$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: OKyWyDU7PtxPLHLFICe01qKMXmLZOvbZYxUNd4B0K/o= Subject key identifier: CB:02:8F:10:1B:B8:5F:33:63:33:99:56:B3:64:D9:5E:BA:17:F6:16 Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 0791 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 078C Signing time: Fri 06 Jun 2025 21:27:07 +0000 Manifest this update: Fri 06 Jun 2025 21:27:06 +0000 Manifest next update: Fri 13 Jun 2025 21:27:06 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: cQrNl9QUagPpvOpUo2TL37/SFfUol580dmj2donw17o=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 0rr8K1LQ/thtLtkFZc4kC3SiEr3iL8XaKJgB3Bca1+4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 21:27:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1937 (0x791) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Jun 6 21:27:06 2025 GMT Not After : Jun 13 21:27:06 2025 GMT Subject: CN=68435d2b-c4c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c1:cf:6f:e3:3d:9d:64:d5:80:4d:10:e2:fc: fd:71:23:76:c4:68:a2:b0:76:78:fa:19:1a:20:3c: 29:36:92:97:20:6c:b1:98:ae:04:19:87:6f:e3:7e: 96:be:75:66:86:9b:ab:9f:53:79:ca:c3:9f:3f:6c: aa:62:a2:41:84:cd:0b:ed:29:f1:93:40:28:57:e2: 9c:38:6f:cc:ab:f0:7a:be:ca:69:b4:ff:3d:9c:a3: 50:6b:2a:47:fc:f1:e1:f9:fa:ad:96:36:a4:58:0b: c0:11:bf:86:a3:0b:14:9f:7a:12:f6:1d:24:b7:27: 65:a6:97:6f:d4:e2:6b:1d:1b:b3:87:e4:fb:09:b6: 63:a8:51:a0:26:42:54:cd:f8:1b:6f:9f:9c:bb:72: 1b:35:cf:e9:f3:e6:14:eb:74:58:53:07:08:b5:4c: 06:dc:9d:a1:21:39:8d:b5:61:ef:7f:b1:6f:45:9a: 2e:21:57:28:f7:21:39:cc:e9:be:e6:bb:40:72:00: 68:7d:54:d7:83:ce:51:2d:0c:e0:ba:c7:54:81:04: 5e:fb:5c:b7:7c:2b:be:a5:e9:76:42:ad:74:44:78: 6f:0f:c6:36:58:ec:6b:bb:03:32:73:fb:0d:d6:20: b0:57:c3:0b:af:8e:ee:f9:bd:8b:35:b0:99:d0:8c: a9:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:02:8F:10:1B:B8:5F:33:63:33:99:56:B3:64:D9:5E:BA:17:F6:16 X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:70:fd:2f:0c:ec:6c:9d:51:18:15:e5:9a:d6:1e:93:4f:a3: 46:0c:78:ff:49:39:c8:01:43:2d:1d:10:1b:3e:21:6b:3a:6d: eb:d8:d8:ad:10:90:35:87:fe:8f:8f:0a:e3:0a:a1:60:0b:c6: 19:15:ad:4d:c6:bc:9a:0f:d0:06:2a:39:d4:d6:e7:a7:63:93: cc:49:40:32:2e:cc:1d:99:2a:73:b8:92:22:73:52:c4:70:6b: 03:ab:d2:34:44:93:3d:a3:a5:a7:6b:e4:07:2c:c3:38:62:7c: c2:c8:f4:3b:10:4b:7d:0e:f4:cb:43:67:12:31:91:e3:43:ff: bb:c0:f7:dc:0b:fd:02:a6:1c:84:6d:04:e5:4f:14:1c:ce:1d: 5b:ff:a8:e9:c6:45:2d:74:8e:af:2b:89:bc:80:46:de:c7:2b: 3a:a5:b0:e8:3e:fd:f6:8a:76:91:04:61:0d:cf:06:5f:2e:03: d2:75:f2:fe:29:b7:ee:56:9d:a4:c0:6c:4b:16:3b:f5:0e:37: ee:cf:59:c1:ec:66:63:45:63:02:db:42:a9:8f:3a:36:d6:24: 2a:5e:88:29:da:ea:c9:75:c5:0b:cb:f9:f6:59:cc:3f:aa:9a: 7a:a3:25:0f:00:47:ad:6d:fd:16:9e:79:74:8e:f5:97:0a:28: e1:d2:6e:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUwNjA2MjEyNzA2WhcNMjUwNjEzMjEyNzA2WjAYMRYwFAYD VQQDEw02ODQzNWQyYi1jNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArsHPb+M9nWTVgE0Q4vz9cSN2xGiisHZ4+hkaIDwpNpKXIGyxmK4EGYdv436W vnVmhpurn1N5ysOfP2yqYqJBhM0L7Snxk0AoV+KcOG/Mq/B6vspptP89nKNQaypH /PHh+fqtljakWAvAEb+GowsUn3oS9h0ktydlppdv1OJrHRuzh+T7CbZjqFGgJkJU zfgbb5+cu3IbNc/p8+YU63RYUwcItUwG3J2hITmNtWHvf7FvRZouIVco9yE5zOm+ 5rtAcgBofVTXg85RLQzgusdUgQRe+1y3fCu+pel2Qq10RHhvD8Y2WOxruwMyc/sN 1iCwV8MLr47u+b2LNbCZ0IyppwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMsCjxAb uF8zYzOZVrNk2V66F/YWMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqcP0vDOxsnVEYFeWa1h6TT6NGDHj/STnIAUMtHRAbPiFrOm3r2Nit EJA1h/6PjwrjCqFgC8YZFa1NxryaD9AGKjnU1uenY5PMSUAyLswdmSpzuJIic1LE cGsDq9I0RJM9o6Wna+QHLMM4YnzCyPQ7EEt9DvTLQ2cSMZHjQ/+7wPfcC/0CphyE bQTlTxQczh1b/6jpxkUtdI6vK4m8gEbexys6pbDoPv32inaRBGENzwZfLgPSdfL+ KbfuVp2kwGxLFjv1Djfuz1nB7GZjRWMC20Kpjzo21iQqXogp2urJdcULy/n2Wcw/ qpp6oyUPAEetbf0Wnnl0jvWXCijh0m5J -----END CERTIFICATE-----Generated at Sat Jun 7 20:27:52 2025 by rpki-client