$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: 0vB06CvjYXxx38pQdCXk1B3b/Po11zbnmxlWSn1YME8= Subject key identifier: 54:04:77:8C:29:98:AB:26:AD:CF:15:0F:E4:C6:CE:08:0A:07:6A:91 Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0C35 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0C2F Signing time: Fri 22 Aug 2025 18:04:53 +0000 Manifest this update: Fri 22 Aug 2025 18:04:53 +0000 Manifest next update: Fri 29 Aug 2025 18:04:53 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: hunfmNlwKbGKU92BffrFuYASHf66icBJoAuPrmz73dk=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: fJj5V7B0tj2U/amxOYn7MfT1h8cR0RvRgHTxKdHbOM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:04:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3125 (0xc35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624, serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: Aug 22 18:04:53 2025 GMT Not After : Aug 29 18:04:53 2025 GMT Subject: CN=68a8b145-ac61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e4:3a:61:0e:a2:9f:2b:ec:06:d9:ca:5b:e8: 90:ff:f8:38:9e:5e:02:ab:86:a8:10:76:0f:8e:50: ee:d9:c5:af:3b:4b:84:ef:78:ae:74:51:c2:f9:79: 4f:24:54:1c:34:d3:49:fe:95:42:5f:fe:c8:7e:0f: 51:d0:bd:11:18:b9:b1:09:7f:17:c5:74:0b:b2:07: 41:8e:0e:52:69:b4:8d:cf:09:9a:be:5e:a1:1a:94: 7f:a8:c2:78:f9:cb:6a:ea:c8:a3:34:75:59:68:a2: cc:bd:58:ec:a9:e0:c1:ae:32:21:5c:b4:9c:64:f2: fb:f8:73:a9:86:01:9b:d9:71:51:57:47:2f:9e:ff: 05:60:3b:f1:94:36:20:d5:31:c1:d6:e1:50:3a:46: c4:9a:0e:f6:34:2c:9c:f1:dc:b6:46:68:b3:db:5c: b2:ab:4b:07:07:48:1c:62:83:be:a8:a1:6e:27:a6: 70:5a:a1:fc:c7:c2:42:2a:0a:23:3e:f0:a1:95:23: 81:aa:e3:09:0f:5d:26:15:fa:f5:df:80:df:76:08: 24:30:aa:80:b4:d9:4a:f5:76:4c:08:83:83:23:51: ca:33:e6:dc:b5:f3:3a:dd:65:9e:f0:21:9c:26:92: 51:3b:ad:1c:6d:3b:53:a0:60:22:0c:57:23:d7:e4: 38:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:04:77:8C:29:98:AB:26:AD:CF:15:0F:E4:C6:CE:08:0A:07:6A:91 X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:96:95:1b:35:63:29:50:ee:ef:f0:39:56:5e:7d:89:21:5a: 6e:44:31:18:fd:55:92:a6:f7:6a:95:5f:e8:db:16:02:4c:16: 7e:76:08:bd:de:0e:82:2b:ac:6f:91:c8:ed:d9:ab:e7:96:16: a1:bc:43:8e:32:37:82:35:8f:65:e7:dc:88:62:41:d9:00:e8: 3e:ca:76:b7:ad:05:7e:a1:b8:f1:b8:78:2c:c0:60:dd:35:ed: 6a:b6:c2:fe:d7:3c:27:0f:b1:f9:50:53:37:06:36:4b:68:57: 03:a6:39:47:05:7d:11:18:aa:31:d5:a9:f0:bf:4d:6f:be:7f: 1b:14:7e:e0:ef:80:5d:53:9b:04:fc:5e:c2:55:3a:a0:17:12: 1d:d5:a5:46:af:3f:90:3b:4f:58:11:05:90:7e:43:09:15:5e: b9:90:af:c3:3b:2a:26:25:99:73:42:6d:da:ed:e0:b9:2c:c4: d7:ef:48:e9:4d:42:9f:67:dd:ee:93:ba:8d:b6:14:57:fc:ba: cd:e3:59:3d:2b:ab:50:83:7f:96:06:06:49:af:d3:91:9e:9a: 5c:ee:c8:2a:a3:38:54:27:1d:cf:20:79:5d:2d:dc:39:2d:49: f8:c0:3c:53:5b:24:ef:9d:fa:00:bf:8e:00:7c:b1:d9:a1:03: 25:47:8e:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjUwODIyMTgwNDUzWhcNMjUwODI5MTgwNDUzWjAYMRYwFAYD VQQDEw02OGE4YjE0NS1hYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsuQ6YQ6inyvsBtnKW+iQ//g4nl4Cq4aoEHYPjlDu2cWvO0uE73iudFHC+XlP JFQcNNNJ/pVCX/7Ifg9R0L0RGLmxCX8XxXQLsgdBjg5SabSNzwmavl6hGpR/qMJ4 +ctq6sijNHVZaKLMvVjsqeDBrjIhXLScZPL7+HOphgGb2XFRV0cvnv8FYDvxlDYg 1THB1uFQOkbEmg72NCyc8dy2Rmiz21yyq0sHB0gcYoO+qKFuJ6ZwWqH8x8JCKgoj PvChlSOBquMJD10mFfr134DfdggkMKqAtNlK9XZMCIODI1HKM+bctfM63WWe8CGc JpJRO60cbTtToGAiDFcj1+Q4CQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFQEd4wp mKsmrc8VD+TGzggKB2qRMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBalpUbNWMpUO7v8DlWXn2JIVpuRDEY/VWSpvdqlV/o2xYCTBZ+dgi9 3g6CK6xvkcjt2avnlhahvEOOMjeCNY9l59yIYkHZAOg+yna3rQV+objxuHgswGDd Ne1qtsL+1zwnD7H5UFM3BjZLaFcDpjlHBX0RGKox1anwv01vvn8bFH7g74BdU5sE /F7CVTqgFxId1aVGrz+QO09YEQWQfkMJFV65kK/DOyomJZlzQm3a7eC5LMTX70jp TUKfZ93uk7qNthRX/LrN41k9K6tQg3+WBgZJr9ORnppc7sgqozhUJx3PIHldLdw5 LUn4wDxTWyTvnfoAv44AfLHZoQMlR46K -----END CERTIFICATE-----Generated at Sun Aug 24 00:06:57 2025 by rpki-client