$ rpki-client -vvf rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.mft File: tZsFZqgqmDvebfHF3kxYLJvKg5I.mft (raw, json) Hash identifier: qVkRDviCck9BjH4m5wZrQ/G4jeKEE/h5Xkb3v2insDw= Subject key identifier: 5C:1F:05:02:FB:FA:CC:BE:79:D2:F6:83:40:80:48:24:1B:2B:24:9B Authority key identifier: B5:9B:05:66:A8:2A:98:3B:DE:6D:F1:C5:DE:4C:58:2C:9B:CA:83:92 Certificate issuer: /CN=A917C71E/serialNumber=B59B0566A82A983BDE6DF1C5DE4C582C9BCA8392 Certificate serial: 0C1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tZsFZqgqmDvebfHF3kxYLJvKg5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.mft Manifest number: 0C04 Signing time: Tue 12 Aug 2025 19:01:08 +0000 Manifest this update: Tue 12 Aug 2025 19:01:08 +0000 Manifest next update: Tue 19 Aug 2025 19:01:08 +0000 Files and hashes: 1: tZsFZqgqmDvebfHF3kxYLJvKg5I.crl (hash: b/S+jXGjVeciqoGcfO0LfrLe86vheai4BBiwQD9Ud1Q=) 2: CFF8393A232C11F0B9CB2044C4F9AE02.roa (hash: nfqNeR+bbEfavJF+ova8yLO5QWoKeC1GYyFqfwg0csE=) 3: CB46AC50509111EF9E40402FC4F9AE02.roa (hash: ad0J4ZFgNbW6j5IO3p20cgw4SuRj+wZOS+Yi86cuNgg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.crl rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tZsFZqgqmDvebfHF3kxYLJvKg5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 19:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3101 (0xc1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C71E, serialNumber=B59B0566A82A983BDE6DF1C5DE4C582C9BCA8392 Validity Not Before: Aug 12 19:01:08 2025 GMT Not After : Aug 19 19:01:08 2025 GMT Subject: CN=689b8f74-cb58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b7:1c:89:e6:ac:44:ca:19:51:69:b0:db:16: be:37:d9:23:eb:99:f3:60:35:05:c9:94:07:c9:b5: cb:8c:c5:fc:a6:e0:02:f9:9c:1b:8f:94:ff:1f:7f: dc:d5:e4:e9:dc:a1:66:24:d6:c0:83:66:2f:15:47: 34:f3:32:29:81:f2:63:db:3c:4b:16:53:69:7e:8c: 4f:df:68:51:fd:28:d8:e9:64:ec:51:4d:e0:a4:c2: 4b:22:c6:3a:a5:aa:bc:99:13:f1:37:fa:9e:94:ae: 0a:a9:e2:8b:6a:1c:d3:ee:17:26:03:f6:b2:36:c4: c4:26:57:23:33:10:56:56:00:6e:dd:c9:83:9c:d8: 69:ef:e5:b9:03:d3:03:75:10:f5:95:85:e4:a6:f6: e6:c0:3f:6f:b1:5d:88:17:b3:d4:11:5f:7f:79:e8: 7b:5d:6a:d1:a2:fa:e3:89:f3:13:75:63:d2:a1:6d: c7:36:fa:21:72:dd:ca:47:fc:0c:9a:b9:4e:5d:7b: e8:e9:05:6b:6b:8e:c0:83:61:c2:42:9b:c3:fd:93: 29:8a:e2:e1:9f:80:98:98:2b:5f:7d:5c:4d:50:b4: 4a:90:2e:37:51:42:42:81:46:23:5a:3a:ce:50:20: ac:2a:dd:b0:4d:a5:57:67:e0:6f:b5:64:71:24:23: 8a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:1F:05:02:FB:FA:CC:BE:79:D2:F6:83:40:80:48:24:1B:2B:24:9B X509v3 Authority Key Identifier: keyid:B5:9B:05:66:A8:2A:98:3B:DE:6D:F1:C5:DE:4C:58:2C:9B:CA:83:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tZsFZqgqmDvebfHF3kxYLJvKg5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C71E/C78E4A721CA811EA8CBB4543C4F9AE02/tZsFZqgqmDvebfHF3kxYLJvKg5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:c0:ca:48:fe:a6:dd:13:42:1f:00:72:e3:bb:fd:22:3d:b7: 05:8b:44:a2:5f:90:74:45:d9:33:24:b5:b9:cb:64:d2:a2:de: ce:8a:99:04:28:a6:62:45:21:98:02:68:03:b2:b9:dd:40:13: d6:67:59:1f:c9:5a:80:df:ae:58:9e:21:e2:76:5b:ca:f5:2a: 3f:f3:fd:e4:c9:a6:59:dc:55:f6:66:ca:7e:82:52:71:14:2a: 9d:98:d6:5e:4f:df:08:74:c9:f3:dc:d3:95:3d:c7:50:28:7c: e4:be:e7:8c:23:b5:60:5a:20:eb:8a:4b:e8:7a:6b:68:87:ae: 4d:53:50:77:78:a2:da:a1:2e:ad:a8:da:41:7f:07:4a:83:8b: d2:55:68:5c:38:19:2e:ec:07:c4:70:83:f5:99:82:09:3e:e1: 08:e3:86:78:e8:f2:61:bf:1e:e7:02:96:59:84:f9:e6:43:5b: 8e:05:9e:d7:27:91:82:6b:45:5c:be:46:57:dc:b9:3d:ed:be: 74:85:cc:94:ba:12:6f:89:62:3c:f4:f2:ed:f7:3b:a3:4f:7b: fb:7a:4f:b6:8e:f6:17:4c:87:54:ce:3c:b0:1f:3e:d2:11:bf: 69:18:ee:9e:fc:78:8b:ac:da:4b:1d:83:f7:22:bc:a1:ea:ac: cd:e6:5d:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M3MUUxMTAvBgNVBAUTKEI1OUIwNTY2QTgyQTk4M0JERTZERjFDNURFNEM1ODJD OUJDQTgzOTIwHhcNMjUwODEyMTkwMTA4WhcNMjUwODE5MTkwMTA4WjAYMRYwFAYD VQQDEw02ODliOGY3NC1jYjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7ccieasRMoZUWmw2xa+N9kj65nzYDUFyZQHybXLjMX8puAC+Zwbj5T/H3/c 1eTp3KFmJNbAg2YvFUc08zIpgfJj2zxLFlNpfoxP32hR/SjY6WTsUU3gpMJLIsY6 paq8mRPxN/qelK4KqeKLahzT7hcmA/ayNsTEJlcjMxBWVgBu3cmDnNhp7+W5A9MD dRD1lYXkpvbmwD9vsV2IF7PUEV9/eeh7XWrRovrjifMTdWPSoW3HNvohct3KR/wM mrlOXXvo6QVra47Ag2HCQpvD/ZMpiuLhn4CYmCtffVxNULRKkC43UUJCgUYjWjrO UCCsKt2wTaVXZ+BvtWRxJCOK6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFwfBQL7 +sy+edL2g0CASCQbKySbMB8GA1UdIwQYMBaAFLWbBWaoKpg73m3xxd5MWCybyoOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzcxRS9DNzhFNEE3MjFD QTgxMUVBOENCQjQ1NDNDNEY5QUUwMi90WnNGWnFncW1EdmViZkhGM2t4WUxKdktn NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Rac0ZacWdxbUR2ZWJmSEYza3hZTEp2S2c1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzcxRS9DNzhFNEE3MjFDQTgxMUVBOENCQjQ1NDNDNEY5QUUwMi90WnNGWnFncW1E dmViZkhGM2t4WUxKdktnNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzwMpI/qbdE0IfAHLju/0iPbcFi0SiX5B0RdkzJLW5y2TSot7OipkE KKZiRSGYAmgDsrndQBPWZ1kfyVqA365YniHidlvK9So/8/3kyaZZ3FX2Zsp+glJx FCqdmNZeT98IdMnz3NOVPcdQKHzkvueMI7VgWiDrikvoemtoh65NU1B3eKLaoS6t qNpBfwdKg4vSVWhcOBku7AfEcIP1mYIJPuEI44Z46PJhvx7nApZZhPnmQ1uOBZ7X J5GCa0VcvkZX3Lk97b50hcyUuhJviWI89PLt9zujT3v7ek+2jvYXTIdUzjywHz7S Eb9pGO6e/HiLrNpLHYP3Iryh6qzN5l0k -----END CERTIFICATE-----Generated at Wed Aug 13 05:56:24 2025 by rpki-client