$ rpki-client -vvf rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft File: jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft (raw, json) Hash identifier: KOIKj2no80dKjZETaKxt6kWurGQQLb9Hss0ga7RVyy4= Subject key identifier: 58:72:D2:72:40:E8:41:18:5B:D6:B4:5A:95:42:57:7C:D3:D8:D9:40 Authority key identifier: 8D:4B:F7:9A:41:9E:EC:0F:A5:33:E5:FC:A5:0F:F3:72:A3:3C:B3:90 Certificate issuer: /CN=A918497E/serialNumber=8D4BF79A419EEC0FA533E5FCA50FF372A33CB390 Certificate serial: 0120 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft Manifest number: 011E Signing time: Mon 21 Jul 2025 04:54:56 +0000 Manifest this update: Mon 21 Jul 2025 04:54:55 +0000 Manifest next update: Mon 28 Jul 2025 04:54:55 +0000 Files and hashes: 1: jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl (hash: y2grZVde6djkLLhZltFTGTs/Dyr5mujDh6PYuz92eUQ=) 2: D8FEAF6C637611EFB2D9FD47C4F9AE02.roa (hash: Dufn2bl2x79yMqHJgaUJAzhvDE7hxEwAGg5UyaJazhM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:54:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 288 (0x120) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918497E, serialNumber=8D4BF79A419EEC0FA533E5FCA50FF372A33CB390 Validity Not Before: Jul 21 04:54:55 2025 GMT Not After : Jul 28 04:54:55 2025 GMT Subject: CN=687dc820-e2fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f0:9f:a4:9a:16:ac:8c:a6:a7:17:c7:e7:ec: e4:79:ac:3d:c2:02:cc:46:f8:67:5a:6a:ec:6a:f8: 88:11:fb:96:7f:b7:45:5f:72:a1:8d:ed:04:ac:5f: a9:90:ca:07:1c:e2:d8:cd:61:30:f7:92:a9:34:95: e3:f2:17:3d:5a:30:74:9f:a1:54:55:b6:28:24:92: 9e:d7:5d:ec:12:5d:a2:6a:00:84:d0:30:19:59:fc: de:35:3a:ea:5c:4c:73:7e:19:7e:04:2b:16:4d:ed: d5:c1:91:c4:95:db:b3:85:a0:85:4c:c8:2a:23:5b: 90:5a:57:52:30:de:23:34:25:f1:d1:67:12:7a:e0: a4:a0:bc:22:a6:62:85:46:88:7d:6c:d6:c9:c0:60: 6c:f6:8b:bc:80:2f:88:b9:dc:a7:56:5f:2c:41:50: 27:1f:02:c6:ca:5e:ef:68:21:87:de:dd:c7:7a:62: dd:ca:66:71:9d:ad:61:84:a8:c7:0f:c0:a9:3e:68: d7:da:46:37:44:91:4f:73:d4:eb:99:9a:33:a9:34: 93:eb:6c:b0:03:d6:19:60:b9:c8:8b:6b:64:13:20: 1c:41:06:5d:ea:c0:90:e9:1a:ae:61:30:da:d9:ed: 9b:54:5c:ba:4c:e1:cc:2d:f8:d2:f2:ba:1b:82:fa: d2:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:72:D2:72:40:E8:41:18:5B:D6:B4:5A:95:42:57:7C:D3:D8:D9:40 X509v3 Authority Key Identifier: keyid:8D:4B:F7:9A:41:9E:EC:0F:A5:33:E5:FC:A5:0F:F3:72:A3:3C:B3:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918497E/C320C226B5D811EE8DA66D85C4F9AE02/jUv3mkGe7A-lM-X8pQ_zcqM8s5A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:98:74:dd:9c:ee:8a:85:f8:3c:f8:ac:e7:62:15:9f:e7:f3: 0c:7d:8d:5f:a7:62:44:0f:2a:7b:7b:d9:24:72:c0:e0:b2:30: 5f:5f:01:ed:f8:5b:f3:41:8b:f0:f4:00:22:8d:e1:87:36:0c: ec:e4:44:97:9d:bc:12:3d:71:1c:a8:28:0f:3d:b1:39:9b:0c: 86:48:66:4c:f5:92:06:1d:f7:17:41:6e:cd:32:fc:f8:7e:22: c9:57:4a:5f:b3:db:91:04:56:c9:58:20:ff:00:f5:0e:90:7f: a4:f0:e0:52:42:46:63:86:44:b4:d0:de:93:cc:54:fe:05:35: a2:91:09:8b:cd:75:9e:b5:5a:4d:88:3f:47:e1:d4:46:5f:43: 50:b0:88:de:ef:df:d5:94:0a:c2:22:e7:71:75:5a:52:93:01: f6:39:c4:2b:8e:a0:59:e6:b3:89:ab:8a:7f:a8:76:a4:96:2d: 40:e4:cf:be:48:f6:9d:87:fb:d7:a7:d5:bd:56:ca:cc:90:fc: ea:2f:94:db:cc:4c:31:b1:c0:11:e6:d8:b6:07:f0:91:c6:1b: 78:e5:8a:6b:4d:45:6b:70:ce:92:74:53:9b:19:a8:fd:18:a0: 65:af:61:a4:51:19:eb:aa:81:8f:c6:d8:1b:30:0d:80:cf:a7: c8:20:b3:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ5N0UxMTAvBgNVBAUTKDhENEJGNzlBNDE5RUVDMEZBNTMzRTVGQ0E1MEZGMzcy QTMzQ0IzOTAwHhcNMjUwNzIxMDQ1NDU1WhcNMjUwNzI4MDQ1NDU1WjAYMRYwFAYD VQQDEw02ODdkYzgyMC1lMmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuPCfpJoWrIympxfH5+zkeaw9wgLMRvhnWmrsaviIEfuWf7dFX3Khje0ErF+p kMoHHOLYzWEw95KpNJXj8hc9WjB0n6FUVbYoJJKe113sEl2iagCE0DAZWfzeNTrq XExzfhl+BCsWTe3VwZHElduzhaCFTMgqI1uQWldSMN4jNCXx0WcSeuCkoLwipmKF Roh9bNbJwGBs9ou8gC+IudynVl8sQVAnHwLGyl7vaCGH3t3HemLdymZxna1hhKjH D8CpPmjX2kY3RJFPc9TrmZozqTST62ywA9YZYLnIi2tkEyAcQQZd6sCQ6RquYTDa 2e2bVFy6TOHMLfjS8robgvrSEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFhy0nJA 6EEYW9a0WpVCV3zT2NlAMB8GA1UdIwQYMBaAFI1L95pBnuwPpTPl/KUP83KjPLOQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk3RS9DMzIwQzIyNkI1 RDgxMUVFOERBNjZEODVDNEY5QUUwMi9qVXYzbWtHZTdBLWxNLVg4cFFfemNxTThz NUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pVdjNta0dlN0EtbE0tWDhwUV96Y3FNOHM1QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDk3RS9DMzIwQzIyNkI1RDgxMUVFOERBNjZEODVDNEY5QUUwMi9qVXYzbWtHZTdB LWxNLVg4cFFfemNxTThzNUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVmHTdnO6Khfg8+KznYhWf5/MMfY1fp2JEDyp7e9kkcsDgsjBfXwHt +FvzQYvw9AAijeGHNgzs5ESXnbwSPXEcqCgPPbE5mwyGSGZM9ZIGHfcXQW7NMvz4 fiLJV0pfs9uRBFbJWCD/APUOkH+k8OBSQkZjhkS00N6TzFT+BTWikQmLzXWetVpN iD9H4dRGX0NQsIje79/VlArCIudxdVpSkwH2OcQrjqBZ5rOJq4p/qHakli1A5M++ SPadh/vXp9W9VsrMkPzqL5TbzEwxscAR5ti2B/CRxht45YprTUVrcM6SdFObGaj9 GKBlr2GkURnrqoGPxtgbMA2Az6fIILOW -----END CERTIFICATE-----Generated at Tue Jul 22 11:52:04 2025 by rpki-client