$ rpki-client -vvf rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft File: 433E2CR2A-hIwAZsRFuc2NpzUNY.mft (raw, json) Hash identifier: X5LYYBbReZ0ffcS9FC0m4lv0JgD8mJyFlP6r09ImmNY= Subject key identifier: 60:81:67:DE:1C:1D:AB:B0:E6:56:A7:A3:7A:10:A4:19:91:6D:AA:6D Authority key identifier: E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 Certificate issuer: /CN=A916C8F2/serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Certificate serial: 05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft Manifest number: 04 Signing time: Sat 05 Jul 2025 08:31:38 +0000 Manifest this update: Sat 05 Jul 2025 08:31:38 +0000 Manifest next update: Sat 12 Jul 2025 08:31:38 +0000 Files and hashes: 1: 433E2CR2A-hIwAZsRFuc2NpzUNY.crl (hash: Iop8NqFHgZxi96XBop5Lgu9eGQEZ1A+5w/dTLbMB+h0=) 2: 730C503A56C611F096620043C4F9AE02.roa (hash: m+BAyP5CIYN6CIS7MvKKiKoAky/65ZLjF2ZjJHqu8U0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Jul 2025 08:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C8F2, serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Validity Not Before: Jul 5 08:31:38 2025 GMT Not After : Jul 12 08:31:38 2025 GMT Subject: CN=6868e2ea-31e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a6:80:15:a8:5e:2b:dc:1b:f6:28:51:03:eb: 71:68:e9:09:76:ab:e5:8d:24:5b:58:2c:ad:93:4a: 49:2d:b1:76:8d:a7:15:64:bd:e9:c3:5c:f1:40:22: 97:7b:a5:79:6d:07:a4:0c:e7:ad:c3:c2:67:0e:6a: f2:c1:10:cd:db:ba:aa:f0:de:10:9c:f7:60:ee:ef: 02:8b:df:78:ab:59:19:e4:77:0f:ca:b9:52:62:9c: 9d:fa:aa:d8:df:44:87:8c:24:6d:06:f4:be:8d:e3: cf:4a:fb:9e:3c:5b:0e:2a:d6:32:9f:a9:47:24:f1: a9:4c:da:d9:9e:3a:61:ad:44:f8:81:d8:ea:42:fc: 52:19:ab:3d:07:1a:27:bc:f9:c2:85:5b:03:05:76: 55:82:08:76:4f:89:09:1d:bb:85:27:a2:ff:8b:af: 44:3a:3a:9b:0e:8a:bf:ec:50:6a:2e:d3:ac:f1:ba: ac:c8:91:2b:5d:b2:c3:43:b8:a4:d9:80:4c:88:dd: f7:bd:4d:9a:eb:43:28:31:f0:84:39:52:aa:57:c7: f3:c8:61:7c:e4:83:18:3f:62:eb:ac:24:e8:99:8c: 28:53:02:c2:9d:9d:a4:95:6f:37:a2:3e:16:63:50: 90:ed:7e:6a:dc:11:08:68:53:fc:dc:2e:9c:d5:e9: de:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:81:67:DE:1C:1D:AB:B0:E6:56:A7:A3:7A:10:A4:19:91:6D:AA:6D X509v3 Authority Key Identifier: keyid:E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:af:30:66:21:74:11:df:ad:59:1a:3c:13:d9:98:11:ac:1b: 29:c6:de:56:01:ac:25:30:93:1f:80:bb:2d:f1:c2:83:17:eb: 87:fc:bb:e4:67:69:bd:5c:41:bc:de:83:c7:35:d6:28:27:43: 38:38:72:e7:85:4f:c5:4f:fe:56:bf:70:75:90:f5:b9:a2:66: 31:73:56:86:79:04:8e:f1:ce:e4:4d:35:20:ba:30:6b:75:cf: a5:f9:61:70:25:c4:05:f1:0c:ea:ad:09:b3:55:15:a9:c3:90: 2c:20:f3:cb:f2:a3:b7:78:78:dd:34:63:c4:1c:1e:9c:62:61: ce:68:d2:11:af:de:3d:bd:ff:f1:52:84:4c:b2:ae:66:25:98: 40:38:ed:88:14:21:7d:7f:29:4a:34:0f:66:aa:27:b2:b3:2c: 6f:4f:35:cf:b6:9e:ee:c3:41:7b:bc:a6:a3:ff:65:84:93:85: a3:d1:ce:c3:a9:6b:f8:51:f9:c3:72:be:56:72:59:78:24:a4: 84:2c:2c:ff:3e:7a:f4:f0:4e:a4:95:3b:7e:9e:54:6f:f7:0f: 76:e1:74:f6:e7:57:b4:81:38:96:73:28:41:57:22:7e:8b:67: 6a:1d:4e:1e:34:52:45:c2:fe:71:04:03:02:c0:ff:67:37:e9: 28:3d:53:2c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzhGMjExMC8GA1UEBRMoRTM3REM0RDgyNDc2MDNFODQ4QzAwNjZDNDQ1QjlDRDhE QTczNTBENjAeFw0yNTA3MDUwODMxMzhaFw0yNTA3MTIwODMxMzhaMBgxFjAUBgNV BAMTDTY4NjhlMmVhLTMxZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/poAVqF4r3Bv2KFED63Fo6Ql2q+WNJFtYLK2TSkktsXaNpxVkvenDXPFAIpd7 pXltB6QM563DwmcOavLBEM3buqrw3hCc92Du7wKL33irWRnkdw/KuVJinJ36qtjf RIeMJG0G9L6N489K+548Ww4q1jKfqUck8alM2tmeOmGtRPiB2OpC/FIZqz0HGie8 +cKFWwMFdlWCCHZPiQkdu4Unov+Lr0Q6OpsOir/sUGou06zxuqzIkStdssNDuKTZ gEyI3fe9TZrrQygx8IQ5UqpXx/PIYXzkgxg/YuusJOiZjChTAsKdnaSVbzeiPhZj UJDtfmrcEQhoU/zcLpzV6d4JAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYIFn3hwd q7DmVqejehCkGZFtqm0wHwYDVR0jBBgwFoAU433E2CR2A+hIwAZsRFuc2NpzUNYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDOEYyLzI4N0RFNzM2NTZD NjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1oSXdBWnNSRnVjMk5welVO WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNDMzRTJDUjJBLWhJd0Fac1JGdWMyTnB6VU5ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD OEYyLzI4N0RFNzM2NTZDNjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1o SXdBWnNSRnVjMk5welVOWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHmvMGYhdBHfrVkaPBPZmBGsGynG3lYBrCUwkx+Auy3xwoMX64f8u+Rn ab1cQbzeg8c11ignQzg4cueFT8VP/la/cHWQ9bmiZjFzVoZ5BI7xzuRNNSC6MGt1 z6X5YXAlxAXxDOqtCbNVFanDkCwg88vyo7d4eN00Y8QcHpxiYc5o0hGv3j29//FS hEyyrmYlmEA47YgUIX1/KUo0D2aqJ7KzLG9PNc+2nu7DQXu8pqP/ZYSThaPRzsOp a/hR+cNyvlZyWXgkpIQsLP8+evTwTqSVO36eVG/3D3bhdPbnV7SBOJZzKEFXIn6L Z2odTh40UkXC/nEEAwLA/2c36Sg9Uyw= -----END CERTIFICATE-----Generated at Mon Jul 7 09:04:40 2025 by rpki-client