$ rpki-client -vvf rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft File: sDQcND_hUl92ySmWEMoOeOk-h8M.mft (raw, json) Hash identifier: CXpO9UHIlR0QXo8bmSRqF6STZJxk1MVRmu/BjfLPLkY= Subject key identifier: 7B:D7:F7:66:1F:AB:37:16:33:D4:18:AC:15:D8:42:E4:80:EC:C9:BF Authority key identifier: B0:34:1C:34:3F:E1:52:5F:76:C9:29:96:10:CA:0E:78:E9:3E:87:C3 Certificate issuer: /CN=A9167FBA/serialNumber=B0341C343FE1525F76C9299610CA0E78E93E87C3 Certificate serial: 41 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft Manifest number: 40 Signing time: Sat 19 Jul 2025 07:45:23 +0000 Manifest this update: Sat 19 Jul 2025 07:45:22 +0000 Manifest next update: Sat 26 Jul 2025 07:45:22 +0000 Files and hashes: 1: sDQcND_hUl92ySmWEMoOeOk-h8M.crl (hash: bteZ1Oydnm3OUwfozi2bbNMa7bbMUWMTozMI/FWqc9Q=) 2: F4B92E1C05A111F082D17325C4F9AE02.roa (hash: kGx1CJpE3cHBsf4M7cgjGHBrxKAD0rzUUv2UM3HRfTY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.crl rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65 (0x41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167FBA, serialNumber=B0341C343FE1525F76C9299610CA0E78E93E87C3 Validity Not Before: Jul 19 07:45:22 2025 GMT Not After : Jul 26 07:45:22 2025 GMT Subject: CN=687b4d13-85f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:38:cc:e1:4e:5a:02:b4:18:01:ce:6d:cb:99: 61:f6:6c:a7:49:b3:c3:8d:4f:5c:dc:60:c9:c3:3d: d0:e5:f3:2e:a9:97:f2:71:95:48:0d:74:cc:08:7f: 14:6d:24:8c:0a:4c:d3:b0:dc:5f:24:f7:9d:95:b3: 18:3b:aa:96:a8:b1:eb:c2:5b:fe:96:49:66:71:2b: 74:27:e9:2a:17:7d:37:e2:17:23:33:b5:b4:48:20: d5:aa:0f:8a:c1:7f:98:a6:a0:8a:24:0a:b1:4e:15: b2:e9:dc:1b:a7:2b:55:31:35:6f:aa:4b:5f:67:0b: da:d1:0a:3a:24:ce:a2:c2:87:cc:e4:0e:74:cb:55: 93:65:98:da:f9:aa:e7:db:e7:55:5e:61:ba:66:9d: fc:87:b5:3a:c3:08:21:07:81:3e:2d:dd:42:5f:50: 56:81:b7:19:89:ef:96:70:a1:38:af:e2:5f:a7:c6: ae:44:6a:68:65:92:9f:a2:ea:2c:97:d1:2a:68:9e: 54:b7:24:85:fc:ce:96:ab:90:66:b7:60:33:5d:da: 7e:52:5e:80:c4:ea:5d:65:97:e6:d1:2d:3c:e9:fa: a5:95:6d:10:78:59:fe:2a:a8:c3:bc:cb:bc:4e:98: 51:0e:d7:b6:b1:b5:aa:69:ed:b5:80:55:81:f4:cb: 6b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:D7:F7:66:1F:AB:37:16:33:D4:18:AC:15:D8:42:E4:80:EC:C9:BF X509v3 Authority Key Identifier: keyid:B0:34:1C:34:3F:E1:52:5F:76:C9:29:96:10:CA:0E:78:E9:3E:87:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:77:50:1c:8e:f8:73:2f:85:a0:bf:8f:f4:52:ae:a2:59:05: 76:c9:99:5b:95:82:07:9e:3f:26:d1:17:8e:7b:57:ae:7e:2b: 38:57:85:b2:d7:26:6e:67:58:e0:84:76:b1:10:e5:58:c6:58: a2:8a:73:ca:a5:db:e7:b7:fe:2d:09:6f:8c:71:a3:71:af:d3: 47:61:72:38:86:c7:2b:47:b3:02:d9:58:8a:06:a6:a1:fe:84: eb:9a:1c:31:e0:85:fb:de:63:3a:f7:92:af:4b:38:41:28:14: c5:aa:5d:27:a8:e3:f9:06:24:31:b4:7e:fc:3f:78:97:9a:42: 33:60:e8:2c:8e:fc:16:ed:d4:c8:d3:bd:1d:da:6b:4e:a5:0c: e2:d5:86:bc:e2:df:ad:18:7f:d4:7a:f9:84:af:4e:c6:93:ac: 7f:08:5c:3d:8f:d4:08:a2:60:bc:0b:0d:24:2d:1b:29:b4:8e: 42:c5:4e:81:f0:30:96:08:ae:b9:eb:d7:d7:ad:2d:a6:41:6a: fd:93:f1:70:e9:37:f1:d2:c3:07:50:5a:09:80:cc:76:1c:5f: 64:10:5a:fa:57:8a:27:35:c9:6f:42:d0:f2:2a:2b:3b:98:2b: d7:54:3c:c6:5d:33:63:7a:c7:12:dc:cd:8b:ce:05:21:e4:db: 38:00:ce:b3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 N0ZCQTExMC8GA1UEBRMoQjAzNDFDMzQzRkUxNTI1Rjc2QzkyOTk2MTBDQTBFNzhF OTNFODdDMzAeFw0yNTA3MTkwNzQ1MjJaFw0yNTA3MjYwNzQ1MjJaMBgxFjAUBgNV BAMTDTY4N2I0ZDEzLTg1ZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2OMzhTloCtBgBzm3LmWH2bKdJs8ONT1zcYMnDPdDl8y6pl/JxlUgNdMwIfxRt JIwKTNOw3F8k952Vsxg7qpaosevCW/6WSWZxK3Qn6SoXfTfiFyMztbRIINWqD4rB f5imoIokCrFOFbLp3BunK1UxNW+qS19nC9rRCjokzqLCh8zkDnTLVZNlmNr5qufb 51VeYbpmnfyHtTrDCCEHgT4t3UJfUFaBtxmJ75ZwoTiv4l+nxq5Eamhlkp+i6iyX 0SponlS3JIX8zparkGa3YDNd2n5SXoDE6l1ll+bRLTzp+qWVbRB4Wf4qqMO8y7xO mFEO17axtapp7bWAVYH0y2vfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUe9f3Zh+r NxYz1BisFdhC5IDsyb8wHwYDVR0jBBgwFoAUsDQcND/hUl92ySmWEMoOeOk+h8Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3RkJBLzQyRkMzRDhBMDQ4 RjExRjA4NzJFODU0N0M0RjlBRTAyL3NEUWNORF9oVWw5MnlTbVdFTW9PZU9rLWg4 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvc0RRY05EX2hVbDkyeVNtV0VNb09lT2staDhNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3 RkJBLzQyRkMzRDhBMDQ4RjExRjA4NzJFODU0N0M0RjlBRTAyL3NEUWNORF9oVWw5 MnlTbVdFTW9PZU9rLWg4TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEx3UByO+HMvhaC/j/RSrqJZBXbJmVuVggeePybRF457V65+KzhXhbLX Jm5nWOCEdrEQ5VjGWKKKc8ql2+e3/i0Jb4xxo3Gv00dhcjiGxytHswLZWIoGpqH+ hOuaHDHghfveYzr3kq9LOEEoFMWqXSeo4/kGJDG0fvw/eJeaQjNg6CyO/Bbt1MjT vR3aa06lDOLVhrzi360Yf9R6+YSvTsaTrH8IXD2P1AiiYLwLDSQtGym0jkLFToHw MJYIrrnr19etLaZBav2T8XDpN/HSwwdQWgmAzHYcX2QQWvpXiic1yW9C0PIqKzuY K9dUPMZdM2N6xxLczYvOBSHk2zgAzrM= -----END CERTIFICATE-----Generated at Mon Jul 21 00:27:07 2025 by rpki-client