$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft File: SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft (raw, json) Hash identifier: o0N3aXYzu+8hunbqbv7JsilN14IPa611S8vlZV+osPE= Subject key identifier: 03:AE:58:31:B4:5A:D0:21:E1:3D:76:5F:C6:DD:C5:82:F2:09:F9:F8 Authority key identifier: 48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A Certificate issuer: /CN=A916BCDF/serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A Certificate serial: 0C11 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft Manifest number: 0C0A Signing time: Sat 31 May 2025 17:15:07 +0000 Manifest this update: Sat 31 May 2025 17:15:06 +0000 Manifest next update: Sat 07 Jun 2025 17:15:06 +0000 Files and hashes: 1: SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl (hash: cOs8FsodXpsdZxodvFhLbEZXW5cV/DrA/55Xk6g4dpc=) 2: AB138380985F11EEBA5D186DC4F9AE02.roa (hash: F/Rw9IBSfAAu9SS5Zj7ZXQURqKcO45qHbFvRjzx84SU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 17:15:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3089 (0xc11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BCDF, serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A Validity Not Before: May 31 17:15:06 2025 GMT Not After : Jun 7 17:15:06 2025 GMT Subject: CN=683b391a-0d91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ee:f9:5c:ad:98:bc:21:6a:67:da:35:e8:cc: 90:f4:9f:42:e9:34:5a:e9:3d:20:c2:77:20:cb:ad: b1:5c:74:b1:75:8b:2b:6d:89:da:83:17:75:f1:47: 9e:2c:0e:b9:5c:47:53:09:9b:a2:e7:36:71:7c:af: 9b:3a:dd:11:52:c1:d0:32:53:17:a6:39:77:73:f1: 9c:69:43:19:b4:b4:9d:34:b2:84:b6:50:15:21:0d: f8:41:98:89:17:ee:bc:09:fc:ab:3d:ce:26:9d:7a: fe:61:91:0f:b2:35:8b:c4:78:3c:23:e6:4b:3d:e3: 23:f2:f4:01:93:82:f9:a3:39:e3:dc:45:2f:71:3e: fd:43:b3:bc:6d:04:fd:69:8a:a8:47:ee:87:38:d9: a1:2b:bf:90:4e:bc:38:ee:dc:98:0c:70:c4:d0:87: 67:7b:2e:f6:b5:0b:26:56:f9:c3:20:82:5e:b3:07: c0:39:95:fc:16:5f:09:22:b9:1b:6d:c0:02:07:48: f1:28:07:f3:79:5e:9c:be:19:ed:ab:28:d3:24:41: 99:aa:b1:cf:42:7f:52:59:18:3b:87:66:ba:66:56: 69:6c:e6:07:97:07:f7:a2:18:71:7e:c9:33:e3:1a: 11:4f:28:bf:3d:77:4f:60:48:98:e4:63:e6:17:be: 2f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:AE:58:31:B4:5A:D0:21:E1:3D:76:5F:C6:DD:C5:82:F2:09:F9:F8 X509v3 Authority Key Identifier: keyid:48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:eb:16:4b:76:8f:5e:cf:df:f9:a3:ca:c2:02:e4:a0:01:87: af:65:42:19:4f:1d:98:13:91:d2:f3:3b:e2:14:47:00:d1:c9: 20:cb:af:0c:0c:95:fb:04:60:1f:e1:ee:16:61:cb:85:c4:20: 1f:c6:f1:e4:d4:ec:7f:85:78:29:f9:9f:c1:67:59:f5:f1:0f: d5:9e:89:30:77:e5:c0:12:65:2b:09:04:49:87:83:15:81:0d: db:2b:89:db:85:35:dd:b9:37:e0:b7:cf:49:20:d9:aa:bc:fc: 4f:e3:a3:13:58:f2:e5:7b:d1:71:47:32:10:62:94:b7:44:40: ed:43:82:93:27:9d:fa:f0:31:50:7e:fb:33:b9:92:53:9f:39: 2c:8d:89:d2:80:7d:3e:f4:6b:ff:c1:6d:d9:9a:d8:fa:ea:5b: e5:93:e4:e4:56:a7:f8:2a:1d:5e:1f:58:6d:b6:ac:1f:ab:64: b1:08:97:0e:13:66:47:4f:60:bc:4c:3e:04:09:9f:5c:0c:ee: 4d:97:df:16:4d:b9:12:0c:13:75:f3:41:a6:03:1a:a6:f1:71: f5:c5:cb:d5:ff:a7:35:32:f3:f6:22:3e:41:1a:08:b3:2e:14: c2:78:75:95:e9:a3:31:8c:f0:39:c4:dc:ce:71:d7:a1:7b:dd: 47:d7:b3:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDREYxMTAvBgNVBAUTKDQ4NTJFODcyNkMxNDQ4QTEwNDBDQ0ZBMDQzQjgzMTRB QUU0QzRFOUEwHhcNMjUwNTMxMTcxNTA2WhcNMjUwNjA3MTcxNTA2WjAYMRYwFAYD VQQDEw02ODNiMzkxYS0wZDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwu75XK2YvCFqZ9o16MyQ9J9C6TRa6T0gwncgy62xXHSxdYsrbYnagxd18Uee LA65XEdTCZui5zZxfK+bOt0RUsHQMlMXpjl3c/GcaUMZtLSdNLKEtlAVIQ34QZiJ F+68CfyrPc4mnXr+YZEPsjWLxHg8I+ZLPeMj8vQBk4L5oznj3EUvcT79Q7O8bQT9 aYqoR+6HONmhK7+QTrw47tyYDHDE0Idney72tQsmVvnDIIJeswfAOZX8Fl8JIrkb bcACB0jxKAfzeV6cvhntqyjTJEGZqrHPQn9SWRg7h2a6ZlZpbOYHlwf3ohhxfskz 4xoRTyi/PXdPYEiY5GPmF74vCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAOuWDG0 WtAh4T12X8bdxYLyCfn4MB8GA1UdIwQYMBaAFEhS6HJsFEihBAzPoEO4MUquTE6a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9DMUNCMkRGMjEw RDgxMUVBOUJEMUE1NURDNEY5QUUwMi9TRkxvY213VVNLRUVETS1nUTdneFNxNU1U cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1NGTG9jbXdVU0tFRURNLWdRN2d4U3E1TVRwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QkNERi9DMUNCMkRGMjEwRDgxMUVBOUJEMUE1NURDNEY5QUUwMi9TRkxvY213VVNL RUVETS1nUTdneFNxNU1UcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCR6xZLdo9ez9/5o8rCAuSgAYevZUIZTx2YE5HS8zviFEcA0ckgy68M DJX7BGAf4e4WYcuFxCAfxvHk1Ox/hXgp+Z/BZ1n18Q/Vnokwd+XAEmUrCQRJh4MV gQ3bK4nbhTXduTfgt89JINmqvPxP46MTWPLle9FxRzIQYpS3REDtQ4KTJ5368DFQ fvszuZJTnzksjYnSgH0+9Gv/wW3Zmtj66lvlk+TkVqf4Kh1eH1httqwfq2SxCJcO E2ZHT2C8TD4ECZ9cDO5Nl98WTbkSDBN180GmAxqm8XH1xcvV/6c1MvP2Ij5BGgiz LhTCeHWV6aMxjPA5xNzOcdehe91H17O2 -----END CERTIFICATE-----Generated at Sun Jun 1 21:03:36 2025 by rpki-client