$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: jpMLyPhPYF1CkAZ12rCFkEfi9WJNSOKL4auErEQtvJ4= Subject key identifier: 88:63:76:D0:11:B9:1A:25:9F:F7:D6:F5:0E:7C:0B:A5:64:9B:9C:83 Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 0486 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 0472 Signing time: Fri 08 Aug 2025 17:16:43 +0000 Manifest this update: Fri 08 Aug 2025 17:16:42 +0000 Manifest next update: Fri 15 Aug 2025 17:16:42 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: Oh0zicvBw3ik4tu6iacSZxXY93Iec/6pZZrNZ+vb9WE=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1158 (0x486) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Aug 8 17:16:42 2025 GMT Not After : Aug 15 17:16:42 2025 GMT Subject: CN=689630fb-52db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ec:8d:30:17:b6:3f:d9:71:2c:95:61:7e:04: ad:20:85:3f:39:d3:62:d8:69:d9:78:ca:8f:07:a3: 19:28:81:a0:83:ec:a7:44:7d:f1:78:ed:9b:f4:93: 6d:b2:d3:da:b5:03:d8:d2:6f:66:68:b1:da:b2:b5: 31:57:6d:00:1d:ac:d2:bc:7f:26:a7:79:90:11:1d: 9d:55:d9:cd:71:11:c6:ed:38:b4:fd:b5:18:d5:8f: be:d0:05:0c:d5:4e:b4:c9:fc:7a:f4:fb:d2:4c:35: ee:fd:6f:df:9b:8f:5e:9d:ac:54:29:bc:87:e8:1e: b7:52:cd:16:74:ab:bb:44:b5:d9:3d:f9:d9:f2:73: 33:b6:5a:a4:e4:d4:62:f6:da:80:0c:b0:b1:31:c6: fb:23:0a:17:46:1a:37:a2:da:dd:dc:a9:84:a6:97: 4b:86:79:a6:9e:0e:97:60:02:f9:51:de:d9:4a:4c: 50:f3:85:1e:c0:e9:19:f3:8f:24:4f:ed:c9:59:8b: 0a:bb:35:f7:50:53:46:e0:1f:f8:45:95:24:06:61: 3a:ec:c3:8c:3f:a0:19:1c:18:05:b2:ed:dd:73:29: c2:70:64:bf:1f:27:45:b4:e3:32:ff:c4:8f:7e:fb: 05:96:68:9c:ca:4c:86:c4:7f:0c:a9:a8:ef:95:4b: b8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:63:76:D0:11:B9:1A:25:9F:F7:D6:F5:0E:7C:0B:A5:64:9B:9C:83 X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:e2:d9:39:8f:e5:d2:db:dd:7a:8f:61:cd:07:fd:99:24:ca: b8:a7:a6:5f:88:80:0d:3a:d3:c7:43:3d:35:80:70:df:da:c9: d9:bc:34:6c:d7:4d:2f:1b:cd:cc:2e:c8:c4:ae:fa:58:df:62: 8d:56:a5:32:b0:30:ab:64:53:28:dc:73:b6:12:3c:47:8e:d9: 5b:bf:73:e7:df:71:b9:d6:82:14:5c:a7:0d:23:d4:50:19:13: 3d:a6:8c:cc:ec:86:43:d1:27:ea:a9:16:63:6a:5f:46:7b:d0: a2:a8:cd:ba:97:b7:12:9d:09:32:c9:ca:79:33:ff:5b:db:13: c9:64:df:e4:66:b8:16:36:c2:28:57:5c:8b:5a:1b:32:3c:a1: 16:5f:c2:0b:5d:91:75:22:c3:0d:35:c3:19:39:ad:37:65:9e: 22:db:d7:69:c4:a0:d4:72:f4:c2:16:83:d8:0f:3e:98:bd:a5: e6:4c:ed:bd:66:7a:73:09:6e:a3:f9:03:88:40:bf:cb:27:6f: 31:0f:42:61:5a:f3:bf:17:31:71:52:86:0f:f5:c0:ed:cf:84: b2:2a:f5:58:ea:1f:87:7f:96:bf:6e:58:8c:25:84:74:a9:27: be:d2:47:89:48:b5:32:4e:ad:7b:bc:8e:dc:ee:b2:08:ca:3c: 96:e7:c4:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUwODA4MTcxNjQyWhcNMjUwODE1MTcxNjQyWjAYMRYwFAYD VQQDEw02ODk2MzBmYi01MmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOyNMBe2P9lxLJVhfgStIIU/OdNi2GnZeMqPB6MZKIGgg+ynRH3xeO2b9JNt stPatQPY0m9maLHasrUxV20AHazSvH8mp3mQER2dVdnNcRHG7Ti0/bUY1Y++0AUM 1U60yfx69PvSTDXu/W/fm49enaxUKbyH6B63Us0WdKu7RLXZPfnZ8nMztlqk5NRi 9tqADLCxMcb7IwoXRho3otrd3KmEppdLhnmmng6XYAL5Ud7ZSkxQ84UewOkZ848k T+3JWYsKuzX3UFNG4B/4RZUkBmE67MOMP6AZHBgFsu3dcynCcGS/HydFtOMy/8SP fvsFlmicykyGxH8MqajvlUu4wwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhjdtAR uRoln/fW9Q58C6Vkm5yDMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCN4tk5j+XS2916j2HNB/2ZJMq4p6ZfiIANOtPHQz01gHDf2snZvDRs 100vG83MLsjErvpY32KNVqUysDCrZFMo3HO2EjxHjtlbv3Pn33G51oIUXKcNI9RQ GRM9pozM7IZD0SfqqRZjal9Ge9CiqM26l7cSnQkyycp5M/9b2xPJZN/kZrgWNsIo V1yLWhsyPKEWX8ILXZF1IsMNNcMZOa03ZZ4i29dpxKDUcvTCFoPYDz6YvaXmTO29 ZnpzCW6j+QOIQL/LJ28xD0JhWvO/FzFxUoYP9cDtz4SyKvVY6h+Hf5a/bliMJYR0 qSe+0keJSLUyTq17vI7c7rIIyjyW58RS -----END CERTIFICATE-----Generated at Sat Aug 9 23:10:11 2025 by rpki-client