$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft File: epYXaVSeCq0Km_mSVoO673M6Lxo.mft (raw, json) Hash identifier: iaDUv/1dOeuZaxAWK5ZpNd+dS+Q6YIbZQQF5Et/FSVk= Subject key identifier: 87:85:1B:67:14:07:F4:21:A3:96:77:2B:35:39:27:99:16:17:6D:9A Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Certificate serial: 351D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft Manifest number: 34E5 Signing time: Fri 22 Aug 2025 14:22:35 +0000 Manifest this update: Fri 22 Aug 2025 14:22:35 +0000 Manifest next update: Fri 29 Aug 2025 14:22:35 +0000 Files and hashes: 1: epYXaVSeCq0Km_mSVoO673M6Lxo.crl (hash: YMRXVsoByyAUyjjDtwIdqN4mGedfU6ZcddMh/d5tZPU=) 2: A9B6556E064311F0BA61C549C4F9AE02.roa (hash: 3e60GR3MoJvujbyYCoktl4OQNQ+AEpGhTuH3AGAwszA=) 3: 1F5CD892C35111EE9D744F36C4F9AE02.roa (hash: 1gkTF4crGWzpTEQnLV3friPjpJHknrP6i19dnfTKZhs=) 4: 1A83389CC35211EE8CE04C38C4F9AE02.roa (hash: wP5Do/J+7GR346S2KVvf1dpQZtkQwT1BPnhQO5L+JJ4=) 5: DA202262C34F11EE93BC8317C4F9AE02.roa (hash: dcDioS0VFo6S9vVwz+paS1zd6YFHx5bsZVN3a7QsfW4=) 6: 61A65BF2C35011EE95366E18C4F9AE02.roa (hash: Q61bbCPssNF62XMkq5QJdqkEtUeKQLsoUnsJMBUa8ZI=) 7: 1EEE3E0AC35111EE9D744F36C4F9AE02.roa (hash: 5YdHJezTTAq6NbRIi4l4/6Fihe+icCcCreH0PZW2XgQ=) 8: A50EE218C34D11EEBC95A913C4F9AE02.roa (hash: 5q/2MUPjpxwhlN6OCcanacRv9yZj3jDJtQjCybC3W8U=) 9: 8C9959CE060A11F08CBBE511C4F9AE02.roa (hash: wBMnE1ikTeOfmThio4waRUY3j+LFozimFFQdqFnWb8Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:22:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13597 (0x351d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Validity Not Before: Aug 22 14:22:35 2025 GMT Not After : Aug 29 14:22:35 2025 GMT Subject: CN=68a87d2b-3735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:3b:3e:d2:e9:bf:fb:6e:ce:5e:0f:6d:45:81: 06:db:bf:76:de:47:c7:31:f5:ff:88:c5:45:d2:12: 79:1f:70:00:77:1b:30:f8:08:c8:d4:83:7d:6e:ee: 62:89:6d:89:8b:ed:7d:46:f2:85:1c:e0:51:d2:82: a1:88:29:44:a2:65:7b:a5:2d:97:06:ab:98:d9:5b: 6d:63:33:24:e7:6c:f3:8c:c3:b4:86:3c:84:da:6b: 6e:41:48:60:86:eb:a5:16:13:02:a1:49:f2:e5:fd: 2d:ae:38:17:b2:cc:be:15:10:dc:f8:d0:db:bc:0f: 1e:4c:13:7b:e4:67:95:8a:66:1b:7f:a3:49:88:4e: 62:60:46:0d:b1:c3:01:8b:9d:47:c5:c9:5b:19:60: de:ae:10:25:9c:df:d6:c7:e3:8f:f9:da:49:0b:68: 4a:b5:c9:cd:f5:5d:e4:bd:9f:9b:17:20:e2:6f:1c: 1b:95:82:bb:3e:8c:72:99:12:f0:14:79:f6:ed:e9: 43:4c:a8:6b:a6:07:b2:7f:ab:78:2d:ef:4f:38:f1: 2a:b0:95:cb:31:e6:5a:96:6e:74:d9:a7:c6:c6:fb: a7:ab:67:b5:a7:ff:09:85:80:ff:bb:8e:1a:a1:cb: c7:cf:4b:fb:8a:c1:6d:4a:b2:38:6e:2f:a0:1f:7f: c1:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:85:1B:67:14:07:F4:21:A3:96:77:2B:35:39:27:99:16:17:6D:9A X509v3 Authority Key Identifier: keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:cb:69:b2:50:61:53:80:1f:0d:05:d2:18:ed:04:6c:37:e7: ef:0d:a0:ff:64:ba:fa:1e:5d:32:76:e4:5b:44:83:4b:00:53: 21:8e:cf:91:e4:42:b5:ad:4d:11:c7:f5:eb:f4:95:45:0c:88: a1:d7:ee:80:b8:17:0a:e3:e7:24:b5:32:5a:50:01:8c:44:61: 5d:c4:70:3c:79:c0:ce:9e:cf:ee:ee:78:84:de:d1:29:47:15: 2c:11:08:6a:5e:f4:f6:92:2d:dd:ec:b7:f3:3c:30:cc:85:b6: 17:4c:35:dd:01:b5:c3:dc:da:df:9c:fc:cd:fa:70:31:91:c7: da:31:40:7c:80:4e:46:93:21:83:fb:8c:15:7e:33:81:f2:ed: 21:6b:5d:5b:fd:4a:d9:e5:54:73:6d:4c:b3:1d:d5:55:de:ed: 50:99:7b:48:12:a2:a5:0a:af:0b:4d:36:f0:60:1a:08:92:d9: 3b:fb:5f:b0:61:a3:cb:9d:2b:54:d5:80:d2:8f:ad:21:02:d2: eb:2b:fc:88:53:06:19:68:9e:7c:cb:29:72:9c:2e:5c:88:93: 85:b3:00:db:d2:d5:26:e5:68:77:1f:91:19:54:16:bc:0c:b4: c0:b3:db:84:61:8e:d2:de:b5:9e:be:be:d2:c6:d8:5a:d9:8a: 3a:f2:19:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG NzMzQTJGMUEwHhcNMjUwODIyMTQyMjM1WhcNMjUwODI5MTQyMjM1WjAYMRYwFAYD VQQDEw02OGE4N2QyYi0zNzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArDs+0um/+27OXg9tRYEG27923kfHMfX/iMVF0hJ5H3AAdxsw+AjI1IN9bu5i iW2Ji+19RvKFHOBR0oKhiClEomV7pS2XBquY2VttYzMk52zzjMO0hjyE2mtuQUhg huulFhMCoUny5f0trjgXssy+FRDc+NDbvA8eTBN75GeVimYbf6NJiE5iYEYNscMB i51HxclbGWDerhAlnN/Wx+OP+dpJC2hKtcnN9V3kvZ+bFyDibxwblYK7PoxymRLw FHn27elDTKhrpgeyf6t4Le9POPEqsJXLMeZalm502afGxvunq2e1p/8JhYD/u44a ocvHz0v7isFtSrI4bi+gH3/BSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIeFG2cU B/Qho5Z3KzU5J5kWF22aMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzVCMC80MEM4RDVBNjFEODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNx MEttX21TVm9PNjczTTZMeG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJy2myUGFTgB8NBdIY7QRsN+fvDaD/ZLr6Hl0yduRbRINLAFMhjs+R 5EK1rU0Rx/Xr9JVFDIih1+6AuBcK4+cktTJaUAGMRGFdxHA8ecDOns/u7niE3tEp RxUsEQhqXvT2ki3d7LfzPDDMhbYXTDXdAbXD3NrfnPzN+nAxkcfaMUB8gE5GkyGD +4wVfjOB8u0ha11b/UrZ5VRzbUyzHdVV3u1QmXtIEqKlCq8LTTbwYBoIktk7+1+w YaPLnStU1YDSj60hAtLrK/yIUwYZaJ58yylynC5ciJOFswDb0tUm5Wh3H5EZVBa8 DLTAs9uEYY7S3rWevr7Sxtha2Yo68hma -----END CERTIFICATE-----Generated at Sat Aug 23 20:58:59 2025 by rpki-client