509v3 Authority Key Identifier: keyid:F2:A8:94:10:A5:4B:04:78:F6:02:B7:31:20:05:15:1C:29:5C:73:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:f6:f3:8b:f0:1d:5d:38:07:e2:70:da:4f:28:e6:1f:b1:36: f7:4c:61:34:39:46:48:a5:a2:8a:8d:80:84:02:ba:d4:d6:81: 7d:c4:09:cc:86:54:bb:f0:ec:c1:67:39:13:4c:a3:9d:2a:52: 9d:1c:06:6a:65:69:a4:ef:92:f1:88:d5:df:0b:36:ab:17:83: 24:ca:23:fe:14:92:ca:b9:c1:94:94:f8:31:b4:2e:ee:a0:49: 16:a8:36:29:66:28:a1:37:4d:66:f2:bb:cc:f1:c1:3b:31:30: 3f:dc:4d:9f:33:da:9b:b8:72:bd:66:a9:85:89:26:d6:eb:d2: ad:e1:ac:c5:22:3f:12:89:05:b2:56:ea:ab:39:90:33:16:9e: ee:bf:c2:29:27:05:fe:f1:37:fb:3a:1d:78:80:f9:8f:26:4d: 8f:33:a1:e1:f6:17:5b:72:92:2d:92:4a:e5:cc:08:6e:fd:27: b3:4f:17:9b:6b:5d:d8:b3:e9:c6:84:c0:3a:9a:48:3c:bb:6d: 8c:32:31:a0:4d:b4:82:73:4d:80:a7:4a:3d:27:23:e4:3a:36: bd:ba:8a:f3:9e:f0:24:f8:bd:5f:19:0d:6f:02:2a:7a:23:79: b9:ee:4a:f0:1e:34:dc:75:77:30:d7:a5:62:38:ee:63:1e:70: a6:88:f9:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzUzMDAxMTAvBgNVBAUTKEYyQTg5NDEwQTU0QjA0NzhGNjAyQjczMTIwMDUxNTFD Mjk1QzczNzkwHhcNMjUwNzIwMTgwOTQyWhcNMjUwNzI3MTgwOTQyWjAYMRYwFAYD VQQDEw02ODdkMzBlNy1iZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Em8olamo75iFk0VMrTtkEZXn/ijy7TKnvmUC5tKFVSC12smkEOzVWCvQsTP Yx2HxWmQ/FPuBf5ThUax29g0swtD8tVm6P7Wht+2RvJlL3cu5I+7MUN1KFDZrHy5 57lxOwJgRIK/CDrhODUeJZl+yXnpfZvJcYJKgJslsFec0vaHgPiS1nHjHh1y0w2t tebxPymVhkBN4lKB0UxFJ9mTV43hduHtguGrdT7enpOgEmc1osPYjUx0L+b5jPJm O+6PC5zF6m5REWfpoAPIhrCpnBF8+uHWuEaVV6p1C+GWYK/cSBCLALSkdKyUC3jd 7O/0wRt53YIESY9zzhEmMMS+9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEzQ//9z LqaC8m9Y+rtHQKu6MOU1MB8GA1UdIwQYMBaAFPKolBClSwR49gK3MSAFFRwpXHN5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTMwMC81RUZBRDc2NEYx OEQxMUU5QUQ3NUI4NjBDNEY5QUUwMi84cWlVRUtWTEJIajJBcmN4SUFVVkhDbGNj M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhxaVVFS1ZMQkhqMkFyY3hJQVVWSENsY2Mzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NTMwMC81RUZBRDc2NEYxOEQxMUU5QUQ3NUI4NjBDNEY5QUUwMi84cWlVRUtWTEJI ajJBcmN4SUFVVkhDbGNjM2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBg9vOL8B1dOAficNpPKOYfsTb3TGE0OUZIpaKKjYCEArrU1oF9xAnM hlS78OzBZzkTTKOdKlKdHAZqZWmk75LxiNXfCzarF4MkyiP+FJLKucGUlPgxtC7u oEkWqDYpZiihN01m8rvM8cE7MTA/3E2fM9qbuHK9ZqmFiSbW69Kt4azFIj8SiQWy VuqrOZAzFp7uv8IpJwX+8Tf7Oh14gPmPJk2PM6Hh9hdbcpItkkrlzAhu/SezTxeb a13Ys+nGhMA6mkg8u22MMjGgTbSCc02Ap0o9JyPkOja9uorznvAk+L1fGQ1vAip6 I3m57krwHjTcdXcw16ViOO5jHnCmiPmz -----END CERTIFICATE-----Generated at Mon Jul 21 06:58:43 2025 by rpki-client