$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft File: D96C0nlIVMmvzdhe-37-ScR9Lu4.mft (raw, json) Hash identifier: rK+Q2oQONPzizrRFzoH+dxUY6bLEgIq88cKWo8LEphg= Subject key identifier: 25:37:8F:87:C5:BE:72:D4:05:70:AF:0D:C5:71:D9:29:4C:33:A5:8D Authority key identifier: 0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE Certificate issuer: /CN=A914C33A/serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE Certificate serial: 0D09 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft Manifest number: 0CFE Signing time: Sun 10 Aug 2025 15:31:40 +0000 Manifest this update: Sun 10 Aug 2025 15:31:40 +0000 Manifest next update: Sun 17 Aug 2025 15:31:40 +0000 Files and hashes: 1: D96C0nlIVMmvzdhe-37-ScR9Lu4.crl (hash: eDCsUIhKhQuQ4dcPcXjBz2Otfqmb7V4VJrs0Hy0d0+o=) 2: 0DF331C28F9411EAA5E7B573C4F9AE02.roa (hash: lu8oWRNPgJxFZ7Lozlet3TlMRukqbbGr2PrraLSuCsA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3337 (0xd09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914C33A, serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE Validity Not Before: Aug 10 15:31:40 2025 GMT Not After : Aug 17 15:31:40 2025 GMT Subject: CN=6898bb5c-0054 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:03:0a:1d:ef:9e:f8:0b:1a:51:0c:af:ad:26: e3:90:2f:f2:17:6e:94:15:2b:87:33:b8:9c:26:02: 8e:bf:58:15:20:d9:9f:08:19:44:7b:99:cd:aa:c1: f6:43:7d:ec:64:be:06:fa:0e:f0:33:a9:2c:a6:14: 95:77:81:5c:ce:75:51:49:e1:a4:b0:21:ce:64:b5: 9a:0e:0d:72:fe:54:f5:f0:60:bc:76:c0:42:5f:e7: a7:74:48:97:9a:5f:fc:66:12:31:6f:c7:99:62:c4: 39:28:5a:ac:8a:29:96:09:15:b8:4d:8f:9d:eb:30: 78:72:af:13:d0:49:6d:0b:b8:f0:e5:c0:26:00:7b: da:84:27:85:11:6d:9c:b8:70:cd:e4:ea:38:b6:bd: 42:02:36:c4:44:38:ac:d2:ea:0f:42:93:13:ae:62: 28:7a:31:27:bb:94:47:f2:02:ec:46:54:93:6d:59: 65:60:d5:3b:28:80:76:ef:b6:d8:46:a9:c7:2f:8c: ec:b1:af:23:65:23:d1:bc:fd:ae:2d:bd:15:1f:43: c0:bb:ab:64:96:8f:1b:30:85:62:e8:6e:c5:16:ef: 99:17:8a:c3:f6:a0:0d:7d:90:6d:23:08:0e:d9:41: 57:83:e7:b8:39:a9:04:4f:35:25:22:d1:18:96:9c: ea:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:37:8F:87:C5:BE:72:D4:05:70:AF:0D:C5:71:D9:29:4C:33:A5:8D X509v3 Authority Key Identifier: keyid:0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:fb:16:1d:8e:fd:35:f6:dc:7e:b4:61:1b:37:79:6e:56:bc: 15:ce:f5:eb:bd:4f:1d:d1:5f:d2:69:54:4c:8a:0e:5d:16:b3: 22:e5:59:99:04:f4:d0:f3:26:c4:77:ff:42:3c:ac:c6:05:bc: 02:8a:2a:91:7f:99:5f:c9:90:0e:f2:dd:72:b2:8a:83:3d:05: ad:a8:6d:39:99:d5:58:5b:57:00:65:50:1a:3b:02:df:52:a7: 4d:5b:67:31:83:f0:2b:4e:12:f4:d7:f3:11:5f:f7:f6:4a:4f: b7:37:b7:f0:52:b5:3f:84:97:28:d8:ce:cf:a7:20:b1:6c:e3: 49:2f:38:a3:fb:98:59:5e:63:64:82:81:c9:0c:c6:7e:2f:cf: d4:6c:d5:12:93:4c:0e:e7:2e:77:f9:4a:a7:ec:78:60:9c:76: f5:1f:7d:d3:76:92:59:98:26:4c:41:11:17:3d:52:8e:fe:cc: f1:b0:a8:af:3d:67:f5:e3:49:90:ce:8b:49:af:1f:30:43:50: 23:be:2e:02:13:5b:eb:d8:22:d2:08:f9:b7:2b:32:92:33:0d: 08:64:5d:fa:0f:13:f9:29:4e:8d:81:63:35:f4:17:19:b0:37: 85:33:e4:39:6d:3d:cf:0d:63:5b:c8:c4:45:56:c9:26:ad:d8: ea:83:71:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEMzM0ExMTAvBgNVBAUTKDBGREU4MkQyNzk0ODU0QzlBRkNERDg1RUZCN0VGRTQ5 QzQ3RDJFRUUwHhcNMjUwODEwMTUzMTQwWhcNMjUwODE3MTUzMTQwWjAYMRYwFAYD VQQDEw02ODk4YmI1Yy0wMDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwQMKHe+e+AsaUQyvrSbjkC/yF26UFSuHM7icJgKOv1gVINmfCBlEe5nNqsH2 Q33sZL4G+g7wM6ksphSVd4FcznVRSeGksCHOZLWaDg1y/lT18GC8dsBCX+endEiX ml/8ZhIxb8eZYsQ5KFqsiimWCRW4TY+d6zB4cq8T0EltC7jw5cAmAHvahCeFEW2c uHDN5Oo4tr1CAjbERDis0uoPQpMTrmIoejEnu5RH8gLsRlSTbVllYNU7KIB277bY RqnHL4zssa8jZSPRvP2uLb0VH0PAu6tklo8bMIVi6G7FFu+ZF4rD9qANfZBtIwgO 2UFXg+e4OakETzUlItEYlpzqYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCU3j4fF vnLUBXCvDcVx2SlMM6WNMB8GA1UdIwQYMBaAFA/egtJ5SFTJr83YXvt+/knEfS7u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS84RjQ3QTlGQUU5 N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZNbXZ6ZGhlLTM3LVNjUjlM dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL0Q5NkMwbmxJVk1tdnpkaGUtMzctU2NSOUx1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QzMzQS84RjQ3QTlGQUU5N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZN bXZ6ZGhlLTM3LVNjUjlMdTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBt+xYdjv019tx+tGEbN3luVrwVzvXrvU8d0V/SaVRMig5dFrMi5VmZ BPTQ8ybEd/9CPKzGBbwCiiqRf5lfyZAO8t1ysoqDPQWtqG05mdVYW1cAZVAaOwLf UqdNW2cxg/ArThL01/MRX/f2Sk+3N7fwUrU/hJco2M7PpyCxbONJLzij+5hZXmNk goHJDMZ+L8/UbNUSk0wO5y53+Uqn7HhgnHb1H33TdpJZmCZMQREXPVKO/szxsKiv PWf140mQzotJrx8wQ1Ajvi4CE1vr2CLSCPm3KzKSMw0IZF36DxP5KU6NgWM19BcZ sDeFM+Q5bT3PDWNbyMRFVskmrdjqg3He -----END CERTIFICATE-----Generated at Mon Aug 11 14:45:10 2025 by rpki-client