$ rpki-client -vvf rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.mft File: kEojXLR0fghgD8HSa5P1HEZ066o.mft (raw, json) Hash identifier: IqvVIJcx//pXshXEV0ZXDFgni7ZqyAkT01YFuc1XyL8= Subject key identifier: 05:3F:EF:08:D8:CB:C5:AE:65:76:6E:31:9F:AA:08:7D:92:24:F8:BD Authority key identifier: 90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA Certificate issuer: /CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA Certificate serial: 03F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.mft Manifest number: 03DE Signing time: Sat 19 Jul 2025 01:00:15 +0000 Manifest this update: Sat 19 Jul 2025 01:00:15 +0000 Manifest next update: Sat 26 Jul 2025 01:00:15 +0000 Files and hashes: 1: kEojXLR0fghgD8HSa5P1HEZ066o.crl (hash: AUGkaH9F8y8YgKb/ZFpJbQJYc4cDZdAFSjT7krG+6F0=) 2: 155309DAFF3B11EF87CAB56EC4F9AE02.roa (hash: sKV1Z0cYRUE+VWc2YxnGxIUnhyBPTtnJSFk2o11IcBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 01:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1012 (0x3f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F247, serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA Validity Not Before: Jul 19 01:00:15 2025 GMT Not After : Jul 26 01:00:15 2025 GMT Subject: CN=687aee1f-de6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fe:ca:20:9a:51:56:29:30:91:e4:72:4b:cc: ec:3c:fa:f4:d2:b1:5d:f8:ae:94:3a:06:11:50:ee: 4d:4b:ef:3a:10:a9:05:e4:ab:31:32:01:b5:f0:e3: 65:49:0d:fc:cf:3e:ce:a0:cd:a0:c6:67:02:43:8a: 13:b1:9f:d8:b9:70:ad:ed:d0:2c:a7:f8:38:7e:52: 95:e4:f3:a0:e3:01:d0:1a:e9:57:f8:c5:0a:7e:8f: 41:68:4e:b8:2f:6d:da:06:d4:fc:c6:73:73:9d:ef: 72:4d:1e:2e:ec:a7:44:c4:d1:6a:13:0e:0b:19:d9: 81:9e:8b:e7:eb:d1:03:be:59:62:47:2e:92:b8:19: ec:33:55:3a:8e:2f:9a:1c:7b:f7:bb:10:8e:4f:27: fa:9a:63:dd:e5:09:cf:fa:b4:1f:d2:05:36:e1:2d: f5:5c:9a:f1:9d:b9:3d:73:21:73:54:e9:cc:d6:9d: c5:bf:91:c2:ac:82:f1:47:c2:1a:37:25:09:a6:53: 88:e9:7f:d5:86:94:f5:ef:fa:c5:1b:9e:04:1f:c8: dd:d9:e8:ce:30:5b:7a:52:b5:aa:c0:c0:d1:6d:77: 7f:04:ce:1a:94:72:7a:9d:c1:93:81:35:f6:19:35: 32:64:01:49:7e:17:c2:3a:d8:7c:bc:94:97:5f:96: a7:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:3F:EF:08:D8:CB:C5:AE:65:76:6E:31:9F:AA:08:7D:92:24:F8:BD X509v3 Authority Key Identifier: keyid:90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:03:68:d1:eb:12:bb:ab:08:40:09:ff:fe:18:91:a6:46:8d: 33:81:ea:fa:a3:d4:e1:b4:ee:40:15:32:74:ad:fb:52:b3:98: ff:04:4b:77:6e:fa:cb:3c:16:17:af:8e:49:b5:11:ae:61:61: ea:9c:26:6c:df:ac:72:88:6f:25:6f:cc:41:76:97:3e:fe:52: 11:3d:55:67:45:94:15:ea:7d:53:79:e3:25:4d:4b:9e:36:b4: 4d:86:d6:e6:ee:6f:1a:d6:64:78:3a:3c:4a:89:e8:97:b9:3a: 41:49:5d:28:05:64:a5:39:cf:7f:5b:ba:d9:a2:46:fb:f8:1e: 34:9d:f1:06:7a:cf:61:6e:78:2e:fd:38:53:4f:68:cd:95:de: ed:3b:02:93:16:85:13:95:85:ee:48:d6:24:e8:92:70:8a:9e: cf:ae:df:f1:56:15:24:71:df:9b:b9:f8:62:11:33:13:a0:65: de:a3:f5:bc:e5:07:38:fd:8e:36:4a:5d:76:9c:e3:12:f1:5f: 65:d5:84:26:23:30:f1:d4:9a:6e:db:c3:ef:e2:55:90:a7:89: 6b:bf:58:87:5c:70:e7:84:31:93:ca:bc:17:67:ed:d1:77:26: 9e:54:be:45:4a:5a:a2:f1:2f:9b:f5:7c:d8:5e:80:bf:97:fe: 9f:6c:72:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA/QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0YyNDcxMTAvBgNVBAUTKDkwNEEyMzVDQjQ3NDdFMDg2MDBGQzFEMjZCOTNGNTFD NDY3NEVCQUEwHhcNMjUwNzE5MDEwMDE1WhcNMjUwNzI2MDEwMDE1WjAYMRYwFAYD VQQDEw02ODdhZWUxZi1kZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/7KIJpRVikwkeRyS8zsPPr00rFd+K6UOgYRUO5NS+86EKkF5KsxMgG18ONl SQ38zz7OoM2gxmcCQ4oTsZ/YuXCt7dAsp/g4flKV5POg4wHQGulX+MUKfo9BaE64 L23aBtT8xnNzne9yTR4u7KdExNFqEw4LGdmBnovn69EDvlliRy6SuBnsM1U6ji+a HHv3uxCOTyf6mmPd5QnP+rQf0gU24S31XJrxnbk9cyFzVOnM1p3Fv5HCrILxR8Ia NyUJplOI6X/VhpT17/rFG54EH8jd2ejOMFt6UrWqwMDRbXd/BM4alHJ6ncGTgTX2 GTUyZAFJfhfCOth8vJSXX5anjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAU/7wjY y8WuZXZuMZ+qCH2SJPi9MB8GA1UdIwQYMBaAFJBKI1y0dH4IYA/B0muT9RxGdOuq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjI0Ny82RDIyRUFGMDhG MDMxMUVDQTVDOUZFMTJDNEY5QUUwMi9rRW9qWExSMGZnaGdEOEhTYTVQMUhFWjA2 Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tFb2pYTFIwZmdoZ0Q4SFNhNVAxSEVaMDY2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjI0Ny82RDIyRUFGMDhGMDMxMUVDQTVDOUZFMTJDNEY5QUUwMi9rRW9qWExSMGZn aGdEOEhTYTVQMUhFWjA2Nm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7A2jR6xK7qwhACf/+GJGmRo0zger6o9ThtO5AFTJ0rftSs5j/BEt3 bvrLPBYXr45JtRGuYWHqnCZs36xyiG8lb8xBdpc+/lIRPVVnRZQV6n1TeeMlTUue NrRNhtbm7m8a1mR4OjxKieiXuTpBSV0oBWSlOc9/W7rZokb7+B40nfEGes9hbngu /ThTT2jNld7tOwKTFoUTlYXuSNYk6JJwip7Prt/xVhUkcd+bufhiETMToGXeo/W8 5Qc4/Y42Sl12nOMS8V9l1YQmIzDx1Jpu28Pv4lWQp4lrv1iHXHDnhDGTyrwXZ+3R dyaeVL5FSlqi8S+b9XzYXoC/l/6fbHJm -----END CERTIFICATE-----Generated at Sun Jul 20 07:50:54 2025 by rpki-client