$ rpki-client -vvf rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.mft File: 4dsvyCXsO7vnKFenPsCGoIIeIP0.mft (raw, json) Hash identifier: m9+hk4HXjXChlTlieQMniK+IR66jIU/bEY328asRGOI= Subject key identifier: CC:A3:A2:31:91:28:3C:C5:F7:C9:63:B9:32:F0:3E:AB:9C:90:16:C8 Authority key identifier: E1:DB:2F:C8:25:EC:3B:BB:E7:28:57:A7:3E:C0:86:A0:82:1E:20:FD Certificate issuer: /CN=A9131589/serialNumber=E1DB2FC825EC3BBBE72857A73EC086A0821E20FD Certificate serial: 02A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4dsvyCXsO7vnKFenPsCGoIIeIP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.mft Manifest number: 029D Signing time: Tue 05 Aug 2025 02:12:16 +0000 Manifest this update: Tue 05 Aug 2025 02:12:16 +0000 Manifest next update: Tue 12 Aug 2025 02:12:16 +0000 Files and hashes: 1: 4dsvyCXsO7vnKFenPsCGoIIeIP0.crl (hash: o28Yap0uJQ9ywxKyIJwgo2ume762fEoYKN8DNvHEpo8=) 2: 82759C100CCE11ED97C94316C4F9AE02.roa (hash: cG28lDeyahzWWkmTahaq+sCJHYmimDEkICh6+dm+qWU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.crl rsync://rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4dsvyCXsO7vnKFenPsCGoIIeIP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 02:12:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 673 (0x2a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131589, serialNumber=E1DB2FC825EC3BBBE72857A73EC086A0821E20FD Validity Not Before: Aug 5 02:12:16 2025 GMT Not After : Aug 12 02:12:16 2025 GMT Subject: CN=68916880-5017 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2a:6c:15:a9:9e:c9:f0:0a:42:e6:3c:0a:30: 99:15:f0:8a:b5:ea:b9:fe:35:99:ee:75:d2:97:9f: f1:25:a9:fb:4c:81:d8:09:3d:7a:f3:4f:e4:c1:eb: a9:d3:eb:12:cd:2e:db:57:3e:85:79:76:1b:fb:69: ee:46:f5:9f:bc:d9:f7:53:87:cd:fe:ed:ea:a8:c7: ed:e2:1f:aa:c5:cc:20:bf:1b:30:8f:f5:ac:5f:31: 09:c2:de:e4:a5:b1:28:79:2b:fc:64:49:4c:a5:ca: ff:f2:d5:cd:26:4e:da:67:22:86:e8:33:8a:a2:2a: 30:76:c2:b1:34:c1:97:43:81:3c:8e:93:bb:2a:16: 61:07:4c:ce:21:3e:9d:e0:7e:56:22:fe:54:a3:27: f5:da:85:14:61:4c:40:52:c3:2e:7c:32:d3:83:22: 23:80:28:2a:7a:16:67:ae:97:11:40:4c:00:e9:8e: 1a:66:a3:22:6d:ec:49:e2:44:26:76:06:e7:fb:2f: 1c:dc:12:f7:93:41:22:51:a5:7f:ef:c7:13:07:32: ba:28:81:0f:da:d8:3e:4c:a0:51:b3:b1:a0:c9:1c: 58:cd:13:60:ce:2a:7f:07:53:1c:a5:94:46:98:d7: 09:8b:27:2c:07:0a:63:9b:21:f6:c8:4b:4b:3d:f4: ec:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:A3:A2:31:91:28:3C:C5:F7:C9:63:B9:32:F0:3E:AB:9C:90:16:C8 X509v3 Authority Key Identifier: keyid:E1:DB:2F:C8:25:EC:3B:BB:E7:28:57:A7:3E:C0:86:A0:82:1E:20:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4dsvyCXsO7vnKFenPsCGoIIeIP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131589/37E390A00CCC11EDB0993C15C4F9AE02/4dsvyCXsO7vnKFenPsCGoIIeIP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:9b:56:9b:8c:15:9b:a7:66:f6:f4:65:1c:6d:57:8d:5b:fa: be:e6:87:fc:30:98:34:11:83:9c:20:94:9c:fc:98:97:20:90: f3:b2:15:96:9f:e4:89:f0:fb:61:ac:32:6f:4a:fd:64:b8:01: 4a:52:b9:4c:b2:30:3b:2e:38:2a:04:22:aa:50:05:8b:2e:3e: 7f:a2:e9:9c:00:ca:2c:85:c2:9c:ec:b6:76:70:02:94:73:39: 7d:f2:63:bb:64:f6:74:d0:5a:5f:2a:52:6b:a2:c7:86:8b:25: 0c:14:ab:63:d8:7a:7f:97:b0:1d:91:a6:7c:07:43:65:56:b3: ae:c1:0d:45:d6:ba:5b:d5:8f:1a:ac:a3:d0:20:b9:72:ba:0b: 29:ec:03:13:61:be:f8:99:2f:d1:c9:e9:d3:d7:c0:66:26:22: fe:a1:78:c3:a1:b5:35:a0:7a:39:a3:4a:c1:56:95:82:c3:6f: 3c:93:be:d3:2b:11:5c:b9:07:fb:e4:d9:57:7a:82:f1:1a:63: 4a:bc:2d:49:c3:71:49:58:63:5d:7d:56:e0:e6:2f:52:a1:82: 52:eb:43:23:62:cd:24:2d:83:b5:b2:c8:88:d1:2a:65:03:53: 14:83:8c:ff:9b:35:da:33:e2:b3:4e:a2:e9:35:f0:80:5b:f7: 1d:5d:39:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE1ODkxMTAvBgNVBAUTKEUxREIyRkM4MjVFQzNCQkJFNzI4NTdBNzNFQzA4NkEw ODIxRTIwRkQwHhcNMjUwODA1MDIxMjE2WhcNMjUwODEyMDIxMjE2WjAYMRYwFAYD VQQDEw02ODkxNjg4MC01MDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvypsFameyfAKQuY8CjCZFfCKteq5/jWZ7nXSl5/xJan7TIHYCT1680/kweup 0+sSzS7bVz6FeXYb+2nuRvWfvNn3U4fN/u3qqMft4h+qxcwgvxswj/WsXzEJwt7k pbEoeSv8ZElMpcr/8tXNJk7aZyKG6DOKoiowdsKxNMGXQ4E8jpO7KhZhB0zOIT6d 4H5WIv5Uoyf12oUUYUxAUsMufDLTgyIjgCgqehZnrpcRQEwA6Y4aZqMibexJ4kQm dgbn+y8c3BL3k0EiUaV/78cTBzK6KIEP2tg+TKBRs7GgyRxYzRNgzip/B1McpZRG mNcJiycsBwpjmyH2yEtLPfTs5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMyjojGR KDzF98ljuTLwPquckBbIMB8GA1UdIwQYMBaAFOHbL8gl7Du75yhXpz7AhqCCHiD9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTU4OS8zN0UzOTBBMDBD Q0MxMUVEQjA5OTNDMTVDNEY5QUUwMi80ZHN2eUNYc083dm5LRmVuUHNDR29JSWVJ UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzRkc3Z5Q1hzTzd2bktGZW5Qc0NHb0lJZUlQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTU4OS8zN0UzOTBBMDBDQ0MxMUVEQjA5OTNDMTVDNEY5QUUwMi80ZHN2eUNYc083 dm5LRmVuUHNDR29JSWVJUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9m1abjBWbp2b29GUcbVeNW/q+5of8MJg0EYOcIJSc/JiXIJDzshWW n+SJ8PthrDJvSv1kuAFKUrlMsjA7LjgqBCKqUAWLLj5/oumcAMoshcKc7LZ2cAKU czl98mO7ZPZ00FpfKlJroseGiyUMFKtj2Hp/l7AdkaZ8B0NlVrOuwQ1F1rpb1Y8a rKPQILlyugsp7AMTYb74mS/RyenT18BmJiL+oXjDobU1oHo5o0rBVpWCw288k77T KxFcuQf75NlXeoLxGmNKvC1Jw3FJWGNdfVbg5i9SoYJS60MjYs0kLYO1ssiI0Spl A1MUg4z/mzXaM+KzTqLpNfCAW/cdXTkk -----END CERTIFICATE-----Generated at Wed Aug 6 16:09:29 2025 by rpki-client