$ rpki-client -vvf rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft File: RoxqeSq7PkX-7iIo0o54AxNytFU.mft (raw, json) Hash identifier: NV5oxTnJnZ8/QES4hF+K7Me0VXHd4ThXgBqccm22zUE= Subject key identifier: 64:DA:AA:CB:68:CD:AB:FE:FA:B3:1C:78:3A:51:44:74:E4:A9:5E:61 Authority key identifier: 46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55 Certificate issuer: /CN=A912DD15/serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455 Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft Manifest number: 01A1 Signing time: Tue 03 Jun 2025 03:12:21 +0000 Manifest this update: Tue 03 Jun 2025 03:12:20 +0000 Manifest next update: Tue 10 Jun 2025 03:12:20 +0000 Files and hashes: 1: RoxqeSq7PkX-7iIo0o54AxNytFU.crl (hash: RdW8ULXNmnLvPjGaUZIqz5nPSNOaKoYOi/yOBl8YS5g=) 2: 43CE5D5A236911EEAC33285DC4F9AE02.roa (hash: frHxqt/yG7rr6fCbelfcQdfPa8QFjBnwgHPUnZu57so=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.crl rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 03:12:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DD15, serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455 Validity Not Before: Jun 3 03:12:20 2025 GMT Not After : Jun 10 03:12:20 2025 GMT Subject: CN=683e6815-6e31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e9:97:ad:1b:fa:a5:18:a6:ab:a9:f6:7e:00: 70:fa:c1:a6:8e:bc:90:25:a0:23:e1:87:20:c3:09: 27:7b:c9:1f:ee:97:01:aa:aa:9b:49:87:cf:df:e2: 1b:35:30:0a:a1:ff:fa:67:af:3f:46:6b:c1:f0:73: 0f:0f:ba:59:19:7b:90:3b:9e:61:d5:a0:4d:3f:71: 98:4f:de:50:d5:11:05:ca:9b:de:42:83:76:72:2a: ff:95:f9:cf:55:13:ea:26:8c:40:e5:87:6e:22:30: 54:19:20:da:6b:df:c3:4a:92:c0:02:18:f1:c0:5c: 77:69:08:1a:2e:21:4a:55:3c:e1:18:a6:25:9e:a2: de:86:f4:5c:b2:55:90:82:02:cc:02:1a:dd:0e:f8: 77:96:86:5a:34:29:87:83:53:29:07:b9:2b:5c:b8: 84:1c:00:47:58:94:93:ad:93:d6:25:c9:88:2b:31: ca:6f:7a:29:e2:0c:07:78:97:9c:7c:dd:bc:2d:d5: e5:6b:b0:44:a7:fe:c7:6d:d7:34:34:7c:cd:ae:f7: 64:ab:1c:33:df:24:06:d0:35:28:05:89:d9:d4:06: f5:e8:f2:68:0d:e6:ef:fd:f5:45:6b:b4:65:cf:b6: 50:61:7b:24:0c:3c:4f:02:80:b1:5f:27:7a:ad:6d: be:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DA:AA:CB:68:CD:AB:FE:FA:B3:1C:78:3A:51:44:74:E4:A9:5E:61 X509v3 Authority Key Identifier: keyid:46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:c1:91:8c:4f:40:40:25:16:54:3a:46:ff:17:ab:a4:0b:be: 93:b6:9a:50:3e:4d:33:b5:cf:ea:6b:64:af:7b:79:27:6e:c0: ac:7b:26:a8:e1:72:2e:2a:28:51:46:32:fa:90:9b:85:65:f8: 98:ea:4e:e8:b2:e1:28:52:1a:84:19:a8:45:f3:9e:b9:5b:7c: c3:1b:bd:bf:3a:93:58:f7:c6:57:da:b2:e1:4f:2e:73:10:45: c0:49:19:2f:e4:10:1a:f0:34:e7:ab:b3:47:e4:82:fc:22:a1: a9:27:9e:ad:aa:35:99:32:9f:ff:44:cc:57:bc:e1:07:72:cc: f8:56:e6:2f:8d:5c:35:38:b9:1e:31:45:8f:4f:00:03:b8:b2: f1:fb:8d:ce:d7:f0:2c:cd:40:bc:a5:f6:97:bf:a6:4e:27:9b: 26:c7:ac:28:a6:a3:87:24:53:ce:ae:af:56:c8:96:4d:dc:fb: eb:ef:61:23:bc:f6:37:7a:ff:38:b0:bf:ce:aa:46:d7:86:03: d1:ff:d1:f6:f1:d7:86:f9:d7:42:ef:c8:1b:ab:af:09:7b:ac: f7:29:ae:9c:43:19:ce:ed:f9:fb:1d:d4:69:d3:c2:d1:58:12: 36:24:40:a7:79:f7:d0:e9:be:bf:83:89:43:e6:26:37:de:d1: bc:9e:ea:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkREMTUxMTAvBgNVBAUTKDQ2OEM2QTc5MkFCQjNFNDVGRUVFMjIyOEQyOEU3ODAz MTM3MkI0NTUwHhcNMjUwNjAzMDMxMjIwWhcNMjUwNjEwMDMxMjIwWjAYMRYwFAYD VQQDEw02ODNlNjgxNS02ZTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnumXrRv6pRimq6n2fgBw+sGmjryQJaAj4Ycgwwkne8kf7pcBqqqbSYfP3+Ib NTAKof/6Z68/RmvB8HMPD7pZGXuQO55h1aBNP3GYT95Q1REFypveQoN2cir/lfnP VRPqJoxA5YduIjBUGSDaa9/DSpLAAhjxwFx3aQgaLiFKVTzhGKYlnqLehvRcslWQ ggLMAhrdDvh3loZaNCmHg1MpB7krXLiEHABHWJSTrZPWJcmIKzHKb3op4gwHeJec fN28LdXla7BEp/7Hbdc0NHzNrvdkqxwz3yQG0DUoBYnZ1Ab16PJoDebv/fVFa7Rl z7ZQYXskDDxPAoCxXyd6rW2+LwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGTaqsto zav++rMceDpRRHTkqV5hMB8GA1UdIwQYMBaAFEaMankquz5F/u4iKNKOeAMTcrRV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREQxNS9CREFEQTg2MEND NTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9Sb3hxZVNxN1BrWC03aUlvMG81NEF4Tnl0 RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JveHFlU3E3UGtYLTdpSW8wbzU0QXhOeXRGVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REQxNS9CREFEQTg2MENDNTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9Sb3hxZVNxN1Br WC03aUlvMG81NEF4Tnl0RlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCywZGMT0BAJRZUOkb/F6ukC76TtppQPk0ztc/qa2Sve3knbsCseyao 4XIuKihRRjL6kJuFZfiY6k7osuEoUhqEGahF8565W3zDG72/OpNY98ZX2rLhTy5z EEXASRkv5BAa8DTnq7NH5IL8IqGpJ56tqjWZMp//RMxXvOEHcsz4VuYvjVw1OLke MUWPTwADuLLx+43O1/AszUC8pfaXv6ZOJ5smx6wopqOHJFPOrq9WyJZN3Pvr72Ej vPY3ev84sL/OqkbXhgPR/9H28deG+ddC78gbq68Je6z3Ka6cQxnO7fn7HdRp08LR WBI2JECneffQ6b6/g4lD5iY33tG8nupe -----END CERTIFICATE-----Generated at Tue Jun 3 23:47:45 2025 by rpki-client