$ rpki-client -vvf rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft File: h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft (raw, json) Hash identifier: EBjaU+plrXPFePqxOj/yxQnACWUpkRFgUvZWf7pOIOg= Subject key identifier: C2:27:7D:E7:B6:D0:0C:00:12:9E:CA:5C:E1:E0:AD:1A:1F:56:D3:58 Authority key identifier: 87:8B:86:86:95:FC:45:C9:C6:3B:6F:BC:54:CC:B3:50:9C:4B:9F:4B Certificate issuer: /CN=A918A35C/serialNumber=878B868695FC45C9C63B6FBC54CCB3509C4B9F4B Certificate serial: 0BA2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft Manifest number: 0B9B Signing time: Wed 04 Jun 2025 19:23:17 +0000 Manifest this update: Wed 04 Jun 2025 19:23:17 +0000 Manifest next update: Wed 11 Jun 2025 19:23:17 +0000 Files and hashes: 1: h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl (hash: hkxT3gcAAtj4bcbh1vSZnyluWRlUpivMGUwFK0E9L2k=) 2: 0D22F748261A11EA83CE8D17C4F9AE02.roa (hash: dTqPYAZ0fYSqCYvtzmzk6vV87y7uZ4+mAQSsb1JNqeI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 19:23:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2978 (0xba2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A35C, serialNumber=878B868695FC45C9C63B6FBC54CCB3509C4B9F4B Validity Not Before: Jun 4 19:23:17 2025 GMT Not After : Jun 11 19:23:17 2025 GMT Subject: CN=68409d25-393c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:08:26:6a:9b:16:e2:02:3a:82:ba:c0:32:c9: 65:c0:68:25:24:ae:07:4d:59:d6:bd:98:37:52:08: 3c:b5:48:c8:fd:7a:21:4e:93:7b:f5:56:84:f0:51: 87:93:d3:0c:5f:4d:d4:07:dc:e8:ed:65:f5:63:62: 5f:9c:55:d1:e4:13:0e:32:36:e3:69:5b:dd:ce:df: 1d:11:87:03:0f:a2:c3:aa:76:bd:57:21:16:3a:5b: 70:7a:05:08:91:5d:d9:e8:d3:92:ea:c5:f4:2d:3f: 93:1b:8d:df:25:ed:6c:98:66:ec:32:ba:ca:7e:c9: d4:d6:85:2d:65:09:df:f4:c4:a5:0c:7c:c6:c0:9b: 3b:9f:c1:bf:98:4e:31:84:84:b8:5f:fa:ca:d3:42: d6:06:dc:ca:d7:2f:90:91:67:c8:e0:34:b7:59:45: 89:bb:57:a9:49:d4:0f:9a:64:76:4f:b8:f9:d6:90: d6:75:70:45:2d:3e:80:3a:2c:80:2a:75:4f:37:79: 46:de:db:02:7f:31:10:dd:6b:bd:e4:75:d5:ed:50: d0:4a:92:3e:d5:f6:c2:a4:9f:78:70:d6:fb:ec:c4: d9:ac:87:cb:6c:16:08:85:75:42:c0:f5:63:25:97: 7c:70:ee:98:62:45:33:14:67:09:74:7d:0d:34:48: f6:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:27:7D:E7:B6:D0:0C:00:12:9E:CA:5C:E1:E0:AD:1A:1F:56:D3:58 X509v3 Authority Key Identifier: keyid:87:8B:86:86:95:FC:45:C9:C6:3B:6F:BC:54:CC:B3:50:9C:4B:9F:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:af:30:d6:b1:31:12:61:43:c7:4f:a6:a2:b6:31:92:cf:59: 86:9f:a9:76:c4:25:5c:99:d5:ad:53:2d:92:77:0c:56:f4:d1: d3:8b:32:6f:3a:5a:e8:c7:f7:70:8f:5a:ae:2f:9f:81:01:5c: ab:40:68:b9:53:0f:b4:c7:22:e0:a6:73:3a:29:ee:1b:48:5c: 82:e6:57:04:04:e6:19:da:f7:d7:7d:23:94:94:77:a0:75:7c: fd:3b:15:52:9a:7c:08:f8:6b:bf:58:26:ff:57:2c:59:1c:b4: 4e:39:c2:8c:ee:bc:06:c8:70:aa:35:4b:9b:82:a8:07:cb:ef: 78:c4:58:57:10:f7:58:5c:42:fb:0c:2b:3f:19:02:8a:f6:09: e6:82:37:30:e4:cb:67:3f:88:64:8c:9e:24:b5:a9:61:d1:d7: 73:e5:0b:0b:91:a8:7a:4b:69:18:21:bd:bc:ca:92:5a:af:67: fd:6e:7b:66:0c:f9:07:b8:55:ed:d4:95:01:22:05:77:81:a9: f5:82:85:8e:28:b8:9a:35:64:59:d9:3f:a0:b0:9e:f6:c9:71: 11:38:77:2f:6a:c2:b5:56:19:ad:74:16:ba:b6:9d:4b:2b:4e: bd:47:0d:d9:19:69:9e:5a:51:88:7e:01:98:be:90:64:5c:f5: 7e:b3:25:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC6IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEEzNUMxMTAvBgNVBAUTKDg3OEI4Njg2OTVGQzQ1QzlDNjNCNkZCQzU0Q0NCMzUw OUM0QjlGNEIwHhcNMjUwNjA0MTkyMzE3WhcNMjUwNjExMTkyMzE3WjAYMRYwFAYD VQQDEw02ODQwOWQyNS0zOTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4QgmapsW4gI6grrAMsllwGglJK4HTVnWvZg3Ugg8tUjI/XohTpN79VaE8FGH k9MMX03UB9zo7WX1Y2JfnFXR5BMOMjbjaVvdzt8dEYcDD6LDqna9VyEWOltwegUI kV3Z6NOS6sX0LT+TG43fJe1smGbsMrrKfsnU1oUtZQnf9MSlDHzGwJs7n8G/mE4x hIS4X/rK00LWBtzK1y+QkWfI4DS3WUWJu1epSdQPmmR2T7j51pDWdXBFLT6AOiyA KnVPN3lG3tsCfzEQ3Wu95HXV7VDQSpI+1fbCpJ94cNb77MTZrIfLbBYIhXVCwPVj JZd8cO6YYkUzFGcJdH0NNEj2yQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMInfee2 0AwAEp7KXOHgrRofVtNYMB8GA1UdIwQYMBaAFIeLhoaV/EXJxjtvvFTMs1CcS59L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTM1Qy81MkZDNkI5ODI2 MTgxMUVBQkZFREUxMTNDNEY5QUUwMi9oNHVHaHBYOFJjbkdPMi04Vk15elVKeExu MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g0dUdocFg4UmNuR08yLThWTXl6VUp4TG4wcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTM1Qy81MkZDNkI5ODI2MTgxMUVBQkZFREUxMTNDNEY5QUUwMi9oNHVHaHBYOFJj bkdPMi04Vk15elVKeExuMHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYrzDWsTESYUPHT6aitjGSz1mGn6l2xCVcmdWtUy2SdwxW9NHTizJv Olrox/dwj1quL5+BAVyrQGi5Uw+0xyLgpnM6Ke4bSFyC5lcEBOYZ2vfXfSOUlHeg dXz9OxVSmnwI+Gu/WCb/VyxZHLROOcKM7rwGyHCqNUubgqgHy+94xFhXEPdYXEL7 DCs/GQKK9gnmgjcw5MtnP4hkjJ4ktalh0ddz5QsLkah6S2kYIb28ypJar2f9bntm DPkHuFXt1JUBIgV3gan1goWOKLiaNWRZ2T+gsJ72yXEROHcvasK1VhmtdBa6tp1L K069Rw3ZGWmeWlGIfgGYvpBkXPV+syX2 -----END CERTIFICATE-----Generated at Fri Jun 6 16:52:40 2025 by rpki-client