$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: ON285PGyAYaXcqRC2TmFo3DzToDBtzmyHY/lWMo3b7o= Subject key identifier: 07:DA:FB:AA:1D:1E:5F:4F:FD:7E:97:DD:01:C6:CE:7C:D3:05:F3:78 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 0691 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 068D Signing time: Sun 10 Aug 2025 22:21:40 +0000 Manifest this update: Sun 10 Aug 2025 22:21:39 +0000 Manifest next update: Sun 17 Aug 2025 22:21:39 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: 0YJzHmcQW3lWEvgeav1l6GqXiEJ8Z9yxPUw4uSMJThI=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1681 (0x691) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: Aug 10 22:21:39 2025 GMT Not After : Aug 17 22:21:39 2025 GMT Subject: CN=68991b74-e88e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6c:71:b0:a1:f6:6f:53:43:8c:10:c1:27:35: 10:c5:7b:c2:a0:54:9a:bc:6f:e5:ce:4a:b2:1d:64: 7a:b2:92:8c:53:b2:85:48:50:d0:a6:f3:f9:42:78: ad:3b:f6:72:cf:70:28:c5:e6:74:0b:6e:79:41:e9: f7:ec:17:f1:34:3f:ec:7f:09:39:f5:3d:90:97:64: d7:b4:74:0f:1e:d6:2d:69:c4:8b:2b:e8:4f:1f:9a: 9c:90:c7:d7:ac:8f:c1:74:60:2e:62:d9:54:13:f3: df:72:c3:a3:9f:e7:1e:56:9d:44:3b:78:97:0d:4d: 4c:f0:8c:55:94:29:34:42:d0:09:68:17:60:61:a1: 26:02:17:87:4c:ca:e3:d9:b5:30:20:e9:7a:61:7a: 9f:54:36:7d:9a:de:76:be:34:ae:6b:56:74:ce:2c: 3f:04:43:e7:2e:7d:81:90:50:3b:b6:ba:94:bb:d5: 56:be:c2:b8:f5:e7:23:24:9e:6e:a8:68:35:6f:60: ff:ad:9f:6b:b5:ec:90:d6:10:0f:51:de:c9:b9:70: 9f:6e:ff:d9:67:d5:6a:5f:9a:3a:43:f7:aa:56:d7: c6:ab:3d:d8:23:94:82:bb:51:79:93:06:b0:a6:a8: 5b:c3:b5:70:3b:ae:02:b7:f5:b3:1a:29:90:8e:d5: bf:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:DA:FB:AA:1D:1E:5F:4F:FD:7E:97:DD:01:C6:CE:7C:D3:05:F3:78 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:85:c3:04:d7:bd:20:52:da:8c:da:16:1e:a5:17:5c:f0:ab: e7:c0:84:11:2a:2f:f6:81:44:92:39:28:f4:ca:41:b2:4f:a5: 47:1f:b9:8b:af:ed:6e:40:8e:69:d8:5e:d9:f1:49:bd:94:09: c4:57:0c:a3:bd:60:ed:ac:10:b5:5d:82:f0:33:c5:45:04:ec: 7c:1f:98:49:37:07:16:0a:da:1f:7a:22:aa:8d:0e:c5:85:02: ab:84:55:7d:38:8a:1b:60:ee:c8:cb:97:ec:d5:92:df:0e:36: 6f:4e:2e:da:20:9d:2f:83:e6:4e:0f:96:29:62:d9:3a:a1:b4: 7c:c0:60:8a:0a:52:a4:3f:3a:d7:5e:e8:07:a1:c2:7b:a2:51: 79:da:db:94:7c:94:c9:04:da:2c:aa:9a:79:4c:fc:b5:66:f1: e1:12:34:cf:83:32:e3:d9:0e:43:78:e1:d6:87:08:bc:4f:f9: df:be:19:84:ff:19:7c:d2:f6:cc:f3:82:19:65:9e:f9:d9:15: f5:26:e4:f6:4a:d3:6c:e9:ac:c1:38:a1:01:df:2c:2e:04:3e: 9e:40:47:aa:41:a0:0d:bc:89:7e:ec:ad:43:49:99:94:a1:06: fb:2b:5e:8a:73:75:d8:04:50:01:20:55:b6:6e:d4:90:02:5e: d0:f2:b1:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwODEwMjIyMTM5WhcNMjUwODE3MjIyMTM5WjAYMRYwFAYD VQQDEw02ODk5MWI3NC1lODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw2xxsKH2b1NDjBDBJzUQxXvCoFSavG/lzkqyHWR6spKMU7KFSFDQpvP5Qnit O/Zyz3AoxeZ0C255Qen37BfxND/sfwk59T2Ql2TXtHQPHtYtacSLK+hPH5qckMfX rI/BdGAuYtlUE/PfcsOjn+ceVp1EO3iXDU1M8IxVlCk0QtAJaBdgYaEmAheHTMrj 2bUwIOl6YXqfVDZ9mt52vjSua1Z0ziw/BEPnLn2BkFA7trqUu9VWvsK49ecjJJ5u qGg1b2D/rZ9rteyQ1hAPUd7JuXCfbv/ZZ9VqX5o6Q/eqVtfGqz3YI5SCu1F5kwaw pqhbw7VwO64Ct/WzGimQjtW/AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfa+6od Hl9P/X6X3QHGznzTBfN4MB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkhcME170gUtqM2hYepRdc8KvnwIQRKi/2gUSSOSj0ykGyT6VHH7mL r+1uQI5p2F7Z8Um9lAnEVwyjvWDtrBC1XYLwM8VFBOx8H5hJNwcWCtofeiKqjQ7F hQKrhFV9OIobYO7Iy5fs1ZLfDjZvTi7aIJ0vg+ZOD5YpYtk6obR8wGCKClKkPzrX XugHocJ7olF52tuUfJTJBNosqpp5TPy1ZvHhEjTPgzLj2Q5DeOHWhwi8T/nfvhmE /xl80vbM84IZZZ752RX1JuT2StNs6azBOKEB3ywuBD6eQEeqQaANvIl+7K1DSZmU oQb7K16Kc3XYBFABIFW2btSQAl7Q8rGE -----END CERTIFICATE-----Generated at Mon Aug 11 05:54:32 2025 by rpki-client