$ rpki-client -vvf rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft File: D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft (raw, json) Hash identifier: cBW5mbtQGnwJ5tqnCojzEw035+2H/x37dMGxesvffxw= Subject key identifier: 1B:1C:59:E9:8A:D5:C7:5F:15:F5:F4:23:B3:E3:8F:D8:B2:04:7C:56 Authority key identifier: 0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 Certificate issuer: /CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Certificate serial: 0198 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft Manifest number: 0194 Signing time: Thu 07 Aug 2025 03:55:33 +0000 Manifest this update: Thu 07 Aug 2025 03:55:33 +0000 Manifest next update: Thu 14 Aug 2025 03:55:33 +0000 Files and hashes: 1: D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl (hash: 6yAGRklCi4u5OzqbaftFLez9LlRBgKnnXOXw7TpPf6g=) 2: 075B4CC80AC511EEB25A152AC4F9AE02.roa (hash: oHGClGt0Y+/Ca/fTjOnKQ8pJUUYEh+Yq1JxoBHlpH4s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 03:55:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 408 (0x198) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134BB0, serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Validity Not Before: Aug 7 03:55:33 2025 GMT Not After : Aug 14 03:55:33 2025 GMT Subject: CN=689423b5-eab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:5d:29:59:79:c7:c4:48:63:06:df:94:78:78: db:46:04:e6:dd:5a:92:79:a7:ec:ee:dc:2c:5e:f1: 2c:1f:3a:77:70:ae:c1:67:52:bf:7a:16:36:2d:ab: da:96:89:1d:2c:1c:25:a7:76:e7:06:00:3d:b3:57: 6b:19:72:1b:70:03:7f:9c:69:f4:09:46:35:d4:d2: d5:99:4a:4c:24:39:1e:9d:c3:f2:05:ae:a5:9b:ba: 60:71:88:de:b4:fe:52:ab:1e:46:d4:a4:1a:c6:a1: e2:a1:7b:68:7a:82:c1:ab:3b:c7:91:dd:fc:14:5c: 5a:64:8c:ab:00:23:e0:5e:f6:84:6b:74:98:0e:08: 33:fd:21:cd:7b:57:22:5d:fc:99:d7:b2:8a:29:93: 60:c3:16:53:01:e4:58:88:d5:f2:51:53:df:9c:09: 14:a5:13:b3:07:50:90:36:ac:00:21:17:96:c8:32: 6b:ec:8c:fe:9c:a1:bb:89:fd:e7:a9:c1:40:6b:7f: 98:0b:ce:75:30:07:1f:75:69:32:bf:eb:a5:8d:20: 95:ee:95:c5:ba:eb:69:59:81:80:68:30:ef:3e:63: 5e:27:b8:ca:e0:51:9a:05:d5:bc:ac:56:d8:9a:3b: e5:79:a6:aa:1d:34:d1:df:22:c1:c6:1f:7f:e1:b3: 7d:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:1C:59:E9:8A:D5:C7:5F:15:F5:F4:23:B3:E3:8F:D8:B2:04:7C:56 X509v3 Authority Key Identifier: keyid:0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:56:1d:d7:9e:ca:98:1e:a6:bb:db:d2:af:d1:ac:35:bf:c8: fa:6f:1d:db:65:82:ce:a5:3a:c3:c0:09:6a:61:ae:d9:62:61: de:67:0f:09:7a:52:9c:1d:c8:1a:61:00:4a:97:1d:18:0d:af: 6f:88:99:7b:49:d6:02:29:8c:0f:b1:b9:0a:94:b8:88:69:c2: 4d:92:a4:1c:3a:b4:91:3a:79:d2:23:83:84:14:3a:aa:12:e0: f4:30:a2:a4:f2:92:08:79:03:1f:e1:52:da:14:1a:c0:f4:fe: 60:c3:92:23:3e:4c:90:89:45:6b:66:b7:6d:8b:8b:ec:2f:ac: 5f:ff:64:8d:48:ce:ed:3d:5a:77:66:0d:c2:73:7f:31:68:ef: 7e:65:e3:31:38:b8:69:ca:63:6f:d9:98:f2:74:be:be:27:49: 21:fc:3a:2e:1a:70:3a:a7:88:e9:45:dc:3c:20:4a:d8:e2:f3: 97:cf:4a:b1:ff:9d:a0:05:37:32:b9:f5:7e:ae:13:15:46:ac: bc:83:f5:be:fa:27:8a:ff:12:f1:fd:18:8c:08:a8:57:ba:50: f6:72:f9:fe:ea:7e:9a:e1:5c:be:2a:18:43:81:99:80:70:c0: 4b:ed:94:a7:18:ac:be:97:86:3c:e3:7e:e7:31:e6:01:cc:37: a2:71:f0:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCQjAxMTAvBgNVBAUTKDBGNjE0MkFFNDE2OERGMEIxODA1RkE1ODFEMjAzOTQ3 NjdBQTIyNTgwHhcNMjUwODA3MDM1NTMzWhcNMjUwODE0MDM1NTMzWjAYMRYwFAYD VQQDEw02ODk0MjNiNS1lYWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuF0pWXnHxEhjBt+UeHjbRgTm3VqSeafs7twsXvEsHzp3cK7BZ1K/ehY2Lava lokdLBwlp3bnBgA9s1drGXIbcAN/nGn0CUY11NLVmUpMJDkencPyBa6lm7pgcYje tP5Sqx5G1KQaxqHioXtoeoLBqzvHkd38FFxaZIyrACPgXvaEa3SYDggz/SHNe1ci XfyZ17KKKZNgwxZTAeRYiNXyUVPfnAkUpROzB1CQNqwAIReWyDJr7Iz+nKG7if3n qcFAa3+YC851MAcfdWkyv+uljSCV7pXFuutpWYGAaDDvPmNeJ7jK4FGaBdW8rFbY mjvleaaqHTTR3yLBxh9/4bN9zQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBscWemK 1cdfFfX0I7Pjj9iyBHxWMB8GA1UdIwQYMBaAFA9hQq5BaN8LGAX6WB0gOUdnqiJY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEJCMC9ERDQ3MzhFMDBB QkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3c1lCZnBZSFNBNVIyZXFJ bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QyRkNya0ZvM3dzWUJmcFlIU0E1UjJlcUlsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEJCMC9ERDQ3MzhFMDBBQkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3 c1lCZnBZSFNBNVIyZXFJbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbVh3XnsqYHqa729Kv0aw1v8j6bx3bZYLOpTrDwAlqYa7ZYmHeZw8J elKcHcgaYQBKlx0YDa9viJl7SdYCKYwPsbkKlLiIacJNkqQcOrSROnnSI4OEFDqq EuD0MKKk8pIIeQMf4VLaFBrA9P5gw5IjPkyQiUVrZrdti4vsL6xf/2SNSM7tPVp3 Zg3Cc38xaO9+ZeMxOLhpymNv2ZjydL6+J0kh/DouGnA6p4jpRdw8IErY4vOXz0qx /52gBTcyufV+rhMVRqy8g/W++ieK/xLx/RiMCKhXulD2cvn+6n6a4Vy+KhhDgZmA cMBL7ZSnGKy+l4Y8437nMeYBzDeicfAy -----END CERTIFICATE-----Generated at Fri Aug 8 13:04:44 2025 by rpki-client