$ rpki-client -vvf rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft File: LOCE4B2sa01jSTjXbOraWWNVvVM.mft (raw, json) Hash identifier: 1QhKKK/VKXCC8KKhKUp7FJucvtCSGRvHHYdQcKaAwXg= Subject key identifier: CB:7B:7F:A0:10:61:D7:A7:06:A7:03:29:3A:3F:B8:C0:F9:BA:D6:12 Authority key identifier: 2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 Certificate issuer: /CN=A915EA8F/serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Certificate serial: 0274 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft Manifest number: 0270 Signing time: Fri 05 Sep 2025 02:05:09 +0000 Manifest this update: Fri 05 Sep 2025 02:05:08 +0000 Manifest next update: Fri 12 Sep 2025 02:05:08 +0000 Files and hashes: 1: LOCE4B2sa01jSTjXbOraWWNVvVM.crl (hash: RCEEw1YSVnBr9NhifYYPA9cEkUfElYwWfxJ4esQNX+A=) 2: 028640A8242B11ED9547B486C4F9AE02.roa (hash: dsbPmjXp/oYWvfHXOZsMcI3WqL8KWucAeTqSoUbpKas=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 02:05:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 628 (0x274) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EA8F, serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Validity Not Before: Sep 5 02:05:08 2025 GMT Not After : Sep 12 02:05:08 2025 GMT Subject: CN=68ba4554-627d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f8:ba:84:e4:1c:dc:d1:d8:f6:a5:90:2f:e8: 60:fe:f8:83:f7:05:f6:3d:2f:df:6e:ff:43:55:79: da:b3:a6:6e:8f:9a:ba:66:a1:94:51:05:af:9f:c2: 97:8e:29:d4:77:67:ba:ca:b0:58:9b:a5:e1:ba:dd: 35:d2:2b:97:6f:a9:90:b5:c1:66:54:46:43:76:ee: 43:94:f9:e6:13:1e:a9:6a:cf:9b:d8:35:8e:3b:3b: ad:7e:4a:6c:63:f2:5e:4b:8b:af:ec:e0:20:86:f7: 46:13:2e:a4:fe:7a:e0:81:e3:6f:5d:05:81:64:71: 2e:4e:6b:43:42:03:a2:53:33:3f:b3:a6:74:18:ff: 00:fd:0b:79:4c:e1:d2:af:b1:b7:e7:65:89:74:59: 72:4a:77:5d:1c:97:2b:23:25:11:55:8d:90:86:26: 0d:54:60:10:1c:2d:11:49:ea:fe:3b:36:9b:f3:9c: 6b:f7:ce:86:cb:d1:65:c0:fb:6c:9b:ad:92:87:4a: b6:92:d8:79:f9:ee:97:6c:67:c3:a1:a2:83:97:61: 9a:7d:5f:af:3f:bc:ea:de:83:da:c0:a1:67:0a:8f: b1:db:78:53:6d:c5:80:ff:da:15:00:d9:34:7a:96: 77:45:98:3a:5b:84:c5:bb:fe:c4:c3:8b:e4:19:27: 3c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:7B:7F:A0:10:61:D7:A7:06:A7:03:29:3A:3F:B8:C0:F9:BA:D6:12 X509v3 Authority Key Identifier: keyid:2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:f9:92:08:7c:a5:0f:95:a9:a9:3f:a2:d4:02:77:6c:3c:cb: 36:3a:fb:c1:c1:b2:07:af:ef:28:a0:27:51:b3:ea:06:ab:7c: a5:20:74:c9:d5:9b:a8:14:b7:8d:d7:ff:00:ad:e5:a4:31:28: bc:b6:38:71:f9:61:14:0e:24:41:51:80:1b:e4:ac:2c:fa:e1: 88:97:1a:a0:ff:03:fc:2c:2d:ce:4a:e2:54:96:9b:f6:33:2e: 76:7e:59:79:73:58:d4:d9:50:01:2f:d6:18:7b:b0:f7:4d:04: 5f:93:9f:c8:45:88:58:6c:89:44:ba:1e:be:c3:cb:9d:54:c0: dd:70:8b:16:b4:25:2b:f4:41:3e:5d:55:b4:be:1e:be:5b:00: ca:ee:b5:bf:f6:39:0a:07:73:97:14:c5:1e:af:d0:14:b2:37: c2:96:45:28:6f:05:da:7c:1b:14:0e:3e:3b:ef:39:6d:cc:50: 72:08:8e:d8:56:48:7e:72:ad:65:14:52:3d:6c:6d:ab:1f:cb: 6c:66:da:8f:26:a4:a4:56:a7:87:95:f4:3c:45:85:29:c3:34: 58:da:45:df:de:3d:ef:a2:81:a1:05:75:b5:72:7a:9c:59:b0: 93:5a:47:ab:41:2e:3c:6d:ba:44:5d:95:46:82:a2:53:19:6a: ac:06:59:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVBOEYxMTAvBgNVBAUTKDJDRTA4NEUwMURBQzZCNEQ2MzQ5MzhENzZDRUFEQTU5 NjM1NUJENTMwHhcNMjUwOTA1MDIwNTA4WhcNMjUwOTEyMDIwNTA4WjAYMRYwFAYD VQQDEw02OGJhNDU1NC02MjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0vi6hOQc3NHY9qWQL+hg/viD9wX2PS/fbv9DVXnas6Zuj5q6ZqGUUQWvn8KX jinUd2e6yrBYm6Xhut010iuXb6mQtcFmVEZDdu5DlPnmEx6pas+b2DWOOzutfkps Y/JeS4uv7OAghvdGEy6k/nrggeNvXQWBZHEuTmtDQgOiUzM/s6Z0GP8A/Qt5TOHS r7G352WJdFlySnddHJcrIyURVY2QhiYNVGAQHC0RSer+Ozab85xr986Gy9FlwPts m62Sh0q2kth5+e6XbGfDoaKDl2GafV+vP7zq3oPawKFnCo+x23hTbcWA/9oVANk0 epZ3RZg6W4TFu/7Ew4vkGSc8hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMt7f6AQ YdenBqcDKTo/uMD5utYSMB8GA1UdIwQYMBaAFCzghOAdrGtNY0k412zq2lljVb1T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUE4Ri9FM0EzNUJCNDI0 MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2EwMWpTVGpYYk9yYVdXTlZ2 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xPQ0U0QjJzYTAxalNUalhiT3JhV1dOVnZWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RUE4Ri9FM0EzNUJCNDI0MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2Ew MWpTVGpYYk9yYVdXTlZ2Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBs+ZIIfKUPlampP6LUAndsPMs2OvvBwbIHr+8ooCdRs+oGq3ylIHTJ 1ZuoFLeN1/8AreWkMSi8tjhx+WEUDiRBUYAb5Kws+uGIlxqg/wP8LC3OSuJUlpv2 My52fll5c1jU2VABL9YYe7D3TQRfk5/IRYhYbIlEuh6+w8udVMDdcIsWtCUr9EE+ XVW0vh6+WwDK7rW/9jkKB3OXFMUer9AUsjfClkUobwXafBsUDj477zltzFByCI7Y Vkh+cq1lFFI9bG2rH8tsZtqPJqSkVqeHlfQ8RYUpwzRY2kXf3j3vooGhBXW1cnqc WbCTWkerQS48bbpEXZVGgqJTGWqsBlm1 -----END CERTIFICATE-----Generated at Sat Sep 6 12:06:45 2025 by rpki-client