$ rpki-client -vvf rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft File: gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft (raw, json) Hash identifier: KnynRwL1/3AjNRFZO0MCiPpxvdjn2qh1rocsZBb/uT4= Subject key identifier: F1:8E:6B:B5:4D:82:C0:E7:6D:CD:64:70:E7:85:4F:7C:8F:D8:A1:B9 Authority key identifier: 81:7D:D3:80:2F:26:E5:7E:CE:82:65:CE:86:26:FC:BB:9C:64:E9:D4 Certificate issuer: /CN=A917092C/serialNumber=817DD3802F26E57ECE8265CE8626FCBB9C64E9D4 Certificate serial: C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft Manifest number: B1 Signing time: Mon 11 Aug 2025 06:22:33 +0000 Manifest this update: Mon 11 Aug 2025 06:22:33 +0000 Manifest next update: Mon 18 Aug 2025 06:22:33 +0000 Files and hashes: 1: gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl (hash: OqI0Mv1JoGDP5Q/3fYwWflpb9BrICeKqrEa427kjWIY=) 2: E1F3085E777E11EFB3F75352C4F9AE02.roa (hash: 2xJjfpp98NtJEfsdZF7xdB6iZLc0XXycnGYFfCIk29I=) 3: E3105D04777E11EFB3F75352C4F9AE02.roa (hash: cAiqdNWzTF0sxkzvHv6yM/PcMz/pHk5XzQwUuq8wOgo=) 4: E27B5862777E11EFB3F75352C4F9AE02.roa (hash: SHadC7K9t4sf0FTRuN25Sqtx5daSfJ2m5VktpFS9BJc=) 5: 8E00FBF2777E11EF8D0ECC4EC4F9AE02.roa (hash: aNcYj3A/gGnj4dxbU3z5mV3zt63Nh4QrgMIUUabFzuw=) 6: 752774D616A111F0B2CDBC72C4F9AE02.roa (hash: 3FjaUGxyX9keX6h1j1EjjACKPn/PD276JgWOPNcm8Oo=) 7: E3C4A4EE777E11EFB3F75352C4F9AE02.roa (hash: he2Yg9YLqUGBktzqkNPe9zTZfzSefhfrBKHZ0mm0MXI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 192 (0xc0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917092C, serialNumber=817DD3802F26E57ECE8265CE8626FCBB9C64E9D4 Validity Not Before: Aug 11 06:22:33 2025 GMT Not After : Aug 18 06:22:33 2025 GMT Subject: CN=68998c29-c8b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:dc:71:40:bc:4d:b3:92:d3:63:21:18:1a:f1: e7:46:41:9b:b3:69:2f:3d:38:9f:75:20:d4:b3:70: d1:f9:6d:8f:b0:d5:9e:04:0d:de:0a:31:de:3f:07: ed:76:68:29:cc:62:ca:5d:40:7e:62:9e:ff:d4:7e: ac:93:1e:e8:b4:4a:be:12:8a:e8:8a:1f:af:0b:75: d4:25:03:43:c1:24:c1:d6:5f:47:d0:29:6b:b8:d2: cb:b7:95:7b:c9:33:9b:15:9e:b2:d9:09:da:b7:27: 0d:c5:29:0d:c7:44:f1:a2:ab:da:28:c1:4c:8a:e8: db:2f:a2:89:9f:a6:e6:ba:48:4e:13:51:22:0f:18: 19:21:69:50:20:16:b5:aa:6c:6a:36:57:d3:00:e4: 45:e3:dc:d9:d8:52:3f:e3:b4:dd:1c:87:28:38:e8: 3d:ae:ef:69:26:44:03:f8:0d:df:fe:a8:c2:4c:ef: f9:6c:41:13:87:3c:43:ca:6d:3f:2b:34:1e:c4:a0: 8c:af:ab:b5:e9:38:b2:7c:04:6a:36:5b:67:fc:bd: 2c:9d:d8:09:a0:e0:67:25:97:ca:5b:7c:10:73:6f: 8c:45:fc:ba:b3:cd:2a:74:24:85:e7:3c:7a:1f:4a: 42:e1:d2:0b:19:f8:47:41:41:02:e4:34:77:8a:cb: d8:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:8E:6B:B5:4D:82:C0:E7:6D:CD:64:70:E7:85:4F:7C:8F:D8:A1:B9 X509v3 Authority Key Identifier: keyid:81:7D:D3:80:2F:26:E5:7E:CE:82:65:CE:86:26:FC:BB:9C:64:E9:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:d5:0e:51:28:b4:8a:66:7d:1c:74:21:54:e2:59:50:94:3b: 6b:67:28:1d:19:00:f9:6b:3e:d6:eb:6e:a1:ea:bc:26:65:e3: 8c:c4:2e:6e:bf:b9:a4:c1:51:f1:01:c1:01:34:6c:a8:fb:60: c0:74:db:67:7e:c1:77:95:d5:cc:1d:1e:23:a8:bd:68:1b:62: ab:0c:ef:c1:c3:2c:95:70:cd:4f:77:df:2f:74:75:16:42:89: ad:49:a8:9b:a6:2d:41:19:1e:c6:41:67:5e:2b:6e:ce:7c:3c: 53:0c:4b:f6:da:c2:23:26:cf:35:29:1b:85:00:30:a8:66:cf: 95:ec:d6:dd:5c:1d:70:99:39:95:4f:9a:9e:fb:0d:c0:39:a1: cb:ed:b0:b6:a0:40:b4:d6:fc:a2:48:ba:2c:06:a3:f6:8d:3d: 7e:ae:98:b9:58:20:8c:a0:00:0f:7c:09:44:25:56:1f:31:f1: 47:0d:98:de:a7:2c:85:a6:df:21:96:f8:b9:fb:7b:8b:bf:46: 16:58:da:03:97:d7:d4:b2:2d:6d:e3:71:1f:d9:fd:b8:8c:0c: bd:c5:62:cf:58:af:a2:e7:59:9f:9c:93:a7:1d:df:b0:91:3b: 9a:d8:1f:b2:47:d2:b5:e2:ce:44:2f:18:f9:8b:ae:7f:59:b8: f9:9b:2c:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA5MkMxMTAvBgNVBAUTKDgxN0REMzgwMkYyNkU1N0VDRTgyNjVDRTg2MjZGQ0JC OUM2NEU5RDQwHhcNMjUwODExMDYyMjMzWhcNMjUwODE4MDYyMjMzWjAYMRYwFAYD VQQDEw02ODk5OGMyOS1jOGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm9xxQLxNs5LTYyEYGvHnRkGbs2kvPTifdSDUs3DR+W2PsNWeBA3eCjHePwft dmgpzGLKXUB+Yp7/1H6skx7otEq+Eoroih+vC3XUJQNDwSTB1l9H0ClruNLLt5V7 yTObFZ6y2QnatycNxSkNx0TxoqvaKMFMiujbL6KJn6bmukhOE1EiDxgZIWlQIBa1 qmxqNlfTAORF49zZ2FI/47TdHIcoOOg9ru9pJkQD+A3f/qjCTO/5bEEThzxDym0/ KzQexKCMr6u16TiyfARqNltn/L0sndgJoOBnJZfKW3wQc2+MRfy6s80qdCSF5zx6 H0pC4dILGfhHQUEC5DR3isvYgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPGOa7VN gsDnbc1kcOeFT3yP2KG5MB8GA1UdIwQYMBaAFIF904AvJuV+zoJlzoYm/LucZOnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDkyQy9FMkMwNzdERTc3 NjYxMUVGQjU1RUQyNzlDNEY5QUUwMi9nWDNUZ0M4bTVYN09nbVhPaGliOHU1eGs2 ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dYM1RnQzhtNVg3T2dtWE9oaWI4dTV4azZkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDkyQy9FMkMwNzdERTc3NjYxMUVGQjU1RUQyNzlDNEY5QUUwMi9nWDNUZ0M4bTVY N09nbVhPaGliOHU1eGs2ZFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBG1Q5RKLSKZn0cdCFU4llQlDtrZygdGQD5az7W626h6rwmZeOMxC5u v7mkwVHxAcEBNGyo+2DAdNtnfsF3ldXMHR4jqL1oG2KrDO/BwyyVcM1Pd98vdHUW QomtSaibpi1BGR7GQWdeK27OfDxTDEv22sIjJs81KRuFADCoZs+V7NbdXB1wmTmV T5qe+w3AOaHL7bC2oEC01vyiSLosBqP2jT1+rpi5WCCMoAAPfAlEJVYfMfFHDZje pyyFpt8hlvi5+3uLv0YWWNoDl9fUsi1t43Ef2f24jAy9xWLPWK+i51mfnJOnHd+w kTua2B+yR9K14s5ELxj5i65/Wbj5mywz -----END CERTIFICATE-----Generated at Mon Aug 11 10:36:27 2025 by rpki-client