$ rpki-client -vvf rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft File: 1ppgVl8zchSc5uL8nnI9SQZ2doo.mft (raw, json) Hash identifier: S/le9zrwI0OK7LrIJhOOTTgxAX3So/MA8H/c2y996zM= Subject key identifier: 3A:3A:25:FF:F3:D6:B3:99:4A:0E:98:2A:C4:1C:60:B8:85:51:17:D7 Authority key identifier: D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A Certificate issuer: /CN=A9185F7D/serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Certificate serial: 349E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft Manifest number: 349E Signing time: Sun 20 Jul 2025 15:00:00 +0000 Manifest this update: Sun 20 Jul 2025 15:00:00 +0000 Manifest next update: Sun 27 Jul 2025 15:00:00 +0000 Files and hashes: 1: 1ppgVl8zchSc5uL8nnI9SQZ2doo.crl (hash: spjymcsD0VfkC2ODD+Y94qiQze7zH6WdZ/JAl8ISH74=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:59:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13470 (0x349e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185F7D, serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Validity Not Before: Jul 20 15:00:00 2025 GMT Not After : Jul 27 15:00:00 2025 GMT Subject: CN=687d0470-5c70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:d7:14:4b:7a:8c:99:ea:2f:c8:a1:dd:d8:22: 06:58:9a:f9:2a:19:76:99:0c:f4:74:88:61:4d:cb: 09:e5:b8:c3:da:b0:bd:47:ae:0d:eb:fc:fa:3b:b9: 82:91:7c:12:be:c5:82:e0:86:06:19:1d:3c:eb:0b: 7d:7e:e2:63:fa:8f:ab:7b:42:f7:04:50:f3:54:8d: d3:74:30:c8:13:ec:67:2f:33:dd:2d:a2:40:99:df: d2:64:37:81:57:f5:32:5b:9d:a5:bf:54:03:57:ad: e5:8c:0b:f8:3a:69:8d:bd:bf:88:16:3c:65:81:be: 53:f9:68:02:d2:01:87:25:e3:ae:05:10:4a:6a:7f: dc:0c:0c:70:10:3a:6b:66:19:30:66:fb:e7:ed:82: 6b:0b:c7:6c:84:78:16:03:77:a3:12:76:c3:9f:4f: f7:6b:d5:74:48:99:b1:0d:bf:ae:71:93:46:42:4b: b3:c4:8f:c5:cc:dc:db:2a:25:34:ec:4d:37:8e:5f: 1d:d8:c6:86:26:5e:56:95:8b:66:1c:7c:26:68:8d: d6:21:be:99:6d:c2:f4:3b:5b:c8:a9:2d:72:dd:f9: b7:5c:3c:e5:d1:df:a7:a3:f5:c4:7c:06:6c:a6:9d: df:22:1b:1b:bf:34:70:c1:f1:c7:86:60:4e:56:06: a8:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:3A:25:FF:F3:D6:B3:99:4A:0E:98:2A:C4:1C:60:B8:85:51:17:D7 X509v3 Authority Key Identifier: keyid:D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:97:9b:7c:08:de:b4:2a:1f:2d:50:01:9a:43:d2:69:e6:fc: 8c:88:f6:d9:74:6e:50:45:0e:fd:8a:92:a0:37:71:89:cd:81: 1f:62:7f:1a:a7:51:8f:08:ba:b3:e1:62:09:5d:96:22:53:de: 76:92:6a:0b:c8:94:e8:82:9a:b5:55:03:ea:80:da:0c:79:ca: c5:72:e0:04:f9:ab:23:5e:d8:3e:02:b7:ef:29:c4:34:11:de: 61:c6:20:81:ba:07:d8:32:d9:08:ea:a6:1b:98:cf:11:71:12: 23:93:51:f9:94:3e:dc:a1:33:2d:93:8d:c2:cb:ca:6c:7f:03: 93:f8:8b:24:f8:52:99:b1:62:5b:a4:8a:95:3b:8a:fa:07:73: e7:1e:67:e3:bb:0e:d5:6e:18:b8:98:b2:92:95:08:65:a4:15: bb:1b:de:cf:9d:63:6c:a2:f7:84:30:76:27:d7:2c:3b:c3:1f: 95:fd:2b:7e:47:28:b4:76:d6:42:83:02:80:b9:81:a6:ca:4c: 32:96:01:f1:e4:cf:22:eb:7f:f9:54:1f:dc:38:79:d8:f2:43: 6d:2d:1a:6c:f9:a0:39:6e:ab:dc:b0:42:87:a9:75:69:1e:00: 00:82:b4:b0:ab:39:75:f6:a5:d5:53:be:21:8d:43:bf:df:78: 5d:43:7d:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVGN0QxMTAvBgNVBAUTKEQ2OUE2MDU2NUYzMzcyMTQ5Q0U2RTJGQzlFNzIzRDQ5 MDY3Njc2OEEwHhcNMjUwNzIwMTUwMDAwWhcNMjUwNzI3MTUwMDAwWjAYMRYwFAYD VQQDEw02ODdkMDQ3MC01YzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2tcUS3qMmeovyKHd2CIGWJr5Khl2mQz0dIhhTcsJ5bjD2rC9R64N6/z6O7mC kXwSvsWC4IYGGR086wt9fuJj+o+re0L3BFDzVI3TdDDIE+xnLzPdLaJAmd/SZDeB V/UyW52lv1QDV63ljAv4OmmNvb+IFjxlgb5T+WgC0gGHJeOuBRBKan/cDAxwEDpr ZhkwZvvn7YJrC8dshHgWA3ejEnbDn0/3a9V0SJmxDb+ucZNGQkuzxI/FzNzbKiU0 7E03jl8d2MaGJl5WlYtmHHwmaI3WIb6ZbcL0O1vIqS1y3fm3XDzl0d+no/XEfAZs pp3fIhsbvzRwwfHHhmBOVgaoDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDo6Jf/z 1rOZSg6YKsQcYLiFURfXMB8GA1UdIwQYMBaAFNaaYFZfM3IUnObi/J5yPUkGdnaK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUY3RC82OTc1M0Y1ODFE OUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNoU2M1dUw4bm5JOVNRWjJk b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFwcGdWbDh6Y2hTYzV1TDhubkk5U1FaMmRvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUY3RC82OTc1M0Y1ODFEOUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNo U2M1dUw4bm5JOVNRWjJkb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDl5t8CN60Kh8tUAGaQ9Jp5vyMiPbZdG5QRQ79ipKgN3GJzYEfYn8a p1GPCLqz4WIJXZYiU952kmoLyJTogpq1VQPqgNoMecrFcuAE+asjXtg+ArfvKcQ0 Ed5hxiCBugfYMtkI6qYbmM8RcRIjk1H5lD7coTMtk43Cy8psfwOT+Isk+FKZsWJb pIqVO4r6B3PnHmfjuw7Vbhi4mLKSlQhlpBW7G97PnWNsoveEMHYn1yw7wx+V/St+ Ryi0dtZCgwKAuYGmykwylgHx5M8i63/5VB/cOHnY8kNtLRps+aA5bqvcsEKHqXVp HgAAgrSwqzl19qXVU74hjUO/33hdQ30+ -----END CERTIFICATE-----Generated at Mon Jul 21 06:51:43 2025 by rpki-client