$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: fknlniTZahwAxmPgGYCstdywTmveSGM7MGELvEtJNlg= Subject key identifier: B8:01:AF:F0:3F:D5:95:4B:45:07:6D:28:9A:A0:89:FC:30:2D:EB:32 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: 45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: 43 Signing time: Mon 11 Aug 2025 07:44:22 +0000 Manifest this update: Mon 11 Aug 2025 07:44:22 +0000 Manifest next update: Mon 18 Aug 2025 07:44:22 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: MNWscV/tQIWy9/JGKOby+FWSKKBYV5KHGqwr8KWrfx4=) 2: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: ZDuunhoBLIFxkgffUJp6fhz6W2Ysr7yM0HyGKDGLaSU=) 3: 4A3C802012A711F099020A73C4F9AE02.roa (hash: EvMFCkIZLxU/4T9yDv4rTrnplB41rjMOAziWwMgP5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: Aug 11 07:44:22 2025 GMT Not After : Aug 18 07:44:22 2025 GMT Subject: CN=68999f56-b9f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:20:73:68:c0:ef:f0:48:46:9d:e8:53:90:da: c0:6e:a2:d4:ab:b9:a9:f0:5a:c7:01:28:e5:a0:f1: 8f:bb:4a:da:92:10:78:6b:89:8a:3f:3d:88:88:98: e6:da:ca:14:71:f9:31:da:4a:e4:c7:98:40:33:e8: 0d:ed:32:63:09:45:e4:39:11:ed:6c:c2:4a:b8:9d: 61:1c:96:79:75:9c:49:a2:03:1b:a2:49:57:66:2b: 8d:de:b9:26:e1:17:fd:6a:cd:fe:e7:7f:bf:5f:9f: 2f:9a:cb:88:b8:8d:8d:8d:2e:5c:e4:19:f1:25:e3: 38:1d:56:b0:e4:08:79:e7:48:99:11:18:c5:50:97: 3c:d1:b4:cf:fe:8b:33:4a:45:df:0c:c0:6a:e0:2d: 03:9b:b6:c3:b9:31:df:f7:a6:ff:67:0b:d8:4c:2c: 03:d3:44:e8:ea:28:6f:da:6c:93:83:02:64:d1:f5: 43:61:31:2d:40:e3:18:86:c1:59:65:e3:54:61:86: 2f:52:e9:bd:38:02:2d:9d:2b:ec:39:c5:19:02:47: 60:03:6e:d6:9f:19:93:a9:cc:0d:1c:f6:b2:29:ba: e2:7b:7c:28:1f:07:ba:b0:1d:c0:ae:4c:f7:2a:2c: 77:26:5f:ec:46:4a:45:27:be:75:b4:09:cd:8b:df: 2f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:01:AF:F0:3F:D5:95:4B:45:07:6D:28:9A:A0:89:FC:30:2D:EB:32 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:d2:f3:9a:d4:e6:e1:2e:b8:88:20:81:3a:c8:f4:34:1a:9b: 9f:83:30:ec:d8:e9:7b:65:6a:6b:f3:17:7f:fe:3a:a1:08:10: 07:f4:1c:c4:73:e6:33:11:c1:9b:3d:64:d2:16:97:43:39:40: 18:e1:09:d5:6d:03:47:33:b2:11:55:29:1c:04:e9:ef:e3:3c: 36:cb:30:58:09:78:a6:a3:61:eb:0e:d2:56:3d:b1:4f:48:83: 17:9b:b3:1f:df:8b:43:84:c1:fa:33:7f:ac:1f:88:c3:d6:56: 33:c6:19:6a:79:dd:19:f3:bf:0d:1d:02:b0:b7:17:c3:94:bf: b2:07:53:81:d7:ee:a0:92:73:86:e4:1f:97:ae:f5:43:da:c4: e1:86:0a:e4:1d:ed:fb:20:07:e1:0e:d2:ed:98:79:c2:94:90: 19:38:45:2b:a0:f4:82:ec:14:3b:88:1a:0a:c4:8a:b5:13:7a: 98:77:44:35:79:46:f3:29:29:25:9e:54:0f:a6:40:22:37:8e: f2:7d:94:3b:6f:a9:91:bc:57:64:29:c0:b7:18:ba:4e:12:b4: 18:12:4b:91:da:0c:9e:22:3f:ea:6c:c7:a4:74:ba:0a:5d:96: 61:c2:e8:fe:52:72:8d:a9:e1:e6:99:ec:d6:96:7f:77:3c:4c: ca:e4:7c:f1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MUYzRTExMC8GA1UEBRMoOUNFOTE3REMzQUUwQzVCQTJFNzdDQjc3NUEzQUQ5OUM2 ODVDNDA2QjAeFw0yNTA4MTEwNzQ0MjJaFw0yNTA4MTgwNzQ0MjJaMBgxFjAUBgNV BAMTDTY4OTk5ZjU2LWI5ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDIHNowO/wSEad6FOQ2sBuotSruanwWscBKOWg8Y+7StqSEHhriYo/PYiImOba yhRx+THaSuTHmEAz6A3tMmMJReQ5Ee1swkq4nWEclnl1nEmiAxuiSVdmK43euSbh F/1qzf7nf79fny+ay4i4jY2NLlzkGfEl4zgdVrDkCHnnSJkRGMVQlzzRtM/+izNK Rd8MwGrgLQObtsO5Md/3pv9nC9hMLAPTROjqKG/abJODAmTR9UNhMS1A4xiGwVll 41Rhhi9S6b04Ai2dK+w5xRkCR2ADbtafGZOpzA0c9rIpuuJ7fCgfB7qwHcCuTPcq LHcmX+xGSkUnvnW0Cc2L3y/rAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuAGv8D/V lUtFB20omqCJ/DAt6zIwHwYDVR0jBBgwFoAUnOkX3Drgxboud8t3WjrZnGhcQGsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxRjNFLzMzOUVERTY4MTBF NDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FH cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbk9rWDNEcmd4Ym91ZDh0M1dqclpuR2hjUUdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx RjNFLzMzOUVERTY4MTBFNDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJv dWQ4dDNXanJabkdoY1FHcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKbS85rU5uEuuIgggTrI9DQam5+DMOzY6XtlamvzF3/+OqEIEAf0HMRz 5jMRwZs9ZNIWl0M5QBjhCdVtA0czshFVKRwE6e/jPDbLMFgJeKajYesO0lY9sU9I gxebsx/fi0OEwfozf6wfiMPWVjPGGWp53Rnzvw0dArC3F8OUv7IHU4HX7qCSc4bk H5eu9UPaxOGGCuQd7fsgB+EO0u2YecKUkBk4RSug9ILsFDuIGgrEirUTeph3RDV5 RvMpKSWeVA+mQCI3jvJ9lDtvqZG8V2QpwLcYuk4StBgSS5HaDJ4iP+psx6R0ugpd lmHC6P5Sco2p4eaZ7NaWf3c8TMrkfPE= -----END CERTIFICATE-----Generated at Mon Aug 11 12:54:10 2025 by rpki-client