$ rpki-client -vvf rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft File: L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft (raw, json) Hash identifier: RTcggFyXgDFrryHIzwMJI06RCC7r6XNA2Y7kCTJJPFY= Subject key identifier: 4C:D1:B0:A4:5E:A0:7C:E4:59:FE:E7:F7:4B:4B:05:4F:04:E0:DF:A1 Authority key identifier: 2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34 Certificate issuer: /CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734 Certificate serial: 0C2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft Manifest number: 0C24 Signing time: Sun 20 Jul 2025 18:43:58 +0000 Manifest this update: Sun 20 Jul 2025 18:43:58 +0000 Manifest next update: Sun 27 Jul 2025 18:43:58 +0000 Files and hashes: 1: L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl (hash: trLkwUiDKxjEBuYPKjG9+oFm0S909xchnxuzdhYoeYg=) 2: 68A35F78831411EC90E07C19C4F9AE02.roa (hash: t6T57kHu7uMYeuN0mVxzrvC/6xdds2/aDC5V7Z6/hHA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 18:43:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3115 (0xc2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9183496, serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734 Validity Not Before: Jul 20 18:43:58 2025 GMT Not After : Jul 27 18:43:58 2025 GMT Subject: CN=687d38ee-7f70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:45:c4:77:33:eb:e9:3d:fb:1e:a7:84:38:ca: 81:7a:95:e4:48:38:e2:6e:63:30:9f:6d:59:4c:e6: 42:bf:b4:7b:ab:ac:58:62:35:51:56:7c:8d:aa:e7: ca:40:ba:4e:5d:a9:7e:d1:86:c3:39:20:3b:c6:b8: b1:bf:b5:0b:47:1b:e1:9b:d3:e1:2b:28:ab:5e:a4: 6c:55:8a:a0:47:f6:78:1e:13:4b:a3:78:6b:2c:32: e5:45:f0:52:bc:a0:bb:9b:1c:28:d3:86:14:00:3d: e5:25:a5:31:01:dd:1a:ef:6b:c1:79:a2:02:87:03: 47:f3:42:fc:e9:4c:af:74:4e:98:f6:c3:d3:fb:66: 13:d3:41:15:2c:85:8b:59:53:da:90:fa:34:93:d6: dd:66:e3:63:c2:92:1f:38:fa:f9:29:2d:0f:38:4b: b0:82:33:93:3c:d1:dc:27:d3:18:6a:a7:e2:62:dd: 5b:0d:12:90:20:84:18:a3:bf:73:c9:60:fb:5a:ad: 4b:b7:f6:80:e2:5c:ce:7d:61:fe:9f:82:d3:70:eb: 9f:37:b7:d3:98:53:79:69:b5:df:12:40:fc:bb:40: dd:74:cb:1e:ca:f0:cd:bc:0d:34:3e:f4:ff:62:5d: 7b:42:97:f0:f7:f5:10:40:9e:d0:5c:14:eb:4c:94: 01:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:D1:B0:A4:5E:A0:7C:E4:59:FE:E7:F7:4B:4B:05:4F:04:E0:DF:A1 X509v3 Authority Key Identifier: keyid:2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:a9:e5:49:87:50:ef:9d:7a:a6:be:f7:55:1a:03:b2:02:27: 16:30:bc:d2:75:ad:bf:8c:0d:38:44:8a:60:a6:1d:d4:c1:c2: 68:bc:19:10:c5:4e:74:58:93:9f:75:9e:6d:5b:c6:f3:26:98: 69:1f:d7:09:d2:98:8e:dc:18:60:4f:9e:37:52:f7:fd:ce:ff: 61:f3:a4:fd:b2:45:30:1d:e1:82:1e:96:25:50:32:34:8d:cd: 28:e9:3f:af:c9:1c:62:9f:5f:4e:1b:05:02:a5:cf:c3:05:8c: bf:44:7e:3a:21:85:ce:43:d3:f3:e8:15:12:ef:e9:cc:69:93: c5:88:36:6a:cb:3c:fa:7e:8e:5c:46:b1:7c:75:e2:10:a3:cf: 6c:34:91:e7:de:00:47:89:38:07:0f:5b:98:67:a4:c0:0d:e5: e9:97:0f:a8:96:54:e6:e7:cf:a0:79:9e:ee:23:af:fe:08:79: 36:2a:a1:da:e8:8f:ee:90:cf:ed:77:da:8e:60:7c:f8:5c:de: e1:cf:3b:c7:fe:b7:d3:aa:19:be:93:65:f3:d1:a3:55:df:71: c7:85:e0:4e:21:fd:a6:e9:a5:ad:19:13:de:2b:69:53:4a:83: 47:65:6a:9f:1c:25:09:1c:ab:0c:1d:04:04:7f:da:5a:d2:8f: 3a:82:f4:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM0OTYxMTAvBgNVBAUTKDJGN0ExQzFERDI3RUE3ODE1OENFMjFBOTREQkJGQjkw NzJGQjE3MzQwHhcNMjUwNzIwMTg0MzU4WhcNMjUwNzI3MTg0MzU4WjAYMRYwFAYD VQQDEw02ODdkMzhlZS03ZjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzEXEdzPr6T37HqeEOMqBepXkSDjibmMwn21ZTOZCv7R7q6xYYjVRVnyNqufK QLpOXal+0YbDOSA7xrixv7ULRxvhm9PhKyirXqRsVYqgR/Z4HhNLo3hrLDLlRfBS vKC7mxwo04YUAD3lJaUxAd0a72vBeaIChwNH80L86UyvdE6Y9sPT+2YT00EVLIWL WVPakPo0k9bdZuNjwpIfOPr5KS0POEuwgjOTPNHcJ9MYaqfiYt1bDRKQIIQYo79z yWD7Wq1Lt/aA4lzOfWH+n4LTcOufN7fTmFN5abXfEkD8u0DddMseyvDNvA00PvT/ Yl17Qpfw9/UQQJ7QXBTrTJQBBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEzRsKRe oHzkWf7n90tLBU8E4N+hMB8GA1UdIwQYMBaAFC96HB3SfqeBWM4hqU27+5By+xc0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzQ5Ni8yMzQxQTU2NjBG NkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0Rll6aUdwVGJ2N2tITDdG elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0wzb2NIZEotcDRGWXppR3BUYnY3a0hMN0Z6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MzQ5Ni8yMzQxQTU2NjBGNkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0 Rll6aUdwVGJ2N2tITDdGelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0qeVJh1DvnXqmvvdVGgOyAicWMLzSda2/jA04RIpgph3UwcJovBkQ xU50WJOfdZ5tW8bzJphpH9cJ0piO3BhgT543Uvf9zv9h86T9skUwHeGCHpYlUDI0 jc0o6T+vyRxin19OGwUCpc/DBYy/RH46IYXOQ9Pz6BUS7+nMaZPFiDZqyzz6fo5c RrF8deIQo89sNJHn3gBHiTgHD1uYZ6TADeXplw+ollTm58+geZ7uI6/+CHk2KqHa 6I/ukM/td9qOYHz4XN7hzzvH/rfTqhm+k2Xz0aNV33HHheBOIf2m6aWtGRPeK2lT SoNHZWqfHCUJHKsMHQQEf9pa0o86gvRx -----END CERTIFICATE-----Generated at Mon Jul 21 13:23:36 2025 by rpki-client