$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: Oem0Ps9jqMhGXfm595uO87uOA99yhLFHwii8YOUiqSo= Subject key identifier: 7A:10:FC:7D:E4:FD:58:12:7D:36:6B:6F:4B:D8:24:E5:EA:BF:B4:9C Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 042A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 041E Signing time: Tue 05 Aug 2025 00:52:21 +0000 Manifest this update: Tue 05 Aug 2025 00:52:20 +0000 Manifest next update: Tue 12 Aug 2025 00:52:20 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: 1yEyNMMT9iD7fzAI4t3qcpH2Cm9wlQxrw9OIw+IlqJ4=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: ciNIImuAbj1AO0K4GihG7jlhzLEKvAURaWl26eH889E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 00:52:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1066 (0x42a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Aug 5 00:52:20 2025 GMT Not After : Aug 12 00:52:20 2025 GMT Subject: CN=689155c4-5b06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:30:d1:83:c7:77:da:2c:6e:8c:6a:0e:69:a8: 4d:d3:fd:98:31:0b:29:dd:7b:c7:44:3b:1f:7f:73: 88:4a:81:84:d3:92:ea:ab:ab:15:61:6f:72:9b:9a: bc:a7:c6:43:d5:cb:67:92:ae:31:a8:12:23:ad:03: 4f:7e:03:2b:7a:74:d1:55:85:f0:7f:ba:e6:16:12: ad:d6:5b:c9:cf:d5:84:ad:0e:43:cd:da:23:d0:b2: 28:68:ae:5e:4f:4b:59:14:6a:22:91:82:71:bd:b4: 54:04:25:f6:cc:60:14:15:ed:bb:45:4b:2a:1c:cf: 71:b8:20:25:c5:99:17:81:3f:84:58:dc:9a:e9:66: 05:71:89:dc:c2:00:e9:9e:08:11:1a:28:b3:83:5f: 8b:0e:42:74:ab:9e:ba:1d:7c:b3:5f:a4:1a:d3:e1: 2f:23:d5:29:70:75:be:47:77:b6:fe:0e:5c:2c:96: 02:b6:0a:a2:82:06:d5:10:2d:93:ce:18:dd:b0:b1: 60:0d:ce:4f:0c:92:1d:50:44:08:f4:75:42:67:eb: a8:e9:97:4b:13:4f:75:2f:d7:33:32:cb:1f:f7:f9: c0:64:e5:f5:87:f9:b0:bf:41:4f:62:d0:46:cc:e9: 8f:f3:5a:92:63:55:ad:2e:2c:57:c3:23:80:ca:ac: 46:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:10:FC:7D:E4:FD:58:12:7D:36:6B:6F:4B:D8:24:E5:EA:BF:B4:9C X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:b2:36:87:f3:8f:58:90:55:d5:dc:d3:a5:a5:20:16:fb:40: b2:87:08:86:3a:2d:d3:b0:6b:14:ac:5c:64:24:3d:52:a1:4f: 1c:42:eb:a6:0a:d9:c9:d1:64:19:d6:98:eb:fa:3e:92:7a:c6: ca:11:08:6f:7d:7e:a2:bf:0b:1c:14:e5:ab:54:56:e6:59:a4: 7d:a2:e3:0b:be:42:5e:72:6d:21:1e:e1:b4:4d:b5:1b:96:2f: 7f:1f:a9:e7:50:32:56:88:22:f2:ca:bb:ca:0a:3b:f7:c7:47: c5:ba:e7:ce:71:81:8e:f5:2d:01:7a:b9:54:b3:ac:63:25:4e: e7:4e:90:75:e2:b4:1d:42:1c:8c:35:4e:c5:da:d8:b6:62:73: 60:66:50:8c:d6:5e:ae:d0:e6:57:82:e4:5e:41:89:90:32:32: 53:97:c8:0f:e1:88:3a:58:fc:4d:17:c9:dd:e6:16:dd:a5:8c: 88:30:1f:e9:74:0d:f9:8f:98:c6:01:5c:90:fd:c4:0b:ba:bd: 1e:2e:14:8f:0b:46:64:87:48:a6:7d:0d:5a:fe:1f:0e:23:40: 49:b6:ff:3e:47:8b:e0:ee:84:e1:fb:77:17:69:c7:d1:26:63: 89:dc:40:fa:8d:29:53:67:12:aa:b4:a0:56:44:88:7e:fb:e1: 23:c3:3d:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwODA1MDA1MjIwWhcNMjUwODEyMDA1MjIwWjAYMRYwFAYD VQQDEw02ODkxNTVjNC01YjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzDRg8d32ixujGoOaahN0/2YMQsp3XvHRDsff3OISoGE05Lqq6sVYW9ym5q8 p8ZD1ctnkq4xqBIjrQNPfgMrenTRVYXwf7rmFhKt1lvJz9WErQ5Dzdoj0LIoaK5e T0tZFGoikYJxvbRUBCX2zGAUFe27RUsqHM9xuCAlxZkXgT+EWNya6WYFcYncwgDp nggRGiizg1+LDkJ0q566HXyzX6Qa0+EvI9UpcHW+R3e2/g5cLJYCtgqiggbVEC2T zhjdsLFgDc5PDJIdUEQI9HVCZ+uo6ZdLE091L9czMssf9/nAZOX1h/mwv0FPYtBG zOmP81qSY1WtLixXwyOAyqxGuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHoQ/H3k /VgSfTZrb0vYJOXqv7ScMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtsjaH849YkFXV3NOlpSAW+0CyhwiGOi3TsGsUrFxkJD1SoU8cQuum CtnJ0WQZ1pjr+j6SesbKEQhvfX6ivwscFOWrVFbmWaR9ouMLvkJecm0hHuG0TbUb li9/H6nnUDJWiCLyyrvKCjv3x0fFuufOcYGO9S0BerlUs6xjJU7nTpB14rQdQhyM NU7F2ti2YnNgZlCM1l6u0OZXguReQYmQMjJTl8gP4Yg6WPxNF8nd5hbdpYyIMB/p dA35j5jGAVyQ/cQLur0eLhSPC0Zkh0imfQ1a/h8OI0BJtv8+R4vg7oTh+3cXacfR JmOJ3ED6jSlTZxKqtKBWRIh+++Ejwz3S -----END CERTIFICATE-----Generated at Wed Aug 6 05:23:40 2025 by rpki-client