$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft File: aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft (raw, json) Hash identifier: EfZOO69/GnUHmmv3nKV8gr39eku0nU2d/RgrWyNiEwc= Subject key identifier: D7:A2:E1:B8:31:E2:19:03:70:B3:DD:86:CE:26:F0:7A:AA:6E:69:2C Authority key identifier: 68:41:3D:41:F6:00:5E:03:16:E0:E2:57:6F:22:6C:21:88:AA:15:6F Certificate issuer: /CN=A911CA82/serialNumber=68413D41F6005E0316E0E2576F226C2188AA156F Certificate serial: 7D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft Manifest number: 7B Signing time: Fri 22 Aug 2025 23:06:38 +0000 Manifest this update: Fri 22 Aug 2025 23:06:38 +0000 Manifest next update: Fri 29 Aug 2025 23:06:38 +0000 Files and hashes: 1: aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl (hash: rYE9QvmURmrt+z/mEQgW5I0nRZR/SsceUYvP7E8K49I=) 2: AF4301D4CF8511EF94856A41C4F9AE02.roa (hash: eqsW8B/nzh24Js41J8yQQdlaY75NMXqpYi5U4uiBwdI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:06:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 125 (0x7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA82, serialNumber=68413D41F6005E0316E0E2576F226C2188AA156F Validity Not Before: Aug 22 23:06:38 2025 GMT Not After : Aug 29 23:06:38 2025 GMT Subject: CN=68a8f7fe-c7be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d1:3f:9c:cf:24:b2:03:56:8a:43:c4:21:51: c8:46:a0:9e:58:70:a7:3c:bb:ce:f9:bc:d9:d7:23: 1d:f2:f3:2f:ff:ea:10:25:ef:f0:27:0c:32:ff:c7: 90:fb:13:49:8d:f3:33:7f:69:2c:54:7a:4b:bb:9d: 3d:0f:50:b9:a6:d2:94:1e:5a:f9:6b:9c:dc:8c:40: f1:43:f2:fb:15:e2:60:b0:45:79:2e:d4:82:01:6b: 7f:58:1b:db:6f:9e:88:1d:fb:f9:35:b8:72:32:0f: d5:96:17:7a:16:aa:e9:d6:1d:eb:36:14:27:28:77: bb:4b:41:a0:34:ed:0d:ba:78:25:ac:e5:ff:54:1c: 5a:5d:21:0e:c3:7e:0e:f0:b3:94:3a:44:81:0f:f7: 5f:10:a3:43:de:17:31:26:f4:23:20:b3:7c:02:3b: 50:19:68:a9:43:c1:96:b4:7a:8a:4e:06:1d:30:9d: 4a:09:26:21:b6:d3:b4:5f:4b:e7:f4:2e:45:08:6b: 59:5d:6d:2f:ba:ff:7b:30:a3:2d:2d:92:f0:fe:fa: 7c:55:70:5e:49:3f:38:d7:bc:2b:47:95:37:14:0a: a8:ea:38:6c:3d:c6:18:26:ec:9b:ff:8d:30:b6:1b: e2:0d:96:96:a1:8e:8b:68:d6:3d:93:06:14:e8:92: 56:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A2:E1:B8:31:E2:19:03:70:B3:DD:86:CE:26:F0:7A:AA:6E:69:2C X509v3 Authority Key Identifier: keyid:68:41:3D:41:F6:00:5E:03:16:E0:E2:57:6F:22:6C:21:88:AA:15:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEE9QfYAXgMW4OJXbyJsIYiqFW8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/F699E354CF1211EF8F1D205BC4F9AE02/aEE9QfYAXgMW4OJXbyJsIYiqFW8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:61:89:b4:4c:25:92:33:26:dc:a0:58:5f:47:a2:98:a9:5c: d9:9a:2d:4f:df:ab:90:45:c1:35:2c:4d:ba:8c:db:f3:7b:d3: 18:b1:fe:2b:3b:51:9f:e0:f1:85:37:bd:d7:da:69:55:78:69: 78:95:88:98:f9:bb:1e:76:3a:da:1c:ff:93:b9:ca:1e:b3:e8: 58:86:3d:f4:d6:74:c1:68:75:22:12:ba:4d:13:dc:98:e1:01: 8e:0a:51:83:2d:1e:06:2d:72:35:e7:5e:6d:83:6b:76:61:0f: 28:03:65:8e:83:f4:50:28:fa:52:38:9f:e4:39:5f:8e:42:cb: 3b:c9:48:e8:81:70:34:6c:32:a6:e8:b1:78:c8:03:b9:40:98: 2f:8a:db:b6:3a:16:e3:15:97:99:14:b1:09:36:eb:50:c9:31: 06:f8:40:0b:a2:ed:ea:42:e1:39:66:ca:d7:77:84:3c:69:96: 10:cd:32:c6:e0:95:24:eb:80:53:49:b4:d6:b9:63:f2:d4:f9: 53:6e:65:a7:80:3f:a9:b0:2b:0f:07:47:9e:67:5e:2e:1e:8a: 67:f5:a6:cb:28:78:8b:1e:32:2c:f3:e7:44:6c:f2:9b:d4:04: b5:7b:78:bf:ba:2d:fe:29:80:1b:ca:8d:9f:04:2d:d4:96:79: 68:98:1d:23 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Q0E4MjExMC8GA1UEBRMoNjg0MTNENDFGNjAwNUUwMzE2RTBFMjU3NkYyMjZDMjE4 OEFBMTU2RjAeFw0yNTA4MjIyMzA2MzhaFw0yNTA4MjkyMzA2MzhaMBgxFjAUBgNV BAMTDTY4YThmN2ZlLWM3YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDK0T+czySyA1aKQ8QhUchGoJ5YcKc8u875vNnXIx3y8y//6hAl7/AnDDL/x5D7 E0mN8zN/aSxUeku7nT0PULmm0pQeWvlrnNyMQPFD8vsV4mCwRXku1IIBa39YG9tv nogd+/k1uHIyD9WWF3oWqunWHes2FCcod7tLQaA07Q26eCWs5f9UHFpdIQ7Dfg7w s5Q6RIEP918Qo0PeFzEm9CMgs3wCO1AZaKlDwZa0eopOBh0wnUoJJiG207RfS+f0 LkUIa1ldbS+6/3swoy0tkvD++nxVcF5JPzjXvCtHlTcUCqjqOGw9xhgm7Jv/jTC2 G+INlpahjoto1j2TBhToklbDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU16LhuDHi GQNws92GzibweqpuaSwwHwYDVR0jBBgwFoAUaEE9QfYAXgMW4OJXbyJsIYiqFW8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQTgyL0Y2OTlFMzU0Q0Yx MjExRUY4RjFEMjA1QkM0RjlBRTAyL2FFRTlRZllBWGdNVzRPSlhieUpzSVlpcUZX OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYUVFOVFmWUFYZ01XNE9KWGJ5SnNJWWlxRlc4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFD QTgyL0Y2OTlFMzU0Q0YxMjExRUY4RjFEMjA1QkM0RjlBRTAyL2FFRTlRZllBWGdN VzRPSlhieUpzSVlpcUZXOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACxhibRMJZIzJtygWF9HopipXNmaLU/fq5BFwTUsTbqM2/N70xix/is7 UZ/g8YU3vdfaaVV4aXiViJj5ux52Otoc/5O5yh6z6FiGPfTWdMFodSISuk0T3Jjh AY4KUYMtHgYtcjXnXm2Da3ZhDygDZY6D9FAo+lI4n+Q5X45CyzvJSOiBcDRsMqbo sXjIA7lAmC+K27Y6FuMVl5kUsQk261DJMQb4QAui7epC4Tlmytd3hDxplhDNMsbg lSTrgFNJtNa5Y/LU+VNuZaeAP6mwKw8HR55nXi4eimf1pssoeIseMizz50Rs8pvU BLV7eL+6Lf4pgBvKjZ8ELdSWeWiYHSM= -----END CERTIFICATE-----Generated at Sat Aug 23 16:37:41 2025 by rpki-client