$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: wcSKxYGX3dodXkY7G3DVOq/HINf/XahuO9pux6SWBgA= Subject key identifier: 08:25:BB:BA:13:44:51:5B:35:10:00:69:3A:AC:37:73:B2:A5:C9:EC Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0236 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 0229 Signing time: Mon 11 Aug 2025 02:12:31 +0000 Manifest this update: Mon 11 Aug 2025 02:12:31 +0000 Manifest next update: Mon 18 Aug 2025 02:12:31 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: W+260Te/HVqAhPRMKUv7adLUB/sVVOWMB3ap4cJ58cA=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 566 (0x236) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Aug 11 02:12:31 2025 GMT Not After : Aug 18 02:12:31 2025 GMT Subject: CN=6899518f-7b35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:9e:ce:1d:2b:15:ed:94:23:6a:b3:ba:e2:e6: c8:ce:7d:97:fb:a2:eb:d8:09:15:c2:91:52:d7:ff: 33:9c:3f:75:53:e3:b0:5f:a2:c6:06:db:d9:4c:fa: 87:d6:d0:de:c8:9e:7f:f9:d7:37:6c:60:ee:61:6e: 81:e9:94:2e:9f:04:bd:bd:b1:c6:f7:99:d1:fb:32: 3c:48:45:5d:a5:bf:aa:fa:d9:cd:3e:cd:76:59:ca: 6e:d6:70:a9:ce:1e:cd:8f:cf:c4:e1:d1:84:f8:4b: 35:ee:a3:27:c2:48:e0:70:ac:04:dc:be:c7:1e:37: d1:8c:1a:f3:ce:9f:f6:b0:4b:72:8b:a5:88:07:1e: b5:ea:5f:c6:f4:ae:d0:eb:ce:3d:fb:fb:a0:4b:c4: 7f:06:a3:db:c7:14:e8:e8:ba:dd:eb:27:86:21:8b: 09:55:25:17:2e:d8:e6:2d:33:f2:03:9d:06:d5:d7: db:df:21:f0:c6:cd:f6:29:0c:eb:47:b9:42:49:a8: e9:2f:38:6b:20:32:38:42:20:bf:5e:f9:4d:99:24: 87:be:75:6b:b0:da:4b:49:e5:7a:f1:7f:e5:8c:45: fc:d6:c6:48:5e:a5:c4:63:cb:bf:15:4e:a4:62:4b: be:32:d7:9a:b1:56:72:16:96:31:ce:ed:18:30:67: f0:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:25:BB:BA:13:44:51:5B:35:10:00:69:3A:AC:37:73:B2:A5:C9:EC X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:09:e4:4c:87:4d:8e:50:32:71:4c:ef:a0:c0:40:9c:28:db: 04:af:d0:9b:73:e3:d3:e5:87:3b:01:f4:69:71:62:24:dd:5b: 9c:17:e8:48:df:2a:e1:4a:fc:ff:35:20:d2:11:79:5f:30:40: 9a:18:5c:13:b2:e2:f0:4d:8d:d1:52:cd:26:a4:d2:e4:f7:76: ac:17:83:5f:fb:43:01:2d:86:e0:3f:51:2f:20:71:3a:d2:9e: 45:15:29:a9:49:c2:8a:42:66:b7:b3:33:4d:69:00:83:89:56: 6a:16:24:86:e3:2c:c9:17:50:fc:bd:a5:33:93:8a:df:d3:28: ee:9a:cf:0a:d0:cc:dd:64:14:26:0a:9e:f1:c9:3e:54:3f:79: d0:3e:2e:f3:64:a7:9d:50:bb:57:a3:5c:bf:30:2e:74:b7:11: 67:ad:11:09:35:2d:0e:c2:78:f0:b3:84:ba:04:3c:e7:0c:e3: 40:1c:41:4a:c8:f9:fc:a3:a8:9c:fa:20:20:6f:b7:7f:8e:fe: 2f:87:03:4a:17:c2:be:5f:32:32:d4:c0:78:5f:71:64:90:e2: 6b:62:43:33:c4:2d:9b:b5:97:22:1f:3e:d4:74:99:c0:28:55: 84:40:2e:d3:d8:f3:dd:26:24:47:28:9c:dd:11:6c:62:43:1d: af:b2:89:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUwODExMDIxMjMxWhcNMjUwODE4MDIxMjMxWjAYMRYwFAYD VQQDEw02ODk5NTE4Zi03YjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvZ7OHSsV7ZQjarO64ubIzn2X+6Lr2AkVwpFS1/8znD91U+OwX6LGBtvZTPqH 1tDeyJ5/+dc3bGDuYW6B6ZQunwS9vbHG95nR+zI8SEVdpb+q+tnNPs12Wcpu1nCp zh7Nj8/E4dGE+Es17qMnwkjgcKwE3L7HHjfRjBrzzp/2sEtyi6WIBx616l/G9K7Q 6849+/ugS8R/BqPbxxTo6Lrd6yeGIYsJVSUXLtjmLTPyA50G1dfb3yHwxs32KQzr R7lCSajpLzhrIDI4QiC/XvlNmSSHvnVrsNpLSeV68X/ljEX81sZIXqXEY8u/FU6k Yku+MteasVZyFpYxzu0YMGfw2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAglu7oT RFFbNRAAaTqsN3OypcnsMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpCeRMh02OUDJxTO+gwECcKNsEr9Cbc+PT5Yc7AfRpcWIk3VucF+hI 3yrhSvz/NSDSEXlfMECaGFwTsuLwTY3RUs0mpNLk93asF4Nf+0MBLYbgP1EvIHE6 0p5FFSmpScKKQma3szNNaQCDiVZqFiSG4yzJF1D8vaUzk4rf0yjums8K0MzdZBQm Cp7xyT5UP3nQPi7zZKedULtXo1y/MC50txFnrREJNS0Ownjws4S6BDznDONAHEFK yPn8o6ic+iAgb7d/jv4vhwNKF8K+XzIy1MB4X3FkkOJrYkMzxC2btZciHz7UdJnA KFWEQC7T2PPdJiRHKJzdEWxiQx2vsokk -----END CERTIFICATE-----Generated at Mon Aug 11 09:57:06 2025 by rpki-client