$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft File: MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft (raw, json) Hash identifier: 1Jyc+0e8p3L9bBw1Ab5+f8qI2AuStFmwjZJhSrMvORY= Subject key identifier: E0:2B:F9:9B:9D:C7:83:0C:4C:70:33:43:CD:0C:03:BC:C5:17:A3:8F Authority key identifier: 30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 Certificate issuer: /CN=A91B9EC7/serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Certificate serial: 0146 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft Manifest number: 0144 Signing time: Sat 09 Aug 2025 04:40:42 +0000 Manifest this update: Sat 09 Aug 2025 04:40:41 +0000 Manifest next update: Sat 16 Aug 2025 04:40:41 +0000 Files and hashes: 1: MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl (hash: 9/7OeiuEcq7MvuZgGo9hApCCbnHsiea51DajOE54FbM=) 2: 02FC3E3C82A511EEA1F2710DC4F9AE02.roa (hash: 6W6Gywd7YHiIdjjDyCFNskNZyB3wgY++Ir7hfO/X2TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 326 (0x146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9EC7, serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Validity Not Before: Aug 9 04:40:41 2025 GMT Not After : Aug 16 04:40:41 2025 GMT Subject: CN=6896d149-8971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:97:cc:87:0b:1f:ea:99:5a:4b:55:b5:9a:49: d7:a5:c0:8b:b4:f3:1d:cc:a4:27:83:61:f6:41:16: bc:50:81:af:29:fc:ba:57:56:41:8d:8c:3d:56:6e: 63:ab:2b:1f:19:d8:e2:00:69:c0:02:5e:c8:a4:26: df:92:9e:a1:a4:4d:4e:64:b7:d2:28:5a:65:0d:da: 83:2e:86:a9:bc:41:28:f4:b8:46:6a:0c:e1:58:38: 6c:62:2d:14:2f:15:50:e5:2d:98:91:b6:be:07:d9: 87:ea:bd:e1:c7:90:82:cc:66:f6:9e:c0:3c:10:9b: ba:59:6a:57:20:39:93:89:6d:d7:ee:c0:fc:79:f6: 48:4e:88:23:51:d1:57:16:7d:07:28:ca:09:2e:cc: 1f:cd:1e:f5:41:75:14:98:22:f6:e0:29:2d:5d:c1: c3:c3:7f:6f:c9:ae:bb:9d:7b:7d:60:16:c5:f6:28: e2:b8:f7:41:7b:90:c4:d2:b5:e2:08:a1:7f:53:67: 97:c0:92:9e:c0:28:d7:74:55:14:31:18:07:2e:78: 42:00:78:cd:e2:92:56:ec:ef:5a:4b:33:45:41:a9: 22:b7:2a:e0:bc:0e:b1:7e:1f:e2:6e:88:86:10:75: 59:9d:5e:33:e9:a2:57:12:25:ac:af:da:a1:dc:b5: fb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:2B:F9:9B:9D:C7:83:0C:4C:70:33:43:CD:0C:03:BC:C5:17:A3:8F X509v3 Authority Key Identifier: keyid:30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:0b:eb:c8:17:e1:f1:01:b2:e7:c0:3f:10:58:f8:f5:08:18: 6a:83:ab:4c:6b:88:76:82:81:52:00:10:76:16:e1:fb:8c:d5: 3c:16:75:cd:91:c8:f6:ee:52:be:0e:55:cb:78:4f:9c:e8:49: 3f:00:7c:90:2c:7d:85:b0:e8:62:0a:95:f8:a9:b9:f0:a3:86: 81:39:90:ea:b3:d0:f3:8f:88:48:f9:2a:0e:68:42:bb:a1:3d: eb:48:1e:9d:39:67:fe:97:82:80:b9:4c:44:df:b7:f6:bc:25: cc:4a:2a:b5:5d:7a:71:5e:89:5f:78:de:e7:a7:f8:2f:60:8e: 2f:a8:d8:43:a6:0d:94:4a:07:da:1a:8b:88:ff:55:8d:d2:25: ae:08:fe:5a:15:0d:60:b0:a2:61:9c:16:eb:3d:05:3b:d0:cf: 04:b6:b7:28:22:3a:68:da:e9:66:b8:d4:d0:ca:8d:b7:6c:3c: 93:78:2d:28:d3:5b:89:ab:71:9e:f6:fa:1f:22:48:23:53:c6: de:5d:5b:39:2c:d2:e6:61:75:51:78:8d:47:10:77:a6:1b:32: b7:f3:dd:eb:2d:66:b9:65:82:62:de:53:dd:9b:a0:5a:c7:75: 58:a2:39:8b:1a:9f:8f:b5:1e:b2:67:e3:bf:d6:3f:10:58:cd: 21:48:b2:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlFQzcxMTAvBgNVBAUTKDMwNkUzNEZBODREQTA5MEM2MDAxQjM1NDY0QkI4QzQy NjM1N0Q5MjgwHhcNMjUwODA5MDQ0MDQxWhcNMjUwODE2MDQ0MDQxWjAYMRYwFAYD VQQDEw02ODk2ZDE0OS04OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZfMhwsf6plaS1W1mknXpcCLtPMdzKQng2H2QRa8UIGvKfy6V1ZBjYw9Vm5j qysfGdjiAGnAAl7IpCbfkp6hpE1OZLfSKFplDdqDLoapvEEo9LhGagzhWDhsYi0U LxVQ5S2Ykba+B9mH6r3hx5CCzGb2nsA8EJu6WWpXIDmTiW3X7sD8efZITogjUdFX Fn0HKMoJLswfzR71QXUUmCL24CktXcHDw39vya67nXt9YBbF9ijiuPdBe5DE0rXi CKF/U2eXwJKewCjXdFUUMRgHLnhCAHjN4pJW7O9aSzNFQakityrgvA6xfh/iboiG EHVZnV4z6aJXEiWsr9qh3LX7WQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOAr+Zud x4MMTHAzQ80MA7zFF6OPMB8GA1UdIwQYMBaAFDBuNPqE2gkMYAGzVGS7jEJjV9ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVDNy9FNjNGMkY4QTgy QTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNReGdBYk5VWkx1TVFtTlgy U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01HNDAtb1RhQ1F4Z0FiTlVaTHVNUW1OWDJTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUVDNy9FNjNGMkY4QTgyQTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNR eGdBYk5VWkx1TVFtTlgyU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQC+vIF+HxAbLnwD8QWPj1CBhqg6tMa4h2goFSABB2FuH7jNU8FnXN kcj27lK+DlXLeE+c6Ek/AHyQLH2FsOhiCpX4qbnwo4aBOZDqs9Dzj4hI+SoOaEK7 oT3rSB6dOWf+l4KAuUxE37f2vCXMSiq1XXpxXolfeN7np/gvYI4vqNhDpg2USgfa GouI/1WN0iWuCP5aFQ1gsKJhnBbrPQU70M8EtrcoIjpo2ulmuNTQyo23bDyTeC0o 01uJq3Ge9vofIkgjU8beXVs5LNLmYXVReI1HEHemGzK3893rLWa5ZYJi3lPdm6Ba x3VYojmLGp+PtR6yZ+O/1j8QWM0hSLKT -----END CERTIFICATE-----Generated at Sun Aug 10 10:34:41 2025 by rpki-client