$ rpki-client -vvf rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.mft File: Crfzan3eThH0sBWX3w3nopqAvEQ.mft (raw, json) Hash identifier: YBsBQEv8N3SIcm8cTHs30AEFu4vzWd596ccjKfxEhbU= Subject key identifier: C7:48:B6:B7:39:1C:0B:23:E4:2B:A5:9C:B9:D6:D0:57:8B:D4:11:1E Authority key identifier: 0A:B7:F3:6A:7D:DE:4E:11:F4:B0:15:97:DF:0D:E7:A2:9A:80:BC:44 Certificate issuer: /CN=A917F352/serialNumber=0AB7F36A7DDE4E11F4B01597DF0DE7A29A80BC44 Certificate serial: 0127 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Crfzan3eThH0sBWX3w3nopqAvEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.mft Manifest number: 0125 Signing time: Sat 19 Jul 2025 04:53:06 +0000 Manifest this update: Sat 19 Jul 2025 04:53:06 +0000 Manifest next update: Sat 26 Jul 2025 04:53:06 +0000 Files and hashes: 1: Crfzan3eThH0sBWX3w3nopqAvEQ.crl (hash: vx4SoC3F6ksPLpAVQ6qyOQdI9MLKkmukc8gwR9Dzr7Q=) 2: 8FE6CF86A1FB11EE9773325BC4F9AE02.roa (hash: 7+HziPW8bdU4fmbvKj0ZUtapknCkvsD+7VoRTrV2tSY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.crl rsync://rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Crfzan3eThH0sBWX3w3nopqAvEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 295 (0x127) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F352, serialNumber=0AB7F36A7DDE4E11F4B01597DF0DE7A29A80BC44 Validity Not Before: Jul 19 04:53:06 2025 GMT Not After : Jul 26 04:53:06 2025 GMT Subject: CN=687b24b2-7f3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:86:b0:b7:91:9d:e1:ae:4c:ed:ec:fa:54:5b: 2a:73:56:42:35:65:c6:11:36:b3:58:8e:12:13:97: fb:19:65:3e:59:5d:a5:b3:f6:e7:5e:cb:40:12:bb: f4:9d:21:10:c6:3b:01:77:a4:ca:8d:05:20:ea:88: e6:59:95:f7:80:8d:7b:42:81:4a:b3:d4:0d:1c:39: 37:3a:fc:17:a9:3d:73:45:94:90:3f:6d:2c:d6:e2: 63:02:68:4e:2a:9a:01:45:35:48:03:d7:61:54:ec: d8:b4:12:02:b5:5c:b4:31:4f:0f:cb:7f:fb:85:53: a1:29:ed:96:ff:53:cf:6f:54:cb:c0:eb:1c:3c:5f: 68:ee:48:92:fa:1d:26:4b:0b:e2:ce:99:a9:da:3e: b4:63:3a:45:dd:32:15:76:f4:39:d2:c1:1b:aa:22: c4:b6:0a:e3:6c:1c:12:92:00:a4:ad:d0:92:b3:0c: 1a:dc:08:07:88:ec:59:54:5a:0a:b2:ea:5a:4a:46: 32:e9:5d:07:af:8f:7e:57:4e:c2:98:67:f2:7e:05: fa:14:ab:8e:3f:6b:09:91:6d:ca:e2:5e:3d:3e:ec: 06:de:18:98:fe:a3:d5:ea:45:7f:41:42:1c:45:28: 0c:7f:94:8d:1e:90:cb:03:00:4f:e7:8e:9e:83:a8: f8:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:48:B6:B7:39:1C:0B:23:E4:2B:A5:9C:B9:D6:D0:57:8B:D4:11:1E X509v3 Authority Key Identifier: keyid:0A:B7:F3:6A:7D:DE:4E:11:F4:B0:15:97:DF:0D:E7:A2:9A:80:BC:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Crfzan3eThH0sBWX3w3nopqAvEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F352/3D9D7F5EA1FB11EEA360925AC4F9AE02/Crfzan3eThH0sBWX3w3nopqAvEQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:1c:b2:59:f7:91:0d:82:f4:9f:ce:d7:4f:ad:5b:cd:66:a0: 6c:88:5c:b1:d7:82:f6:e6:7d:1c:da:65:55:7c:86:8e:0a:6f: e2:30:c8:c1:9c:ce:08:aa:0d:df:e1:29:c6:74:b6:65:36:c2: 65:ca:f4:5e:2c:a3:3b:c6:23:20:8a:b5:d7:d8:01:ab:2e:93: 19:4d:87:3d:28:be:93:ed:b2:83:94:22:86:85:1d:8a:60:99: a6:c4:1c:65:17:31:45:f8:40:6d:5f:48:7e:c0:f1:b8:cc:83: 1f:95:3b:d0:da:1a:b1:5c:c3:65:49:72:f4:1d:33:65:1d:4a: 41:d1:1a:90:4e:e4:fc:06:8f:d5:b0:53:d8:9a:b0:27:15:9d: a1:60:25:26:79:90:9c:b9:52:3e:93:ae:cb:48:bf:26:10:3c: 42:29:56:68:33:11:f9:e9:11:5e:81:f2:e6:c4:62:a8:42:8f: 6a:51:8f:aa:b4:cd:f1:07:06:75:c4:a2:01:c4:7c:19:b5:ca: af:59:bd:12:24:3a:63:b6:e3:7f:f3:78:db:30:70:3d:11:3b: b5:e9:21:da:07:38:27:b4:07:a7:34:ec:05:dc:59:92:85:45: 31:b6:d0:e5:2f:17:05:ff:4a:86:ba:5a:6d:a5:80:4d:f0:14: d1:f0:d7:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0YzNTIxMTAvBgNVBAUTKDBBQjdGMzZBN0RERTRFMTFGNEIwMTU5N0RGMERFN0Ey OUE4MEJDNDQwHhcNMjUwNzE5MDQ1MzA2WhcNMjUwNzI2MDQ1MzA2WjAYMRYwFAYD VQQDEw02ODdiMjRiMi03ZjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIawt5Gd4a5M7ez6VFsqc1ZCNWXGETazWI4SE5f7GWU+WV2ls/bnXstAErv0 nSEQxjsBd6TKjQUg6ojmWZX3gI17QoFKs9QNHDk3OvwXqT1zRZSQP20s1uJjAmhO KpoBRTVIA9dhVOzYtBICtVy0MU8Py3/7hVOhKe2W/1PPb1TLwOscPF9o7kiS+h0m Swvizpmp2j60YzpF3TIVdvQ50sEbqiLEtgrjbBwSkgCkrdCSswwa3AgHiOxZVFoK supaSkYy6V0Hr49+V07CmGfyfgX6FKuOP2sJkW3K4l49PuwG3hiY/qPV6kV/QUIc RSgMf5SNHpDLAwBP546eg6j4NwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMdItrc5 HAsj5CulnLnW0FeL1BEeMB8GA1UdIwQYMBaAFAq382p93k4R9LAVl98N56KagLxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjM1Mi8zRDlEN0Y1RUEx RkIxMUVFQTM2MDkyNUFDNEY5QUUwMi9DcmZ6YW4zZVRoSDBzQldYM3czbm9wcUF2 RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NyZnphbjNlVGhIMHNCV1gzdzNub3BxQXZFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjM1Mi8zRDlEN0Y1RUExRkIxMUVFQTM2MDkyNUFDNEY5QUUwMi9DcmZ6YW4zZVRo SDBzQldYM3czbm9wcUF2RVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChHLJZ95ENgvSfztdPrVvNZqBsiFyx14L25n0c2mVVfIaOCm/iMMjB nM4Iqg3f4SnGdLZlNsJlyvReLKM7xiMgirXX2AGrLpMZTYc9KL6T7bKDlCKGhR2K YJmmxBxlFzFF+EBtX0h+wPG4zIMflTvQ2hqxXMNlSXL0HTNlHUpB0RqQTuT8Bo/V sFPYmrAnFZ2hYCUmeZCcuVI+k67LSL8mEDxCKVZoMxH56RFegfLmxGKoQo9qUY+q tM3xBwZ1xKIBxHwZtcqvWb0SJDpjtuN/83jbMHA9ETu16SHaBzgntAenNOwF3FmS hUUxttDlLxcF/0qGulptpYBN8BTR8NfJ -----END CERTIFICATE-----Generated at Sun Jul 20 07:37:28 2025 by rpki-client