$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft File: 71OR8qIt1l9IQxoyJt3MZbdllqk.mft (raw, json) Hash identifier: qjKNKgUURyOQZxbjZBWLLhBYOtOnezaoDGtoDd1HDAI= Subject key identifier: 53:49:79:17:81:FD:B5:5C:3A:69:D7:4D:C3:16:EA:9E:16:2A:3A:D8 Authority key identifier: EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 Certificate issuer: /CN=A9157DA9/serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Certificate serial: BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft Manifest number: BC Signing time: Mon 11 Aug 2025 06:04:12 +0000 Manifest this update: Mon 11 Aug 2025 06:04:12 +0000 Manifest next update: Mon 18 Aug 2025 06:04:12 +0000 Files and hashes: 1: 71OR8qIt1l9IQxoyJt3MZbdllqk.crl (hash: eTwlS5blN3+DzY3YO/GOXFx89npvjGZhYau0oPe2VD4=) 2: 897F96FC5A1811EFAF24E138C4F9AE02.roa (hash: V/66FKVQueBWCxe2q60voG68SskFvIkojTU44XWkp4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 190 (0xbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA9, serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Validity Not Before: Aug 11 06:04:12 2025 GMT Not After : Aug 18 06:04:12 2025 GMT Subject: CN=689987dc-712d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:0c:bc:fd:da:7f:00:5b:7b:44:b6:19:e4:45: 89:72:de:b0:23:7f:78:33:f8:63:36:e4:22:fa:5b: 36:7f:0b:4c:50:1f:74:18:5c:8a:b5:e8:77:61:60: d9:92:e1:7d:7d:ab:b7:e9:19:3e:a7:d7:fe:fb:96: 2b:69:9c:54:bd:4b:10:ca:30:15:d7:84:25:c8:60: 77:de:4a:70:48:7a:01:a2:b5:de:b9:cd:d2:bf:39: 1c:a6:b0:11:19:74:e0:8a:b6:f6:1b:a5:a2:3f:4f: 61:64:84:62:9b:5d:dd:cf:2e:1d:c0:35:01:c7:c4: 3c:cd:db:7c:28:c5:ed:93:18:a4:98:b1:0f:40:b1: c4:fe:46:64:5c:0f:33:22:65:3f:b5:88:20:43:be: e3:e3:20:29:af:25:86:10:81:bc:8d:cf:02:78:db: 69:0e:6f:86:02:6e:b9:32:40:9b:7f:c9:91:cd:c5: a6:57:13:e6:4f:5c:49:18:3c:db:d6:7b:cc:84:bc: 8b:21:0d:8c:f1:1e:06:54:ef:49:0f:4b:eb:73:9a: 07:cf:06:32:6b:96:64:0d:24:cd:21:16:0d:4f:6a: 5d:0d:18:e7:ef:82:a6:ce:71:2b:d4:11:62:0d:1f: 28:c3:06:21:99:58:69:b5:c4:d3:88:12:d4:20:cf: 4b:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:49:79:17:81:FD:B5:5C:3A:69:D7:4D:C3:16:EA:9E:16:2A:3A:D8 X509v3 Authority Key Identifier: keyid:EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:c0:8e:3f:bf:31:bb:04:64:d9:72:89:da:79:da:e8:4c:c7: 78:74:c0:39:56:84:d1:fd:50:37:92:b5:d1:3c:43:b7:ec:d1: 68:6c:58:83:06:cf:f7:c8:00:36:9a:05:6a:43:da:ad:59:4f: 52:fb:a9:f3:ad:2c:8b:85:a4:65:21:6e:cc:aa:15:bb:c8:94: 53:c3:c9:2f:e3:e7:5a:95:28:4f:19:29:e4:97:d8:e1:05:b3: ca:fc:ae:e2:88:78:25:8a:d1:e1:d2:78:13:d3:9c:37:45:9c: 64:ef:17:43:7b:f5:5f:94:5a:b3:8c:a2:6a:af:98:51:54:82: a1:56:73:ae:55:cc:a0:c7:38:7f:6f:7e:fb:ba:ed:a2:e5:a0: 36:2e:15:e9:dc:9b:24:66:b0:d4:25:ea:1d:4c:f5:8a:1d:26: 5a:07:0a:67:82:0f:dc:92:72:6e:10:d9:38:97:b5:fb:4e:9a: 04:7a:19:46:2a:6b:b6:35:bc:59:14:ba:c2:c1:e5:94:de:58: 7e:c3:f7:69:75:e5:1b:c3:15:f4:57:db:1f:7c:0d:7a:fa:b4: 6b:7a:7e:98:96:ce:86:10:d7:92:e2:2e:38:07:7e:31:b0:44: a0:cf:ff:51:a5:7f:c0:90:3e:57:a9:3d:ef:ca:68:aa:78:0b: 0a:4f:21:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTkxMTAvBgNVBAUTKEVGNTM5MUYyQTIyREQ2NUY0ODQzMUEzMjI2RERDQzY1 Qjc2NTk2QTkwHhcNMjUwODExMDYwNDEyWhcNMjUwODE4MDYwNDEyWjAYMRYwFAYD VQQDEw02ODk5ODdkYy03MTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Qy8/dp/AFt7RLYZ5EWJct6wI394M/hjNuQi+ls2fwtMUB90GFyKteh3YWDZ kuF9fau36Rk+p9f++5YraZxUvUsQyjAV14QlyGB33kpwSHoBorXeuc3SvzkcprAR GXTgirb2G6WiP09hZIRim13dzy4dwDUBx8Q8zdt8KMXtkxikmLEPQLHE/kZkXA8z ImU/tYggQ77j4yApryWGEIG8jc8CeNtpDm+GAm65MkCbf8mRzcWmVxPmT1xJGDzb 1nvMhLyLIQ2M8R4GVO9JD0vrc5oHzwYya5ZkDSTNIRYNT2pdDRjn74KmznEr1BFi DR8owwYhmVhptcTTiBLUIM9L1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFNJeReB /bVcOmnXTcMW6p4WKjrYMB8GA1UdIwQYMBaAFO9TkfKiLdZfSEMaMibdzGW3ZZap MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBOS80MjNFMUFENDVB MTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFsOUlReG95SnQzTVpiZGxs cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcxT1I4cUl0MWw5SVF4b3lKdDNNWmJkbGxxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBOS80MjNFMUFENDVBMTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFs OUlReG95SnQzTVpiZGxscWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGwI4/vzG7BGTZconaedroTMd4dMA5VoTR/VA3krXRPEO37NFobFiD Bs/3yAA2mgVqQ9qtWU9S+6nzrSyLhaRlIW7MqhW7yJRTw8kv4+dalShPGSnkl9jh BbPK/K7iiHglitHh0ngT05w3RZxk7xdDe/VflFqzjKJqr5hRVIKhVnOuVcygxzh/ b377uu2i5aA2LhXp3JskZrDUJeodTPWKHSZaBwpngg/cknJuENk4l7X7TpoEehlG Kmu2NbxZFLrCweWU3lh+w/dpdeUbwxX0V9sffA16+rRren6Yls6GENeS4i44B34x sESgz/9RpX/AkD5XqT3vymiqeAsKTyEx -----END CERTIFICATE-----Generated at Mon Aug 11 08:58:53 2025 by rpki-client