$ rpki-client -vvf rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.mft File: cgOKiKYdJcT0BlAl_Ca4zjuKegI.mft (raw, json) Hash identifier: czaVDg5RpEOULd2kH9nfDDyriHdCINEmq4rjOsEeqEQ= Subject key identifier: 71:AD:C3:00:14:12:5E:A9:C0:E7:CE:0B:52:CF:76:AE:12:5A:20:2B Authority key identifier: 72:03:8A:88:A6:1D:25:C4:F4:06:50:25:FC:26:B8:CE:3B:8A:7A:02 Certificate issuer: /CN=A9169411/serialNumber=72038A88A61D25C4F4065025FC26B8CE3B8A7A02 Certificate serial: 028D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cgOKiKYdJcT0BlAl_Ca4zjuKegI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.mft Manifest number: 0285 Signing time: Tue 05 Aug 2025 02:20:02 +0000 Manifest this update: Tue 05 Aug 2025 02:20:02 +0000 Manifest next update: Tue 12 Aug 2025 02:20:02 +0000 Files and hashes: 1: cgOKiKYdJcT0BlAl_Ca4zjuKegI.crl (hash: UocejY8fR2xNAkOmJxRghnWFWeDg1jbcm+f4d+HzqyA=) 2: DD976958C2A611EFBB1B9264C4F9AE02.roa (hash: afDoQTBXFlKBM9yUFVyCep64AS8jLGn8fXLF8BGp1Hk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.crl rsync://rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cgOKiKYdJcT0BlAl_Ca4zjuKegI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 02:20:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 653 (0x28d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169411, serialNumber=72038A88A61D25C4F4065025FC26B8CE3B8A7A02 Validity Not Before: Aug 5 02:20:02 2025 GMT Not After : Aug 12 02:20:02 2025 GMT Subject: CN=68916a52-9117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:45:95:cc:35:71:96:c9:eb:8a:db:a8:4c:97: 0b:e8:65:1a:6d:89:8c:d8:e0:82:cc:cd:c9:e9:99: 9c:9d:fd:51:85:24:0e:14:20:83:85:1f:91:ba:83: e8:be:2a:ba:1c:e3:18:ac:b7:1e:64:b7:a4:38:11: 72:32:79:32:15:4d:f7:5b:a4:48:01:6b:17:e0:07: bd:3e:d6:aa:91:bf:91:4b:e5:d2:36:c2:ee:dd:fb: a7:b7:d6:08:89:b7:52:cd:c0:55:aa:66:68:70:06: 9c:11:ae:b0:74:80:d3:ea:fa:80:08:e9:38:a0:2a: ab:ea:bf:c2:af:be:e8:24:e8:5d:2d:63:c1:95:f1: e7:d1:db:08:e6:1b:bb:77:47:67:8b:ca:a4:91:5d: 11:7e:5d:b1:6f:0d:12:49:29:66:02:fe:6b:7f:d7: 54:d6:78:0e:6f:66:2c:57:d1:0c:1f:1b:6a:49:80: 71:8b:47:41:29:3a:d1:bd:8d:6e:26:87:b4:d3:8a: e3:69:ec:ab:f8:1f:62:23:98:50:55:ad:76:63:05: e9:bf:99:4d:69:17:3d:c6:c9:0f:7c:fd:11:79:ca: b9:c9:5f:86:cf:4f:a9:ea:af:e4:84:c3:b9:c8:b7: 65:24:1c:a7:bc:d1:a9:bb:5a:a5:e3:4c:5d:d4:29: 51:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:AD:C3:00:14:12:5E:A9:C0:E7:CE:0B:52:CF:76:AE:12:5A:20:2B X509v3 Authority Key Identifier: keyid:72:03:8A:88:A6:1D:25:C4:F4:06:50:25:FC:26:B8:CE:3B:8A:7A:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cgOKiKYdJcT0BlAl_Ca4zjuKegI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169411/91853A0618BF11EDADDC923AC4F9AE02/cgOKiKYdJcT0BlAl_Ca4zjuKegI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:d9:d5:a4:b2:73:fc:ef:6a:8e:57:0e:31:92:63:6f:c3:6b: be:66:0d:2a:12:66:f2:f1:1a:b3:be:f6:16:ef:42:6f:c1:a7: 56:06:a1:ef:ca:98:56:01:20:a9:2c:50:65:a9:97:d9:04:f7: e1:66:1d:83:73:05:42:04:45:e0:b0:ca:e4:ac:25:47:48:0e: 14:fb:f5:1f:ca:c3:e7:48:65:68:26:5c:b8:93:12:46:42:ef: ae:f1:91:d6:90:fd:2e:08:a7:2c:dd:ff:46:ae:aa:81:e3:ce: a4:81:e2:23:41:fd:3a:d5:e1:ec:48:9a:5d:b4:86:26:02:f2: 4c:4e:c0:73:c1:20:01:46:49:7f:68:89:c6:05:d7:30:2b:4b: ce:2c:d1:3f:a4:11:de:3e:92:7f:21:74:ec:f2:a8:c8:aa:33: 20:08:fc:80:b7:77:d0:8f:e2:59:70:63:70:6b:fb:0e:6e:68: 76:dc:68:85:e0:45:57:21:57:37:6b:7c:49:2f:da:f0:aa:7d: 5d:42:f4:f3:da:f8:f5:34:ef:be:30:07:27:da:ac:15:cb:26: db:a2:37:ba:d4:f4:69:12:18:60:5c:ba:cf:89:d9:bb:3e:65: 2f:22:d0:b2:41:87:52:95:39:d1:a1:17:ee:c2:93:52:62:c6: d7:82:c3:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0MTExMTAvBgNVBAUTKDcyMDM4QTg4QTYxRDI1QzRGNDA2NTAyNUZDMjZCOENF M0I4QTdBMDIwHhcNMjUwODA1MDIyMDAyWhcNMjUwODEyMDIyMDAyWjAYMRYwFAYD VQQDEw02ODkxNmE1Mi05MTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl0WVzDVxlsnrituoTJcL6GUabYmM2OCCzM3J6Zmcnf1RhSQOFCCDhR+RuoPo viq6HOMYrLceZLekOBFyMnkyFU33W6RIAWsX4Ae9Ptaqkb+RS+XSNsLu3funt9YI ibdSzcBVqmZocAacEa6wdIDT6vqACOk4oCqr6r/Cr77oJOhdLWPBlfHn0dsI5hu7 d0dni8qkkV0Rfl2xbw0SSSlmAv5rf9dU1ngOb2YsV9EMHxtqSYBxi0dBKTrRvY1u Joe004rjaeyr+B9iI5hQVa12YwXpv5lNaRc9xskPfP0Recq5yV+Gz0+p6q/khMO5 yLdlJBynvNGpu1ql40xd1ClRwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHGtwwAU El6pwOfOC1LPdq4SWiArMB8GA1UdIwQYMBaAFHIDioimHSXE9AZQJfwmuM47inoC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQxMS85MTg1M0EwNjE4 QkYxMUVEQUREQzkyM0FDNEY5QUUwMi9jZ09LaUtZZEpjVDBCbEFsX0NhNHpqdUtl Z0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NnT0tpS1lkSmNUMEJsQWxfQ2E0emp1S2VnSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQxMS85MTg1M0EwNjE4QkYxMUVEQUREQzkyM0FDNEY5QUUwMi9jZ09LaUtZZEpj VDBCbEFsX0NhNHpqdUtlZ0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB22dWksnP872qOVw4xkmNvw2u+Zg0qEmby8RqzvvYW70JvwadWBqHv yphWASCpLFBlqZfZBPfhZh2DcwVCBEXgsMrkrCVHSA4U+/UfysPnSGVoJly4kxJG Qu+u8ZHWkP0uCKcs3f9GrqqB486kgeIjQf061eHsSJpdtIYmAvJMTsBzwSABRkl/ aInGBdcwK0vOLNE/pBHePpJ/IXTs8qjIqjMgCPyAt3fQj+JZcGNwa/sObmh23GiF 4EVXIVc3a3xJL9rwqn1dQvTz2vj1NO++MAcn2qwVyybboje61PRpEhhgXLrPidm7 PmUvItCyQYdSlTnRoRfuwpNSYsbXgsOi -----END CERTIFICATE-----Generated at Thu Aug 7 02:08:34 2025 by rpki-client