$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft File: 1AsQwSJMYeDTGML8YAOTeOz3LQA.mft (raw, json) Hash identifier: KPEjExgxL0/8MOTpAUMrfsgsH5IW0dgShcqWg+vS78M= Subject key identifier: 35:96:2E:0E:04:A0:A8:9F:A6:85:09:83:77:D8:56:D9:EA:00:13:85 Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0AF8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft Manifest number: 0AF0 Signing time: Tue 12 Aug 2025 19:37:29 +0000 Manifest this update: Tue 12 Aug 2025 19:37:29 +0000 Manifest next update: Tue 19 Aug 2025 19:37:29 +0000 Files and hashes: 1: 1AsQwSJMYeDTGML8YAOTeOz3LQA.crl (hash: 36OMXHAmCxc3GRhxTqszJF8i5wZ7GUsahASB3tfUi+4=) 2: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (hash: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 19:37:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2808 (0xaf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: Aug 12 19:37:29 2025 GMT Not After : Aug 19 19:37:29 2025 GMT Subject: CN=689b97f9-1d30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a8:8e:58:91:0e:18:3a:e7:5a:71:c2:cb:eb: 71:97:a5:a5:96:d9:a6:2e:f1:81:4b:79:b9:d4:d2: bc:17:4f:f8:0d:9e:c5:6c:d2:5d:3d:44:c3:d9:4f: 9d:b5:46:c6:e6:b1:a1:36:35:10:93:e0:9b:80:be: 2b:80:6d:33:33:3d:cd:ad:58:11:4a:ab:72:5c:c4: 63:70:dd:12:6d:e3:bd:db:5e:23:5a:f4:d9:ea:f2: 91:7a:bd:67:7d:53:ed:96:2b:8d:67:97:39:41:89: 02:34:47:db:86:2f:37:d1:86:bc:5c:78:52:dc:72: 70:34:29:4a:81:84:42:3b:12:84:27:47:b6:5b:b8: a9:a9:49:bd:58:63:f3:ae:03:d5:2b:92:7b:0a:ce: 0d:d8:cd:61:a8:9f:85:b4:43:01:6d:3b:cc:0b:a8: de:5e:c8:37:88:90:f1:f0:e5:20:cf:b7:d4:8c:d0: e4:a8:f0:24:54:ee:91:11:56:fe:d7:6f:4c:78:94: d2:79:46:e0:e7:f0:20:a1:57:61:3a:8a:47:c0:9c: 4c:54:46:7d:2a:f0:cc:1f:3d:43:c2:d4:e6:3e:3a: 13:e4:5d:9b:61:13:7c:7f:4b:07:52:4e:12:ff:ed: 8b:a5:10:91:a8:26:c7:5a:ce:92:09:e9:32:12:7c: b1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:96:2E:0E:04:A0:A8:9F:A6:85:09:83:77:D8:56:D9:EA:00:13:85 X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:c3:39:7e:c1:cd:c8:e8:12:23:23:e3:a5:cb:ad:e4:cf:14: ee:c5:0b:9d:40:56:1b:99:f7:6d:f3:9a:9e:55:1d:db:ba:e9: 9a:ea:b8:e1:62:9c:ba:b7:8a:b5:fb:6a:80:d1:a6:c1:20:4b: c6:a7:c9:a7:f8:c3:46:62:5a:7e:91:27:7a:f5:97:67:fe:8c: e4:00:75:be:2b:c4:55:c5:6f:9d:67:95:2f:b4:6e:6b:e5:7b: 96:33:ad:41:4d:0b:7f:53:2b:69:71:74:7b:b6:99:34:20:26: 0a:1b:17:46:67:6e:b8:9e:fb:59:3b:eb:59:63:3f:77:e6:8d: c2:0d:56:55:19:f9:8c:72:8b:94:f4:08:39:fb:d3:7b:21:98: 7a:45:44:4c:31:ef:90:a7:0d:63:59:51:54:b2:33:7d:e1:c7: 8b:a2:a8:3d:c2:01:78:ff:20:bc:e8:27:ee:0e:ab:e2:b4:75: 9f:eb:23:34:bc:9f:6d:0f:17:01:3d:95:07:5d:da:c5:d9:c7: e3:68:53:5a:01:dd:db:36:89:ae:96:d8:2c:bd:89:04:18:3c: 8d:e7:c0:45:00:05:44:74:42:37:16:46:5b:02:41:fb:d1:0f: 14:5a:f1:7c:c3:81:ab:15:ed:55:43:45:33:52:e7:db:a8:fe: b4:7a:9f:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUwODEyMTkzNzI5WhcNMjUwODE5MTkzNzI5WjAYMRYwFAYD VQQDEw02ODliOTdmOS0xZDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsaiOWJEOGDrnWnHCy+txl6WlltmmLvGBS3m51NK8F0/4DZ7FbNJdPUTD2U+d tUbG5rGhNjUQk+CbgL4rgG0zMz3NrVgRSqtyXMRjcN0SbeO9214jWvTZ6vKRer1n fVPtliuNZ5c5QYkCNEfbhi830Ya8XHhS3HJwNClKgYRCOxKEJ0e2W7ipqUm9WGPz rgPVK5J7Cs4N2M1hqJ+FtEMBbTvMC6jeXsg3iJDx8OUgz7fUjNDkqPAkVO6REVb+ 129MeJTSeUbg5/AgoVdhOopHwJxMVEZ9KvDMHz1DwtTmPjoT5F2bYRN8f0sHUk4S /+2LpRCRqCbHWs6SCekyEnyxLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDWWLg4E oKifpoUJg3fYVtnqABOFMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0MyMC84NjU3MUMxMDRFQTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVll RFRHTUw4WUFPVGVPejNMUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGwzl+wc3I6BIjI+Oly63kzxTuxQudQFYbmfdt85qeVR3buuma6rjh Ypy6t4q1+2qA0abBIEvGp8mn+MNGYlp+kSd69Zdn/ozkAHW+K8RVxW+dZ5UvtG5r 5XuWM61BTQt/UytpcXR7tpk0ICYKGxdGZ264nvtZO+tZYz935o3CDVZVGfmMcouU 9Ag5+9N7IZh6RURMMe+Qpw1jWVFUsjN94ceLoqg9wgF4/yC86CfuDqvitHWf6yM0 vJ9tDxcBPZUHXdrF2cfjaFNaAd3bNomultgsvYkEGDyN58BFAAVEdEI3FkZbAkH7 0Q8UWvF8w4GrFe1VQ0UzUufbqP60ep93 -----END CERTIFICATE-----Generated at Wed Aug 13 08:47:04 2025 by rpki-client