$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: nmdIfVn2zGqHK0P1xTsinb1Y7W3fPeokEBmAZRKvsKE= Subject key identifier: AE:C7:4F:6A:A9:A0:A0:B5:FE:85:D1:7A:BB:F9:A5:AA:E9:EC:4F:0D Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0BDD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BD4 Signing time: Fri 06 Jun 2025 18:53:00 +0000 Manifest this update: Fri 06 Jun 2025 18:53:00 +0000 Manifest next update: Fri 13 Jun 2025 18:53:00 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: sjv2L0aWAks0oTZQ/PXIQFXkOxlnAvE0gmLdenLce94=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: vtoSKlT7or456eJjA8slT3V02xUjwJUVTYQRDOjaj2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 18:52:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3037 (0xbdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Jun 6 18:53:00 2025 GMT Not After : Jun 13 18:53:00 2025 GMT Subject: CN=6843390c-1cb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:95:cd:e4:5d:a0:b9:13:f6:05:0c:69:d9:a9: 7b:c9:cc:f8:5d:cb:d8:38:33:88:81:c5:35:2a:f6: 79:ca:0a:d8:78:0b:b1:ec:7a:88:1a:62:0f:d6:97: 82:29:e6:dc:e3:c7:64:24:be:b7:36:b5:bf:42:c7: d3:a2:5e:5b:11:71:84:8d:e3:98:b9:d9:98:be:54: e0:48:12:f8:a7:a7:8c:1b:8b:78:da:81:ed:e0:83: ae:10:24:08:f0:cb:62:d4:30:c8:0a:b4:4d:b4:08: 80:bf:a3:1a:60:80:85:2d:aa:46:e1:14:34:2b:02: 72:8d:dc:43:37:a8:3b:73:2f:e1:0e:3f:f4:79:f1: 77:9d:90:7f:f1:67:34:c8:db:dc:65:b3:c4:72:74: 22:4f:6a:d6:74:2e:43:0b:ff:86:5f:85:cd:06:51: 47:24:a8:23:d3:e9:45:88:fb:08:81:18:a0:b7:c7: 70:ed:9e:67:02:31:a5:b2:f9:9b:50:b2:36:b8:69: 43:f2:29:ef:9c:bc:a7:74:84:fc:3b:55:a1:a4:f6: 92:38:87:d8:c6:d2:82:ad:35:0e:95:23:5e:a9:c8: 84:36:99:5c:ab:41:40:85:1b:54:93:25:15:ef:01: 4f:b6:bf:19:97:55:67:25:c9:91:93:53:2d:05:7c: b7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:C7:4F:6A:A9:A0:A0:B5:FE:85:D1:7A:BB:F9:A5:AA:E9:EC:4F:0D X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:c0:76:b2:f8:39:ec:da:60:ad:99:57:bf:f3:bf:e6:f4:38: d5:16:6e:7f:40:4b:d8:57:83:c3:45:07:ca:4a:51:1a:aa:df: 93:9f:52:c9:9d:bc:14:88:fb:62:d6:7c:56:fe:2b:22:b6:d1: bd:89:da:d8:cd:d9:0e:95:ee:47:07:72:b1:81:be:8f:26:5e: 28:79:4d:10:65:35:88:00:8c:46:2d:d6:9b:12:3c:11:23:22: 25:e1:c5:00:4b:ce:af:17:75:af:05:9b:44:d1:a9:f6:a1:ae: 8d:39:e3:82:90:cf:3a:94:05:e3:c0:54:24:1d:83:d0:92:97: a6:a6:fb:07:13:13:47:c2:bc:66:d0:ec:0f:e2:4c:fe:a5:44: ce:77:5b:fd:1e:7e:b5:3a:66:28:bc:76:4c:e9:53:a4:f3:24: 7c:df:79:40:9f:1d:d1:31:75:b5:e4:58:99:27:dd:93:39:a2: dc:0d:ba:53:0e:c6:cb:8d:e2:6a:47:3f:d1:ef:ed:25:0c:4b: 47:bd:51:64:78:f4:ab:8f:06:b3:c3:fb:7d:23:ab:05:6a:cc: 77:ce:b8:a5:8e:28:67:24:a7:38:2c:e4:1a:37:04:ab:3b:12: 61:2b:c8:f3:bd:8f:fb:1c:e9:39:ee:55:42:5e:d4:ee:61:0b: e0:88:db:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwNjA2MTg1MzAwWhcNMjUwNjEzMTg1MzAwWjAYMRYwFAYD VQQDEw02ODQzMzkwYy0xY2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1ZXN5F2guRP2BQxp2al7ycz4XcvYODOIgcU1KvZ5ygrYeAux7HqIGmIP1peC Kebc48dkJL63NrW/QsfTol5bEXGEjeOYudmYvlTgSBL4p6eMG4t42oHt4IOuECQI 8Mti1DDICrRNtAiAv6MaYICFLapG4RQ0KwJyjdxDN6g7cy/hDj/0efF3nZB/8Wc0 yNvcZbPEcnQiT2rWdC5DC/+GX4XNBlFHJKgj0+lFiPsIgRigt8dw7Z5nAjGlsvmb ULI2uGlD8invnLyndIT8O1WhpPaSOIfYxtKCrTUOlSNeqciENplcq0FAhRtUkyUV 7wFPtr8Zl1VnJcmRk1MtBXy3bQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK7HT2qp oKC1/oXRerv5parp7E8NMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxwHay+Dns2mCtmVe/87/m9DjVFm5/QEvYV4PDRQfKSlEaqt+Tn1LJ nbwUiPti1nxW/isittG9idrYzdkOle5HB3Kxgb6PJl4oeU0QZTWIAIxGLdabEjwR IyIl4cUAS86vF3WvBZtE0an2oa6NOeOCkM86lAXjwFQkHYPQkpempvsHExNHwrxm 0OwP4kz+pUTOd1v9Hn61OmYovHZM6VOk8yR833lAnx3RMXW15FiZJ92TOaLcDbpT DsbLjeJqRz/R7+0lDEtHvVFkePSrjwazw/t9I6sFasx3zriljihnJKc4LOQaNwSr OxJhK8jzvY/7HOk57lVCXtTuYQvgiNuc -----END CERTIFICATE-----Generated at Sat Jun 7 05:36:19 2025 by rpki-client