$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.mft File: i_fikwz8buuRbnOQ-JPgEAupOzI.mft (raw, json) Hash identifier: XZCVOuhptqgzC/whPrp39rF+Kxtpp8GaR4Y1C956fjA= Subject key identifier: 50:78:8D:F1:13:A1:0A:2A:66:A4:02:BB:EC:A2:6D:7A:8F:B3:A6:7E Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32 Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32 Certificate serial: 0A24 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.mft Manifest number: 09FB Signing time: Sun 20 Jul 2025 20:02:58 +0000 Manifest this update: Sun 20 Jul 2025 20:02:58 +0000 Manifest next update: Sun 27 Jul 2025 20:02:58 +0000 Files and hashes: 1: i_fikwz8buuRbnOQ-JPgEAupOzI.crl (hash: BDxqL8x3dPX9lh9OOqzbo3s77kUykvDlxNdqsQDIX2w=) 2: 794C43721A5F11F080409056C4F9AE02.roa (hash: tliF6bTq6KTU3ampYuLl3Y31z/FfmmETEltl1u+bSdc=) 3: 4A68B404EF5A11EEB09CEA53C4F9AE02.roa (hash: oIJ5W3QVIa4YGr8FBNUGRHva+x5HF8Vbb7EeJPMTI4k=) 4: 44CA8E9C7A2811EFA43D2558C4F9AE02.roa (hash: 8Cc+PLs+/tx+lp1/rLLPaUvNT8vXFRU1NrLduLeiq2w=) 5: C654C6869F1C11EEB377E239C4F9AE02.roa (hash: 5GewRvUgDB6rcXNpXbxI+RsMmEZ6AmWtSegm+so4e0M=) 6: 493CABD04FEE11F0B866DF81C4F9AE02.roa (hash: hVI5f3OngSrJ6IFISwTQMQm8YsnsRDaEoKxA88qPW7o=) 7: 3130A9B4681011EEB552C65BC4F9AE02.roa (hash: dXngOtAcFhvArc3Tgv9HMRYfy3lpLyOKuQ2Q99Bv4cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 20:02:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2596 (0xa24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C661, serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32 Validity Not Before: Jul 20 20:02:58 2025 GMT Not After : Jul 27 20:02:58 2025 GMT Subject: CN=687d4b72-d0ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:33:22:26:3a:47:3b:ad:7b:b2:b2:69:bb:a7: 58:76:00:cc:88:10:61:e8:a3:36:0a:58:a5:7a:f8: fe:dc:16:4c:1b:3e:fd:7c:87:cb:ef:3f:40:4a:76: 27:84:84:b9:59:ad:40:41:c4:b9:93:5d:48:43:0e: 2d:dd:99:fd:24:b8:28:d0:96:31:77:71:93:81:95: d7:1f:72:d6:6f:c9:3d:b3:d7:87:8d:a7:fa:a0:5e: c7:43:c0:dd:3a:ee:e7:70:9c:b6:56:db:50:0b:68: f8:fa:a3:a0:2c:8f:30:69:a3:db:ff:75:06:63:9e: 71:13:69:d4:2c:8c:50:f8:af:9a:44:cb:3e:8c:a7: 37:24:a8:41:5b:e2:25:a4:f8:ff:59:6b:af:52:11: 72:5b:80:68:50:f5:57:68:6b:86:4c:a4:3c:61:61: 7c:7a:77:3f:cf:a4:b2:b7:f4:14:05:7b:98:a1:ad: bd:b4:42:fa:3c:59:fc:7a:0c:bf:b2:65:bf:f8:bd: 18:7a:0c:0d:e3:1d:d8:9e:65:7e:1d:c3:96:05:c0: b8:86:80:3f:c9:85:23:ed:e9:24:b6:bc:6c:7c:02: 80:b7:b0:93:b7:52:73:bc:35:4b:ad:b4:1d:a5:89: 99:ad:ed:7b:e6:9f:a5:dc:44:cb:c1:20:f6:ac:d0: 13:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:78:8D:F1:13:A1:0A:2A:66:A4:02:BB:EC:A2:6D:7A:8F:B3:A6:7E X509v3 Authority Key Identifier: keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:04:d7:27:8e:01:a9:29:4a:d3:ed:b0:59:e0:3d:7d:ec:4b: 03:28:ac:a1:ee:22:61:15:cc:d8:41:15:99:a5:42:97:59:7b: e2:f6:5e:8a:77:27:47:49:5a:72:da:f1:67:9c:66:98:bd:f4: 13:72:ed:0f:4a:b3:86:4f:b3:e2:2d:3e:f8:2b:31:56:6d:be: 64:ef:0c:aa:ae:51:95:f1:8a:ee:08:0d:d4:a2:95:0f:2f:49: c4:f3:05:14:dc:91:1f:79:37:b7:aa:62:95:e9:53:34:95:14: 4b:28:3b:6b:cd:1e:dd:19:43:f2:50:43:8e:ba:27:1e:ec:78: 2c:a7:16:79:b5:8c:3b:73:78:f7:d8:68:52:a8:06:f6:b1:7e: 42:cc:0d:83:b5:96:98:55:64:1e:04:a1:0a:c0:38:a9:87:52: ff:2b:a3:c5:d7:0c:d5:61:9b:8d:3e:40:04:7c:3a:aa:24:8b: 8c:a8:29:2b:b0:8e:95:65:10:d5:d4:ff:0e:e1:e8:2d:97:fd: c5:c3:80:d3:fb:53:ed:25:4c:89:6e:30:b9:99:89:33:33:c0: 8a:34:38:3d:f7:e8:9f:73:27:c7:ef:88:e2:8e:ac:9d:29:1c: ed:7a:e6:a4:a9:a5:b0:fb:48:b8:b7:d5:d1:97:d9:da:99:48: fd:26:87:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw MEJBOTNCMzIwHhcNMjUwNzIwMjAwMjU4WhcNMjUwNzI3MjAwMjU4WjAYMRYwFAYD VQQDEw02ODdkNGI3Mi1kMGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxDMiJjpHO617srJpu6dYdgDMiBBh6KM2Clilevj+3BZMGz79fIfL7z9ASnYn hIS5Wa1AQcS5k11IQw4t3Zn9JLgo0JYxd3GTgZXXH3LWb8k9s9eHjaf6oF7HQ8Dd Ou7ncJy2VttQC2j4+qOgLI8waaPb/3UGY55xE2nULIxQ+K+aRMs+jKc3JKhBW+Il pPj/WWuvUhFyW4BoUPVXaGuGTKQ8YWF8enc/z6Syt/QUBXuYoa29tEL6PFn8egy/ smW/+L0YegwN4x3YnmV+HcOWBcC4hoA/yYUj7ekktrxsfAKAt7CTt1JzvDVLrbQd pYmZre175p+l3ETLwSD2rNAT0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFB4jfET oQoqZqQCu+yibXqPs6Z+MB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzY2MS8wNEFBQjI5RTgzNkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1 dVJibk9RLUpQZ0VBdXBPekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUBNcnjgGpKUrT7bBZ4D197EsDKKyh7iJhFczYQRWZpUKXWXvi9l6K dydHSVpy2vFnnGaYvfQTcu0PSrOGT7PiLT74KzFWbb5k7wyqrlGV8YruCA3UopUP L0nE8wUU3JEfeTe3qmKV6VM0lRRLKDtrzR7dGUPyUEOOuice7HgspxZ5tYw7c3j3 2GhSqAb2sX5CzA2DtZaYVWQeBKEKwDiph1L/K6PF1wzVYZuNPkAEfDqqJIuMqCkr sI6VZRDV1P8O4egtl/3Fw4DT+1PtJUyJbjC5mYkzM8CKNDg99+ifcyfH74jijqyd KRzteuakqaWw+0i4t9XRl9namUj9Joew -----END CERTIFICATE-----Generated at Mon Jul 21 12:40:59 2025 by rpki-client