$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft File: lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json) Hash identifier: +Gs51w7IM77n/EWCk+l8C789m9Pidq2TGYPXsLvRjWA= Subject key identifier: 49:28:88:4B:FA:30:68:B6:DD:AC:1C:0C:C4:84:0C:C1:FC:C8:93:8A Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 Certificate issuer: /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Certificate serial: 34BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft Manifest number: 34B5 Signing time: Fri 08 Aug 2025 14:38:09 +0000 Manifest this update: Fri 08 Aug 2025 14:38:08 +0000 Manifest next update: Fri 15 Aug 2025 14:38:08 +0000 Files and hashes: 1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: Cc9gcw3oOJUPKYXt9hlJwigDKTP2JiRcSKVsc5qjFZ0=) 2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13498 (0x34ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Validity Not Before: Aug 8 14:38:08 2025 GMT Not After : Aug 15 14:38:08 2025 GMT Subject: CN=68960bd0-823f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:14:0d:f7:ac:db:03:2b:40:32:41:0b:87:40: 49:c5:c6:81:a2:e0:a3:bc:04:60:f9:ad:6c:d6:80: 7b:f8:ed:0a:5c:bb:ad:46:62:22:f2:2b:3b:83:7c: d1:4f:32:e8:4d:c9:2a:38:6a:55:9a:29:a5:12:3f: 99:79:ef:f6:58:8c:14:c5:b5:83:16:36:5c:90:86: 42:c4:5d:08:45:89:a9:64:76:72:2a:bc:e1:a9:69: 73:84:83:08:7e:fd:99:c2:dc:44:dd:d4:b6:c9:dd: 0c:0e:1b:0e:04:5c:8f:62:c2:cc:05:5f:5b:ae:a1: fa:b3:31:da:15:ff:20:a0:f1:ae:ec:0f:b8:f6:81: 7b:fb:2f:17:69:ff:e5:1b:c9:e8:43:f5:01:dc:3a: 7a:c4:4a:09:ca:f3:d5:b2:a0:8f:ec:b0:a0:63:c9: f1:cb:18:aa:b7:8d:25:bb:be:0f:3d:c9:42:aa:ee: f5:0e:99:2c:a3:34:92:ce:b7:52:6b:05:20:96:96: af:e6:27:81:a3:3c:e9:c4:87:7e:1e:ff:45:94:ed: 20:5b:27:25:fd:08:ff:49:f1:37:c6:89:06:6b:46: 53:22:ac:65:21:bd:07:5a:bc:b8:ee:22:19:83:8f: ec:8f:0d:48:e9:d7:a1:7d:a1:0a:2e:85:cc:14:55: ef:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:28:88:4B:FA:30:68:B6:DD:AC:1C:0C:C4:84:0C:C1:FC:C8:93:8A X509v3 Authority Key Identifier: keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:13:e2:02:33:ea:50:20:c9:2b:c3:01:f7:81:ad:29:f7:69: da:d2:8b:d2:20:83:26:19:98:2d:84:6d:85:9d:46:1b:04:d5: 7d:44:16:50:4a:69:73:5b:93:22:36:fa:95:f2:ba:1b:37:fe: 01:62:52:46:1c:05:f2:d6:cc:c0:7d:c9:6a:be:97:17:6e:07: 34:47:51:2f:5c:0c:c5:4e:00:4c:5f:da:c6:0f:37:5f:e3:03: c5:db:91:75:69:ac:55:03:1a:48:79:09:70:97:f0:8d:89:b3: bf:c4:c4:b8:33:52:5d:68:a2:15:6a:5a:64:a1:b3:25:33:b1: dc:99:d3:e6:25:6a:13:5c:f0:eb:05:91:1f:ab:46:b2:8d:31: 66:cc:92:8d:6b:da:cf:e0:97:1f:5e:6b:75:ab:3b:ba:1f:e9: 26:d2:f9:cd:c4:1c:ac:0c:db:fb:8a:f5:56:db:32:29:f7:60: af:7d:e0:3d:18:95:99:85:01:2c:d5:fe:39:33:e6:db:4a:5e: eb:3b:e3:74:d6:d0:34:8a:47:ca:57:0b:14:a6:02:f9:b7:54: 97:e0:2a:5b:8a:2d:3a:f9:8c:0a:78:99:86:75:a2:6e:16:a2: ce:81:7d:1a:09:4f:f0:ad:c4:e5:5d:31:d6:6b:eb:ae:64:24: 53:e7:3c:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC ODQxNEU4MzgwHhcNMjUwODA4MTQzODA4WhcNMjUwODE1MTQzODA4WjAYMRYwFAYD VQQDEw02ODk2MGJkMC04MjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxQN96zbAytAMkELh0BJxcaBouCjvARg+a1s1oB7+O0KXLutRmIi8is7g3zR TzLoTckqOGpVmimlEj+Zee/2WIwUxbWDFjZckIZCxF0IRYmpZHZyKrzhqWlzhIMI fv2ZwtxE3dS2yd0MDhsOBFyPYsLMBV9brqH6szHaFf8goPGu7A+49oF7+y8Xaf/l G8noQ/UB3Dp6xEoJyvPVsqCP7LCgY8nxyxiqt40lu74PPclCqu71DpksozSSzrdS awUglpav5ieBozzpxId+Hv9FlO0gWycl/Qj/SfE3xokGa0ZTIqxlIb0HWry47iIZ g4/sjw1I6dehfaEKLoXMFFXvKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEkoiEv6 MGi23awcDMSEDMH8yJOKMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2 RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2 YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcE+ICM+pQIMkrwwH3ga0p92na0ovSIIMmGZgthG2FnUYbBNV9RBZQ SmlzW5MiNvqV8robN/4BYlJGHAXy1szAfclqvpcXbgc0R1EvXAzFTgBMX9rGDzdf 4wPF25F1aaxVAxpIeQlwl/CNibO/xMS4M1JdaKIValpkobMlM7HcmdPmJWoTXPDr BZEfq0ayjTFmzJKNa9rP4JcfXmt1qzu6H+km0vnNxBysDNv7ivVW2zIp92CvfeA9 GJWZhQEs1f45M+bbSl7rO+N01tA0ikfKVwsUpgL5t1SX4Cpbii06+YwKeJmGdaJu FqLOgX0aCU/wrcTlXTHWa+uuZCRT5zzT -----END CERTIFICATE-----Generated at Sun Aug 10 03:50:43 2025 by rpki-client