$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft File: PnIyBI3L0sabqyJbikIhYEbBiyU.mft (raw, json) Hash identifier: kIvB/FecoYWngfY+WFVlLnwR/VMB2HrePxRH4T75pvI= Subject key identifier: 0D:CF:BC:11:49:36:01:4F:1B:B2:B4:2F:68:A2:80:CD:94:11:9B:37 Authority key identifier: 3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 Certificate issuer: /CN=A911CA78/serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Certificate serial: 01A8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft Manifest number: 01A4 Signing time: Fri 22 Aug 2025 19:10:56 +0000 Manifest this update: Fri 22 Aug 2025 19:10:56 +0000 Manifest next update: Fri 29 Aug 2025 19:10:56 +0000 Files and hashes: 1: PnIyBI3L0sabqyJbikIhYEbBiyU.crl (hash: jJu3peePK5j+4Sukiem4zeF29fxx6T/BSc3nhla6lBk=) 2: 1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa (hash: jx7hnJAbOWXi06R8EaUqGVH9j+g4HwGKu5sUmUZqpVQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:10:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 424 (0x1a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78, serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Validity Not Before: Aug 22 19:10:56 2025 GMT Not After : Aug 29 19:10:56 2025 GMT Subject: CN=68a8c0c0-4a4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:4f:69:44:ae:a3:9a:71:8e:41:c2:58:3f:52: 83:4f:e7:dd:27:8d:db:62:0f:59:51:db:34:5f:ca: a7:33:c3:03:8d:e6:45:8f:f7:0b:61:83:b4:2e:5b: cf:3a:a4:24:a1:69:be:f3:07:78:a3:8b:09:c6:ce: c9:6f:cd:58:49:47:99:5b:32:03:ba:69:06:76:cf: d9:45:32:0e:10:1c:77:6b:64:80:67:8c:49:2f:c3: e1:79:37:74:38:b3:7e:dc:17:2b:d8:2e:99:5c:60: e0:d6:93:3a:e5:bb:b6:3b:1e:c8:73:8b:c2:99:08: 4e:d9:9f:fd:0c:49:95:1f:a2:fa:9a:48:d5:12:70: 11:64:12:bd:c7:2f:13:70:c6:55:32:6a:0f:68:dd: ce:03:53:99:e8:ad:b5:39:3e:70:da:f0:41:c5:c5: 87:82:7e:8d:46:74:91:2e:3c:69:dc:4f:9b:c4:75: 3b:39:20:30:17:c6:8c:f9:50:26:76:6b:ed:02:f4: e0:46:e4:76:ce:41:56:fa:60:5f:d1:81:f5:c0:72: cb:cd:7a:5c:92:fd:c8:66:43:1b:56:23:0f:c8:68: b0:44:47:96:ae:15:b6:87:a7:05:be:1b:ed:6e:54: 8c:91:3f:cb:7e:ba:49:96:da:94:70:06:5a:f4:9d: 4a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:CF:BC:11:49:36:01:4F:1B:B2:B4:2F:68:A2:80:CD:94:11:9B:37 X509v3 Authority Key Identifier: keyid:3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:61:13:11:8f:1c:6c:2c:4f:fa:09:ad:2a:7e:f8:df:cb:8c: 93:79:07:fe:1e:00:f7:fb:d5:84:67:a1:e6:f5:22:89:08:3f: d4:2d:bc:97:09:01:71:48:df:8b:f0:57:27:d2:83:78:73:ea: ea:0a:6b:72:e2:73:6f:fd:e0:12:ff:5e:4c:63:d1:8b:19:39: 8f:4b:c7:a0:61:a1:9a:07:a1:db:4c:9a:a7:42:77:63:e3:c9: 70:1d:91:2e:12:81:2d:d7:e7:40:8e:63:b5:0a:ea:09:7e:e7: 27:17:11:51:e7:bf:96:07:7e:fd:aa:6d:8b:c3:33:62:b6:af: 5e:70:09:dd:eb:a7:34:f5:9d:ae:0b:e3:9b:8a:e5:cd:98:88: f4:0e:33:b5:4e:ee:b7:eb:bc:26:21:01:e8:f9:f0:46:01:87: f0:7f:0a:f1:60:cc:ef:d8:8d:e8:35:74:15:4c:7c:a7:0d:07: ec:8b:fb:27:cd:d9:96:e3:74:79:89:34:a8:91:2d:b2:fc:dd: 31:b6:76:af:2f:9b:c8:7c:86:3a:d6:84:dc:c1:97:85:50:9c: 21:26:7b:01:da:d8:f5:c2:9c:99:75:f0:91:81:e4:a8:a3:f3: 90:51:ba:c4:f3:33:b2:28:0a:b5:87:9c:e4:2c:23:58:1d:6c: 3d:d3:94:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDNFNzIzMjA0OERDQkQyQzY5QkFCMjI1QjhBNDIyMTYw NDZDMThCMjUwHhcNMjUwODIyMTkxMDU2WhcNMjUwODI5MTkxMDU2WjAYMRYwFAYD VQQDEw02OGE4YzBjMC00YTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy09pRK6jmnGOQcJYP1KDT+fdJ43bYg9ZUds0X8qnM8MDjeZFj/cLYYO0LlvP OqQkoWm+8wd4o4sJxs7Jb81YSUeZWzIDumkGds/ZRTIOEBx3a2SAZ4xJL8PheTd0 OLN+3Bcr2C6ZXGDg1pM65bu2Ox7Ic4vCmQhO2Z/9DEmVH6L6mkjVEnARZBK9xy8T cMZVMmoPaN3OA1OZ6K21OT5w2vBBxcWHgn6NRnSRLjxp3E+bxHU7OSAwF8aM+VAm dmvtAvTgRuR2zkFW+mBf0YH1wHLLzXpckv3IZkMbViMPyGiwREeWrhW2h6cFvhvt blSMkT/LfrpJltqUcAZa9J1KGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA3PvBFJ NgFPG7K0L2iigM2UEZs3MB8GA1UdIwQYMBaAFD5yMgSNy9LGm6siW4pCIWBGwYsl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC8wMjhGNThGRTE2 RDkxMUVFOUYxNzUzMTVDNEY5QUUwMi9Qbkl5QkkzTDBzYWJxeUpiaWtJaFlFYkJp eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BuSXlCSTNMMHNhYnF5SmJpa0loWUViQml5VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0E3OC8wMjhGNThGRTE2RDkxMUVFOUYxNzUzMTVDNEY5QUUwMi9Qbkl5QkkzTDBz YWJxeUpiaWtJaFlFYkJpeVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1YRMRjxxsLE/6Ca0qfvjfy4yTeQf+HgD3+9WEZ6Hm9SKJCD/ULbyX CQFxSN+L8Fcn0oN4c+rqCmty4nNv/eAS/15MY9GLGTmPS8egYaGaB6HbTJqnQndj 48lwHZEuEoEt1+dAjmO1CuoJfucnFxFR57+WB379qm2LwzNitq9ecAnd66c09Z2u C+ObiuXNmIj0DjO1Tu6367wmIQHo+fBGAYfwfwrxYMzv2I3oNXQVTHynDQfsi/sn zdmW43R5iTSokS2y/N0xtnavL5vIfIY61oTcwZeFUJwhJnsB2tj1wpyZdfCRgeSo o/OQUbrE8zOyKAq1h5zkLCNYHWw905Qi -----END CERTIFICATE-----Generated at Sun Aug 24 00:17:09 2025 by rpki-client