$ rpki-client -vvf rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.mft File: 2L7paV1DsznnVj8kE7cjGdFndLE.mft (raw, json) Hash identifier: LKvJ/vCVGqvZ9Uqu6LemHFVWU9+u8iFB9TG2f9UFy70= Subject key identifier: B7:95:08:F3:C4:0D:5D:D2:F6:30:53:C8:60:48:92:63:4A:DB:38:6C Authority key identifier: D8:BE:E9:69:5D:43:B3:39:E7:56:3F:24:13:B7:23:19:D1:67:74:B1 Certificate issuer: /CN=A918B6BC/serialNumber=D8BEE9695D43B339E7563F2413B72319D16774B1 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2L7paV1DsznnVj8kE7cjGdFndLE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.mft Manifest number: 14 Signing time: Sat 31 May 2025 07:34:49 +0000 Manifest this update: Sat 31 May 2025 07:34:49 +0000 Manifest next update: Sat 07 Jun 2025 07:34:49 +0000 Files and hashes: 1: 2L7paV1DsznnVj8kE7cjGdFndLE.crl (hash: g/5Ecv+r5cjHlfV4sFDYhGFukp85glyrfVcTCyCM6XE=) 2: E8644F16207711F09583A554C4F9AE02.roa (hash: PDtJst+AnPZjsbJWkn1AwaUp7gnuDYtMmF28Aj2EOy8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.crl rsync://rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2L7paV1DsznnVj8kE7cjGdFndLE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:34:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B6BC, serialNumber=D8BEE9695D43B339E7563F2413B72319D16774B1 Validity Not Before: May 31 07:34:49 2025 GMT Not After : Jun 7 07:34:49 2025 GMT Subject: CN=683ab119-e928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c0:c9:ab:dc:a3:5e:24:57:c7:d3:46:f1:94: e4:5e:fa:dd:da:14:1f:b7:6f:84:3e:a6:57:04:43: 2b:38:55:bb:73:5f:ec:00:6d:bf:4e:45:a7:3b:d7: 70:df:a2:fd:ea:f2:cc:cb:bb:eb:aa:09:af:49:8f: f4:98:64:6a:32:d9:e4:8e:0a:f5:00:68:0c:41:c3: 4b:64:be:d6:0a:cf:cf:e9:bb:31:76:4e:90:e0:46: 55:c8:8f:f5:3e:ee:40:25:c8:c4:94:6c:e9:26:6a: 2a:bc:2e:8b:60:e7:18:08:7b:07:ed:5f:d9:41:16: f6:22:95:63:ec:13:5e:fe:6e:4e:79:fd:b2:f8:5d: 53:0e:81:05:b3:7c:18:f2:71:65:e2:a3:3b:fe:3e: b0:23:55:b3:80:09:65:b1:79:3a:f0:dc:97:d5:2b: b9:66:dd:b7:62:47:7d:eb:24:a0:54:fd:71:ee:d1: 74:1b:1d:0d:fe:3d:da:20:7e:01:85:fd:05:b5:e8: 3c:e3:eb:9c:22:17:fe:50:3c:f2:5a:32:ab:52:1c: c9:5e:7d:42:40:bd:ba:dc:9d:32:88:01:f8:1d:47: f7:ec:fa:ee:78:ac:50:40:3e:c0:f9:47:b7:ca:f7: 40:00:df:92:2d:cb:74:1e:05:31:bd:e8:15:2c:4d: eb:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:95:08:F3:C4:0D:5D:D2:F6:30:53:C8:60:48:92:63:4A:DB:38:6C X509v3 Authority Key Identifier: keyid:D8:BE:E9:69:5D:43:B3:39:E7:56:3F:24:13:B7:23:19:D1:67:74:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2L7paV1DsznnVj8kE7cjGdFndLE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B6BC/A030CD30204C11F0963EB575C4F9AE02/2L7paV1DsznnVj8kE7cjGdFndLE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:30:a3:70:d8:a2:5d:5b:5d:30:fc:80:04:f3:97:c5:6b:e7: f9:79:3a:75:b0:5f:73:84:cb:a2:d4:70:cf:1c:c2:82:2e:76: 2b:a4:59:dd:e4:a1:b2:32:94:11:f8:33:25:6b:95:dd:57:31: fa:c8:d1:09:c9:20:92:7f:a2:ff:5a:df:27:52:48:28:9c:e9: 34:f0:19:c1:75:ce:e2:74:47:d0:6b:3f:43:f0:3b:36:5e:26: a6:7d:93:9f:65:7d:8f:fc:c3:5b:2d:cb:66:7c:f6:5b:93:b9: 32:84:66:af:a0:49:86:4d:dd:2a:74:76:e6:1d:dd:17:95:ab: 2e:e3:b8:91:fc:3f:87:2a:61:87:3f:16:d7:03:89:30:74:15: 67:28:15:73:3c:ad:9b:dd:da:7b:48:71:44:87:88:d2:34:3d: 0e:05:0b:db:82:b5:27:bd:c8:4d:8f:82:43:e7:d5:4b:9f:43: 7a:9a:b5:10:6b:64:32:46:ce:53:7a:50:5f:4e:36:ca:3e:b9: 3a:01:9a:ba:41:24:77:f9:f8:db:4a:c7:68:0d:ba:db:b9:b5: 0a:ef:3d:5f:c8:1d:82:27:5e:34:cd:68:6e:24:0d:08:dc:29: 30:d8:e7:57:b6:77:41:4a:81:01:66:5d:90:20:01:b8:27:7a: cc:6b:c6:e1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 QjZCQzExMC8GA1UEBRMoRDhCRUU5Njk1RDQzQjMzOUU3NTYzRjI0MTNCNzIzMTlE MTY3NzRCMTAeFw0yNTA1MzEwNzM0NDlaFw0yNTA2MDcwNzM0NDlaMBgxFjAUBgNV BAMTDTY4M2FiMTE5LWU5MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+wMmr3KNeJFfH00bxlORe+t3aFB+3b4Q+plcEQys4VbtzX+wAbb9ORac713Df ov3q8szLu+uqCa9Jj/SYZGoy2eSOCvUAaAxBw0tkvtYKz8/puzF2TpDgRlXIj/U+ 7kAlyMSUbOkmaiq8Lotg5xgIewftX9lBFvYilWPsE17+bk55/bL4XVMOgQWzfBjy cWXiozv+PrAjVbOACWWxeTrw3JfVK7lm3bdiR33rJKBU/XHu0XQbHQ3+PdogfgGF /QW16Dzj65wiF/5QPPJaMqtSHMlefUJAvbrcnTKIAfgdR/fs+u54rFBAPsD5R7fK 90AA35Ity3QeBTG96BUsTevFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUt5UI88QN XdL2MFPIYEiSY0rbOGwwHwYDVR0jBBgwFoAU2L7paV1DsznnVj8kE7cjGdFndLEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThCNkJDL0EwMzBDRDMwMjA0 QzExRjA5NjNFQjU3NUM0RjlBRTAyLzJMN3BhVjFEc3publZqOGtFN2NqR2RGbmRM RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkw3cGFWMURzem5uVmo4a0U3Y2pHZEZuZExFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThC NkJDL0EwMzBDRDMwMjA0QzExRjA5NjNFQjU3NUM0RjlBRTAyLzJMN3BhVjFEc3pu blZqOGtFN2NqR2RGbmRMRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHowo3DYol1bXTD8gATzl8Vr5/l5OnWwX3OEy6LUcM8cwoIudiukWd3k obIylBH4MyVrld1XMfrI0QnJIJJ/ov9a3ydSSCic6TTwGcF1zuJ0R9BrP0PwOzZe JqZ9k59lfY/8w1sty2Z89luTuTKEZq+gSYZN3Sp0duYd3ReVqy7juJH8P4cqYYc/ FtcDiTB0FWcoFXM8rZvd2ntIcUSHiNI0PQ4FC9uCtSe9yE2PgkPn1UufQ3qatRBr ZDJGzlN6UF9ONso+uToBmrpBJHf5+NtKx2gNutu5tQrvPV/IHYInXjTNaG4kDQjc KTDY51e2d0FKgQFmXZAgAbgnesxrxuE= -----END CERTIFICATE-----Generated at Sat May 31 17:36:08 2025 by rpki-client