$ rpki-client -vvf rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft File: D9l6GEHJl08fSQQu2j5yhCGq5f4.mft (raw, json) Hash identifier: cLl8zVqRlkxFlrvW89xf/H0/QzHlo6lTJuEk+nKN/P8= Subject key identifier: 3F:A3:83:EC:67:A7:73:9D:A2:C1:54:EA:2F:25:A9:C7:C4:D0:8D:F6 Authority key identifier: 0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE Certificate issuer: /CN=A914ED2B/serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Certificate serial: 07DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft Manifest number: 07CD Signing time: Fri 30 May 2025 21:19:55 +0000 Manifest this update: Fri 30 May 2025 21:19:54 +0000 Manifest next update: Fri 06 Jun 2025 21:19:54 +0000 Files and hashes: 1: D9l6GEHJl08fSQQu2j5yhCGq5f4.crl (hash: k1oaOI0nKrey0Bb3sXYI59MD27tqKRN55crQ9mdB/5w=) 2: D31B3092F40911EA8A5C9E70C4F9AE02.roa (hash: Es/KgzPMe1zYauziZBRZHyjZJ35reOpMCOBV6MckhCs=) 3: D25A6970F40911EA8A5C9E70C4F9AE02.roa (hash: Ka3pUjVhAjV8Jw2bqRS1fw1Jl4NqlRDOjR/Fjs/H0+M=) 4: CD0710DA3F3511ED84AFEA5BC4F9AE02.roa (hash: OhYJKozvfID8ylqYGKB5GjbLkxxbmKyR5Jo0rIME+Bo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:19:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2011 (0x7db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914ED2B, serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Validity Not Before: May 30 21:19:54 2025 GMT Not After : Jun 6 21:19:54 2025 GMT Subject: CN=683a20fb-f4fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:c8:d2:50:16:4c:89:4b:93:85:ac:52:99:42: 69:be:b4:46:f0:d7:83:ce:da:97:27:a0:3c:06:44: d2:ce:77:ff:73:3b:bf:35:d4:c9:b3:a4:5e:17:b7: 50:fc:03:17:ee:e6:60:a3:ad:b9:ea:7f:fd:bd:ab: ae:57:85:e1:27:e7:83:af:0c:12:4f:17:2d:f6:b3: c7:a0:4a:80:e3:ae:a6:21:f8:1f:ce:c8:0b:a0:94: 37:88:f8:7e:68:f7:7e:01:3d:67:85:6d:99:db:4e: 70:c7:39:89:8c:4f:d4:d7:d4:70:6d:ec:d7:6a:c5: b4:7d:cd:6e:02:c5:89:9c:8e:39:1f:0d:f4:7d:c8: 35:d4:24:df:9c:84:c0:7a:23:e7:90:cb:b4:fa:54: e5:fb:e7:c2:a0:2c:15:c8:b1:e8:2b:fe:ef:1e:db: ca:54:78:eb:c7:1b:52:f9:30:2b:85:4d:96:cc:65: 76:60:0f:c0:bb:c7:f7:20:cf:b6:fe:ee:df:61:c9: 9d:04:f8:8b:94:7b:e5:a2:9c:05:26:ca:3e:12:64: 80:40:80:8c:22:f2:93:95:a5:2a:0d:63:d1:1c:1b: cc:8a:d7:66:a4:5b:42:58:0f:09:af:cf:26:83:02: 3f:98:b7:e4:e4:10:97:44:34:a2:ce:da:e1:25:29: 55:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:A3:83:EC:67:A7:73:9D:A2:C1:54:EA:2F:25:A9:C7:C4:D0:8D:F6 X509v3 Authority Key Identifier: keyid:0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:04:70:fc:5c:dd:0a:2d:37:d5:1d:04:93:9f:30:a8:1d:ad: 1a:9d:6e:c5:d3:6c:5f:69:48:cc:41:20:80:24:1b:30:70:b6: fc:2e:91:6e:76:88:40:4d:7d:77:be:0c:1c:26:61:12:1d:b1: 00:5b:c2:a4:b4:64:d8:ba:b3:94:00:ec:bd:be:5c:6f:48:6d: 93:76:9c:a3:cf:42:4c:93:31:a4:27:84:6a:47:85:24:a0:55: 3f:85:6e:6c:b8:13:8c:de:41:b7:44:62:50:23:71:15:6c:d9: 4c:97:03:d0:6c:e2:67:09:28:bb:9a:5f:fc:35:92:4e:17:68: bf:d3:a0:0b:5d:52:67:9e:2b:d5:28:cb:46:d7:26:22:e8:8e: 22:96:d7:97:4c:6e:ff:27:ef:93:54:02:f5:28:d0:93:3d:11: 0e:6d:14:00:1e:e0:27:88:67:fd:3e:e6:3b:93:f1:fb:b5:ff: c3:da:eb:06:03:4b:25:24:8d:3e:4b:7b:fe:ec:32:f7:67:22: e1:15:7a:10:f5:3e:54:9f:42:0c:e4:a6:7f:4b:54:b4:7f:61: a9:f1:78:84:13:44:a1:f8:08:b5:a6:d0:6e:35:03:c8:c5:1c: 79:a4:f5:4e:54:7d:d4:71:65:b4:94:21:99:02:ab:07:92:8c: b2:50:f9:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVEMkIxMTAvBgNVBAUTKDBGRDk3QTE4NDFDOTk3NEYxRjQ5MDQyRURBM0U3Mjg0 MjFBQUU1RkUwHhcNMjUwNTMwMjExOTU0WhcNMjUwNjA2MjExOTU0WjAYMRYwFAYD VQQDEw02ODNhMjBmYi1mNGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm8jSUBZMiUuThaxSmUJpvrRG8NeDztqXJ6A8BkTSznf/czu/NdTJs6ReF7dQ /AMX7uZgo6256n/9vauuV4XhJ+eDrwwSTxct9rPHoEqA466mIfgfzsgLoJQ3iPh+ aPd+AT1nhW2Z205wxzmJjE/U19RwbezXasW0fc1uAsWJnI45Hw30fcg11CTfnITA eiPnkMu0+lTl++fCoCwVyLHoK/7vHtvKVHjrxxtS+TArhU2WzGV2YA/Au8f3IM+2 /u7fYcmdBPiLlHvlopwFJso+EmSAQICMIvKTlaUqDWPRHBvMitdmpFtCWA8Jr88m gwI/mLfk5BCXRDSiztrhJSlVjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD+jg+xn p3OdosFU6i8lqcfE0I32MB8GA1UdIwQYMBaAFA/ZehhByZdPH0kELto+coQhquX+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUQyQi84QjY3MDBBNkY0 MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmwwOGZTUVF1Mmo1eWhDR3E1 ZjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q5bDZHRUhKbDA4ZlNRUXUyajV5aENHcTVmNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RUQyQi84QjY3MDBBNkY0MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmww OGZTUVF1Mmo1eWhDR3E1ZjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2BHD8XN0KLTfVHQSTnzCoHa0anW7F02xfaUjMQSCAJBswcLb8LpFu dohATX13vgwcJmESHbEAW8KktGTYurOUAOy9vlxvSG2Tdpyjz0JMkzGkJ4RqR4Uk oFU/hW5suBOM3kG3RGJQI3EVbNlMlwPQbOJnCSi7ml/8NZJOF2i/06ALXVJnnivV KMtG1yYi6I4ilteXTG7/J++TVAL1KNCTPREObRQAHuAniGf9PuY7k/H7tf/D2usG A0slJI0+S3v+7DL3ZyLhFXoQ9T5Un0IM5KZ/S1S0f2Gp8XiEE0Sh+Ai1ptBuNQPI xRx5pPVOVH3UcWW0lCGZAqsHkoyyUPk5 -----END CERTIFICATE-----Generated at Sat May 31 16:40:45 2025 by rpki-client