$ rpki-client -vvf rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft File: zmNwmX29E9IOXsYWW1qe46KCprA.mft (raw, json) Hash identifier: 39ELcAYH4SGEYTQIuua/GPWy9alAs8hCNgZNyJCMOWY= Subject key identifier: 8E:46:53:B8:C8:0F:F2:58:34:25:16:9A:CA:D9:20:1F:B9:BD:05:1D Authority key identifier: CE:63:70:99:7D:BD:13:D2:0E:5E:C6:16:5B:5A:9E:E3:A2:82:A6:B0 Certificate issuer: /CN=A917ACA8/serialNumber=CE6370997DBD13D20E5EC6165B5A9EE3A282A6B0 Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft Manifest number: 0126 Signing time: Sat 19 Jul 2025 04:55:16 +0000 Manifest this update: Sat 19 Jul 2025 04:55:15 +0000 Manifest next update: Sat 26 Jul 2025 04:55:15 +0000 Files and hashes: 1: zmNwmX29E9IOXsYWW1qe46KCprA.crl (hash: O0dj8m2UMatIrDbNjnjFkCQKQyqGXZ/+BUKY+8RecGI=) 2: 894936BE60A911F098EEE824C4F9AE02.roa (hash: 6+ZtG4tMJV/LeRgQcj4Jq30ubiMB6Q5WScbIN7WAFn8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.crl rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:55:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ACA8, serialNumber=CE6370997DBD13D20E5EC6165B5A9EE3A282A6B0 Validity Not Before: Jul 19 04:55:15 2025 GMT Not After : Jul 26 04:55:15 2025 GMT Subject: CN=687b2534-17ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:b6:8d:09:9c:f1:94:d4:37:b1:9c:76:bf:5a: ca:a2:33:fc:4e:af:5c:d4:be:ce:62:0e:ad:00:8d: a1:b7:92:de:e8:61:6a:4b:0f:3c:d0:8c:df:dc:bb: aa:09:e7:8b:29:f7:64:6e:da:1e:5a:73:d9:17:5e: 53:39:d3:7f:50:76:04:36:4e:50:b0:28:5e:75:35: d4:e5:cd:38:06:6b:05:88:3e:d6:55:6f:e0:49:d9: ca:d8:f9:bf:44:44:31:ca:cf:19:83:cc:58:18:4f: a4:67:4a:65:db:07:e5:1c:49:9d:48:3d:fe:50:82: 93:68:85:b9:1c:24:b3:cc:83:5c:c8:53:f2:56:58: e4:fb:19:aa:71:56:30:ec:f5:35:e5:1d:98:2d:78: 72:cf:37:63:db:e9:2c:44:00:a5:bb:09:1f:ed:c9: 25:ea:c9:d3:13:54:10:2f:1a:2d:cc:b9:62:69:cb: 7a:2c:da:b8:22:cc:c3:6c:50:e5:b3:a7:4b:50:be: ee:73:8d:d7:18:62:a6:5e:9e:15:4b:4f:01:dc:58: f3:9e:25:9b:b7:2a:50:7d:12:1b:2b:da:24:8f:99: bc:55:2e:77:37:f5:b7:3b:29:6a:a0:1d:26:6b:ed: dd:02:5c:a4:1b:9d:ec:17:90:d6:1d:29:af:a9:0f: 67:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:46:53:B8:C8:0F:F2:58:34:25:16:9A:CA:D9:20:1F:B9:BD:05:1D X509v3 Authority Key Identifier: keyid:CE:63:70:99:7D:BD:13:D2:0E:5E:C6:16:5B:5A:9E:E3:A2:82:A6:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:cf:b0:8f:1e:5a:d8:f3:7d:4e:37:4d:83:4d:f3:3c:e2:a5: a3:3a:b1:1f:46:c0:9b:66:2e:19:12:bd:75:42:fc:8b:fb:93: b0:6b:0c:cb:6d:dc:cf:70:3b:cd:1b:1f:68:e2:a2:d2:39:d0: 9d:d1:99:54:ba:2a:40:9a:29:6b:5c:0f:9d:c2:27:96:d4:a9: 60:93:7f:e0:7d:f7:49:d9:64:42:f0:a8:cf:47:cd:26:03:ac: 25:1e:43:93:be:8c:1a:c1:03:6f:03:82:f1:c9:c2:65:d4:c3: 09:69:62:39:ea:db:50:14:c8:65:ec:6b:9c:9b:7b:00:f3:b9: 5a:7d:8b:88:87:ed:d9:e7:66:97:b8:ac:c3:4a:18:0d:d6:29: f2:5e:b0:01:dc:b5:10:18:a9:1f:b5:d8:97:90:01:92:f5:5c: 15:5c:b7:de:bd:1f:fe:9f:a8:8e:d6:32:aa:b0:49:72:75:68: ff:5b:a2:0f:c6:dd:55:68:2e:7a:c7:00:5c:64:ba:b0:d7:ca: c8:e6:82:1f:91:9a:36:60:34:dc:6d:93:2a:5e:cd:7b:29:0e: af:1b:39:5d:33:b4:a6:0b:60:1e:82:01:3b:06:e6:f0:81:06: 75:2e:34:5c:e0:36:d4:ee:56:20:8a:90:cc:9b:a3:cc:a6:11: e8:38:67:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDQTgxMTAvBgNVBAUTKENFNjM3MDk5N0RCRDEzRDIwRTVFQzYxNjVCNUE5RUUz QTI4MkE2QjAwHhcNMjUwNzE5MDQ1NTE1WhcNMjUwNzI2MDQ1NTE1WjAYMRYwFAYD VQQDEw02ODdiMjUzNC0xN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA07aNCZzxlNQ3sZx2v1rKojP8Tq9c1L7OYg6tAI2ht5Le6GFqSw880Izf3Luq CeeLKfdkbtoeWnPZF15TOdN/UHYENk5QsChedTXU5c04BmsFiD7WVW/gSdnK2Pm/ REQxys8Zg8xYGE+kZ0pl2wflHEmdSD3+UIKTaIW5HCSzzINcyFPyVljk+xmqcVYw 7PU15R2YLXhyzzdj2+ksRACluwkf7ckl6snTE1QQLxotzLliact6LNq4IszDbFDl s6dLUL7uc43XGGKmXp4VS08B3FjzniWbtypQfRIbK9okj5m8VS53N/W3OylqoB0m a+3dAlykG53sF5DWHSmvqQ9nsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI5GU7jI D/JYNCUWmsrZIB+5vQUdMB8GA1UdIwQYMBaAFM5jcJl9vRPSDl7GFltanuOigqaw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUNBOC9GOTcxNEFFNkFB RkExMUVFQTIyMUU3MkVDNEY5QUUwMi96bU53bVgyOUU5SU9Yc1lXVzFxZTQ2S0Nw ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ptTndtWDI5RTlJT1hzWVdXMXFlNDZLQ3ByQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUNBOC9GOTcxNEFFNkFBRkExMUVFQTIyMUU3MkVDNEY5QUUwMi96bU53bVgyOUU5 SU9Yc1lXVzFxZTQ2S0NwckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVz7CPHlrY831ON02DTfM84qWjOrEfRsCbZi4ZEr11QvyL+5OwawzL bdzPcDvNGx9o4qLSOdCd0ZlUuipAmilrXA+dwieW1Klgk3/gffdJ2WRC8KjPR80m A6wlHkOTvowawQNvA4LxycJl1MMJaWI56ttQFMhl7Gucm3sA87lafYuIh+3Z52aX uKzDShgN1inyXrAB3LUQGKkftdiXkAGS9VwVXLfevR/+n6iO1jKqsElydWj/W6IP xt1VaC56xwBcZLqw18rI5oIfkZo2YDTcbZMqXs17KQ6vGzldM7SmC2AeggE7Bubw gQZ1LjRc4DbU7lYgipDMm6PMphHoOGeC -----END CERTIFICATE-----Generated at Sun Jul 20 03:24:10 2025 by rpki-client