$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: kSgRPLyen6Pyvhpz4JKXXCf50S68oHLAFGTgbSiMDUE= Subject key identifier: C8:FF:3D:81:15:57:EC:43:76:3A:49:CA:7D:E7:4E:D6:A1:93:79:37 Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 028A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 0285 Signing time: Sat 09 Aug 2025 02:14:32 +0000 Manifest this update: Sat 09 Aug 2025 02:14:32 +0000 Manifest next update: Sat 16 Aug 2025 02:14:32 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: +OciJLDKdXk+I+wH9aNjgXkqlnr3fl+I1uxz5uy2qss=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: z4fSX+HgysFgztcLVSgzgNzcCLSP4fk+TSQS6+LuYQI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 650 (0x28a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D, serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: Aug 9 02:14:32 2025 GMT Not After : Aug 16 02:14:32 2025 GMT Subject: CN=6896af08-ca51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:17:ae:df:a2:8e:9b:a1:da:6a:3a:9b:ec: 52:71:3f:07:0d:4f:96:83:53:17:18:ad:65:e3:b6: 66:f7:b9:12:b7:2f:82:6b:76:48:41:68:ec:54:4c: 15:c5:fd:0b:bd:ad:dc:8c:6f:bd:13:51:cf:f7:10: 91:e6:4e:e8:9a:42:8e:89:98:e0:14:e1:35:de:49: 0b:bc:02:fb:a1:e4:69:84:8b:e6:d3:c9:fa:76:81: 59:3f:91:56:82:7f:fd:b2:2d:5e:b3:ad:01:45:a3: 06:95:10:53:de:a2:0d:f3:81:30:9c:68:60:d5:1c: 51:2f:7d:f8:d8:7b:1e:c6:15:92:8b:ec:8b:8e:a9: b4:5d:f4:7c:65:32:00:db:f8:27:b3:7e:3a:2b:22: 70:42:a4:3f:bb:2a:dc:ce:74:45:13:0b:52:8e:0d: 44:61:17:68:b6:02:fe:cc:7a:8f:74:f1:9d:55:55: 4d:0a:b9:ca:fa:f7:6c:9f:c9:30:35:4c:92:23:3a: 5a:c9:37:b7:16:8c:15:c4:a0:f4:ef:8d:64:b7:60: ea:df:11:94:2d:56:53:75:61:7f:0c:73:84:bc:37: 7f:af:46:8a:52:e3:d4:26:39:db:f2:0e:45:38:62: 8e:b1:48:da:e8:ee:6a:a1:35:49:eb:d3:d3:38:8d: 79:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:FF:3D:81:15:57:EC:43:76:3A:49:CA:7D:E7:4E:D6:A1:93:79:37 X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ca:6a:89:cb:cc:19:ec:16:3b:fa:ee:de:cd:eb:89:0b:08:0a: 0e:a0:30:ac:39:49:fe:a8:96:0a:01:36:3e:95:e5:a8:eb:e5: 7c:9f:1f:4a:83:38:44:30:04:15:60:11:75:b2:ba:ae:9e:b3: 5b:bd:a8:21:1d:f6:71:f0:2a:cf:08:4f:b6:4f:18:88:9f:e1: a4:2c:b2:b5:8e:86:5a:1e:51:61:fa:3e:44:75:84:ed:85:89: b8:02:3e:89:ca:e1:25:e2:8d:64:4b:01:68:ea:49:fc:bd:59: 92:be:24:ca:2b:a1:e0:a7:b1:63:64:29:82:42:cb:a6:2d:ce: 1a:93:97:f5:1c:7d:02:3f:c6:db:25:a1:0a:79:ce:d5:b5:18: a2:83:ea:0d:b0:f9:16:06:f3:51:7b:b3:95:fe:ab:aa:a1:ea: 87:3a:70:64:1c:ce:d1:09:32:ad:13:e8:37:87:2b:6b:15:31: da:36:98:8a:e8:f9:25:39:d7:be:72:1d:e2:80:7c:4f:8f:28: c1:eb:2a:f9:17:7e:d7:fc:9e:2e:93:a0:35:c8:01:48:cc:6d: 49:ed:ad:3b:90:2f:3e:44:7f:42:73:52:71:db:bc:5c:a1:d1: c0:0d:e0:4e:2f:19:2f:cb:e8:6e:19:be:bb:50:ab:bd:98:c4: 86:b6:cb:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjUwODA5MDIxNDMyWhcNMjUwODE2MDIxNDMyWjAYMRYwFAYD VQQDEw02ODk2YWYwOC1jYTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEUXrt+ijpuh2mo6m+xScT8HDU+Wg1MXGK1l47Zm97kSty+Ca3ZIQWjsVEwV xf0Lva3cjG+9E1HP9xCR5k7omkKOiZjgFOE13kkLvAL7oeRphIvm08n6doFZP5FW gn/9si1es60BRaMGlRBT3qIN84EwnGhg1RxRL3342HsexhWSi+yLjqm0XfR8ZTIA 2/gns346KyJwQqQ/uyrcznRFEwtSjg1EYRdotgL+zHqPdPGdVVVNCrnK+vdsn8kw NUySIzpayTe3FowVxKD0741kt2Dq3xGULVZTdWF/DHOEvDd/r0aKUuPUJjnb8g5F OGKOsUja6O5qoTVJ69PTOI15iQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMj/PYEV V+xDdjpJyn3nTtahk3k3MB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDKaonLzBnsFjv67t7N64kLCAoOoDCsOUn+qJYKATY+leWo6+V8nx9K gzhEMAQVYBF1srqunrNbvaghHfZx8CrPCE+2TxiIn+GkLLK1joZaHlFh+j5EdYTt hYm4Aj6JyuEl4o1kSwFo6kn8vVmSviTKK6Hgp7FjZCmCQsumLc4ak5f1HH0CP8bb JaEKec7VtRiig+oNsPkWBvNRe7OV/quqoeqHOnBkHM7RCTKtE+g3hytrFTHaNpiK 6PklOde+ch3igHxPjyjB6yr5F37X/J4uk6A1yAFIzG1J7a07kC8+RH9Cc1Jx27xc odHADeBOLxkvy+huGb67UKu9mMSGtsvM -----END CERTIFICATE-----Generated at Mon Aug 11 01:48:28 2025 by rpki-client