$ rpki-client -vvf rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.mft File: -bj5HSkovqo1HMNFxHNpMv2GOfE.mft (raw, json) Hash identifier: 42Tp3nqlmmEMyn7AiI9tR3WC80b1O5Aw7dPfw8Sf/j0= Subject key identifier: 70:F9:A0:61:D1:C2:5F:41:B6:C3:9C:5D:CE:70:3A:21:1A:47:B5:32 Authority key identifier: F9:B8:F9:1D:29:28:BE:AA:35:1C:C3:45:C4:73:69:32:FD:86:39:F1 Certificate issuer: /CN=A917C2CC/serialNumber=F9B8F91D2928BEAA351CC345C4736932FD8639F1 Certificate serial: 0F32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bj5HSkovqo1HMNFxHNpMv2GOfE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.mft Manifest number: 0F28 Signing time: Tue 22 Jul 2025 17:46:29 +0000 Manifest this update: Tue 22 Jul 2025 17:46:28 +0000 Manifest next update: Tue 29 Jul 2025 17:46:28 +0000 Files and hashes: 1: -bj5HSkovqo1HMNFxHNpMv2GOfE.crl (hash: uu/04GklBmVX0crUVwxwpjd4qUOtorP6ZgpyIUNZ448=) 2: 39275D0C232511EC925DF318C4F9AE02.roa (hash: kMA98lH1wtLYavwio/f29E4JAww9w+abzPZIVQ6M1dk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.crl rsync://rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bj5HSkovqo1HMNFxHNpMv2GOfE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 17:46:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3890 (0xf32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C2CC, serialNumber=F9B8F91D2928BEAA351CC345C4736932FD8639F1 Validity Not Before: Jul 22 17:46:28 2025 GMT Not After : Jul 29 17:46:28 2025 GMT Subject: CN=687fce74-dffd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:7e:a5:4e:62:21:0a:73:7c:cb:a4:71:9a:0d: a4:05:a9:db:c9:6f:e3:02:55:f7:d6:5c:1f:fa:6d: 62:3f:8f:cd:aa:f6:bb:1f:cd:14:80:21:1b:66:7a: 74:84:45:29:50:ba:4f:3c:59:0e:e2:0a:aa:2f:f0: c8:02:38:d2:c9:55:44:05:19:68:54:e2:46:52:1e: c1:6f:bf:af:e9:c1:38:bb:15:7f:6c:9d:84:9a:4a: 53:64:64:06:ae:af:57:c0:c3:23:7c:d3:36:1e:21: 65:65:aa:e4:62:eb:8f:f0:ce:62:f0:55:d7:6b:f6: 02:a0:7f:94:6b:27:22:ed:18:c3:7c:bd:cc:0d:6e: 08:67:d6:22:2c:2c:6e:02:8a:c1:9d:1b:23:39:2e: fc:e8:2e:ab:db:66:0b:af:5f:7f:8f:22:36:5d:f3: 78:05:40:e2:c2:68:7f:04:8a:6d:88:dd:5b:39:fe: 0f:fb:db:9e:5f:4c:c3:53:36:5d:8c:b6:48:0a:d2: 90:a1:5c:06:15:3a:bf:5a:7e:8d:c5:a6:b6:e5:65: 63:78:2b:8d:22:35:db:02:d5:db:13:44:88:69:49: 82:61:c3:40:aa:11:2b:d2:a1:36:6c:35:ae:05:7f: 9c:38:5e:74:7e:b5:23:24:b8:42:1f:5a:22:a2:df: a0:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:F9:A0:61:D1:C2:5F:41:B6:C3:9C:5D:CE:70:3A:21:1A:47:B5:32 X509v3 Authority Key Identifier: keyid:F9:B8:F9:1D:29:28:BE:AA:35:1C:C3:45:C4:73:69:32:FD:86:39:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bj5HSkovqo1HMNFxHNpMv2GOfE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C2CC/CC19387678DA11E9901B7F4DC4F9AE02/-bj5HSkovqo1HMNFxHNpMv2GOfE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:01:56:5b:bd:f4:05:ac:8e:d4:4e:3a:3f:aa:9f:ce:6b:61: 11:8f:8f:e9:69:ac:e6:5a:fd:11:5c:b3:3c:3f:4c:39:8a:6e: 82:ef:eb:d1:77:b4:5a:20:03:06:44:3a:8e:97:92:dc:de:f7: 0f:83:13:c8:d5:51:db:49:f2:4c:46:79:8a:cd:95:e8:ff:f2: d6:6c:c0:6a:c1:c1:ee:74:77:c0:57:35:7c:f1:be:5e:3b:f4: 46:22:01:f9:fd:a9:09:b2:5a:06:e6:4f:96:16:a9:bd:d9:df: 2d:9f:19:cc:e7:21:10:30:0a:48:d7:97:f6:fc:31:70:30:f4: 13:3d:6a:94:f1:97:ee:1a:63:cf:07:09:86:66:2c:f1:c7:d9: 11:b4:71:db:1b:bc:96:1e:7f:39:0e:ea:94:60:92:4b:d1:41: 25:e6:ce:3f:51:01:6a:59:e5:4e:24:62:a1:a8:22:03:5c:32: ec:e0:ad:65:4d:2f:30:f1:73:dc:bb:0a:c0:58:df:9d:a2:b9: dd:9a:2c:24:2b:c5:f6:9e:72:39:3b:19:6a:90:0e:f3:e1:77: c6:3c:42:3a:87:83:bf:a2:05:23:a2:fb:f5:dd:c6:e4:91:ff: 8a:9b:f9:d5:9e:14:ec:ae:09:c1:05:5a:98:ae:3a:42:0d:cd: a5:f1:c8:ae -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0MyQ0MxMTAvBgNVBAUTKEY5QjhGOTFEMjkyOEJFQUEzNTFDQzM0NUM0NzM2OTMy RkQ4NjM5RjEwHhcNMjUwNzIyMTc0NjI4WhcNMjUwNzI5MTc0NjI4WjAYMRYwFAYD VQQDEw02ODdmY2U3NC1kZmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyn6lTmIhCnN8y6Rxmg2kBanbyW/jAlX31lwf+m1iP4/Nqva7H80UgCEbZnp0 hEUpULpPPFkO4gqqL/DIAjjSyVVEBRloVOJGUh7Bb7+v6cE4uxV/bJ2EmkpTZGQG rq9XwMMjfNM2HiFlZarkYuuP8M5i8FXXa/YCoH+Uayci7RjDfL3MDW4IZ9YiLCxu AorBnRsjOS786C6r22YLr19/jyI2XfN4BUDiwmh/BIptiN1bOf4P+9ueX0zDUzZd jLZICtKQoVwGFTq/Wn6Nxaa25WVjeCuNIjXbAtXbE0SIaUmCYcNAqhEr0qE2bDWu BX+cOF50frUjJLhCH1oiot+gRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHD5oGHR wl9BtsOcXc5wOiEaR7UyMB8GA1UdIwQYMBaAFPm4+R0pKL6qNRzDRcRzaTL9hjnx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzJDQy9DQzE5Mzg3Njc4 REExMUU5OTAxQjdGNERDNEY5QUUwMi8tYmo1SFNrb3ZxbzFITU5GeEhOcE12MkdP ZkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1iajVIU2tvdnFvMUhNTkZ4SE5wTXYyR09mRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzJDQy9DQzE5Mzg3Njc4REExMUU5OTAxQjdGNERDNEY5QUUwMi8tYmo1SFNrb3Zx bzFITU5GeEhOcE12MkdPZkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHAVZbvfQFrI7UTjo/qp/Oa2ERj4/paazmWv0RXLM8P0w5im6C7+vR d7RaIAMGRDqOl5Lc3vcPgxPI1VHbSfJMRnmKzZXo//LWbMBqwcHudHfAVzV88b5e O/RGIgH5/akJsloG5k+WFqm92d8tnxnM5yEQMApI15f2/DFwMPQTPWqU8ZfuGmPP BwmGZizxx9kRtHHbG7yWHn85DuqUYJJL0UEl5s4/UQFqWeVOJGKhqCIDXDLs4K1l TS8w8XPcuwrAWN+dorndmiwkK8X2nnI5OxlqkA7z4XfGPEI6h4O/ogUjovv13cbk kf+Km/nVnhTsrgnBBVqYrjpCDc2l8ciu -----END CERTIFICATE-----Generated at Wed Jul 23 12:26:05 2025 by rpki-client