$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft File: dmXig10WAIXjHsJFIi1LL35IRAk.mft (raw, json) Hash identifier: kIN6iEllJSD37FDp+EXKxhG/Zj1W+DxZJSxwG6xnNeU= Subject key identifier: BC:99:3C:4A:D4:A0:06:B0:2E:77:A6:90:7C:ED:CA:64:7C:0B:47:A7 Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft Manifest number: 37 Signing time: Sat 23 Aug 2025 07:50:20 +0000 Manifest this update: Sat 23 Aug 2025 07:50:20 +0000 Manifest next update: Sat 30 Aug 2025 07:50:20 +0000 Files and hashes: 1: dmXig10WAIXjHsJFIi1LL35IRAk.crl (hash: n1Qj1hbpC6mafv09wkao/4EvDnRzDRU+iirvmzoH9+s=) 2: CAE10F4030E111F09B76D311C4F9AE02.roa (hash: 4EnYQ2VSNQD0o3dL265fkKkyLcx5j9mcOc/dYLCsIwo=) 3: 570B12E0562611F09F085F44C4F9AE02.roa (hash: CaHNy+5XgMUOPof5CFjhIu8D1eRPSffz8Arg3q0Y77U=) 4: CA5B991430E111F09B76D311C4F9AE02.roa (hash: KDnCMQ2nRjU0Va+lifX6vSdvj7g5AOqm8qx3ZCAL398=) 5: CB4E186A30E111F09B76D311C4F9AE02.roa (hash: xPkqxoVSxyXeKSaq5jtn4/m5jr8BJckiAgNe5WWb60U=) 6: CC3E7A3A30E111F09B76D311C4F9AE02.roa (hash: qvmxAIblo8LoVtJQCEVB0mOCUBhb2PQ/53hCphSqwWE=) 7: CBDD09E430E111F09B76D311C4F9AE02.roa (hash: fV/0Vo51myrGthfe3wjSyvx/kYCAyZZZpPfFqvBV/w4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Validity Not Before: Aug 23 07:50:20 2025 GMT Not After : Aug 30 07:50:20 2025 GMT Subject: CN=68a972bc-41e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:15:c9:06:fb:c3:1d:fe:e6:14:ab:e9:cc:5b: 8a:b3:5b:6e:2b:82:6b:3e:b1:a3:32:7f:ce:b0:36: 86:1e:24:2f:63:6e:fb:1f:1b:c2:e0:1a:50:cc:7b: d1:47:57:9f:01:88:ca:f2:ef:b7:cd:50:63:bf:17: 38:93:9d:18:ef:23:2f:89:9d:83:e1:4d:90:53:1b: c0:5f:f1:a6:0a:ed:26:8e:08:b4:08:94:b8:8a:5d: a9:21:30:fb:7f:f8:40:4c:db:62:e8:48:69:db:49: 3a:0d:08:92:d3:b1:2c:b5:54:6b:09:da:07:53:41: 03:16:46:df:d2:2c:d1:16:08:30:1b:cd:ef:4c:0c: d7:c7:65:01:69:cf:4f:c5:c0:5d:ed:b3:21:cd:5f: e2:47:22:53:42:ad:41:6e:4d:0a:16:83:d2:a8:4e: 27:f1:26:a3:4e:65:91:bd:c6:08:f4:cb:36:db:dc: 93:da:11:bb:9c:6d:f1:ee:71:bc:9b:29:fc:74:29: 5a:7c:ff:83:1b:a6:ee:88:ef:19:9e:cf:14:d4:d1: 2f:c2:7e:8e:31:4d:c6:b6:63:57:7f:a9:fb:5a:33: eb:b1:07:c3:a7:7c:06:bb:3b:3b:74:ba:55:cf:83: 27:23:1a:ac:32:a8:61:09:9c:07:45:5e:67:db:f2: c4:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:99:3C:4A:D4:A0:06:B0:2E:77:A6:90:7C:ED:CA:64:7C:0B:47:A7 X509v3 Authority Key Identifier: keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:71:05:af:81:05:35:32:4f:72:17:8b:22:53:d5:0f:cb:a8: d7:9a:a3:a8:b8:f6:a1:98:d4:75:07:03:89:dd:5e:2a:41:b8: 3b:2c:2a:12:b9:2e:36:4a:72:d8:a3:e9:c4:f9:76:bb:0a:f2: 9f:87:d5:0c:47:5d:d9:ed:ec:de:e9:7b:73:21:0c:67:72:48: 76:d1:53:8b:39:d6:df:0f:5a:86:ca:36:af:25:30:20:ec:6b: e4:a6:cf:a6:fa:70:24:77:eb:dd:e8:d1:c1:b1:1f:44:b0:fa: 2a:9a:62:84:67:09:b8:fb:e3:a1:51:c6:48:52:28:27:5a:3d: f0:b4:85:89:db:f4:49:07:85:0a:ee:66:2b:78:6a:72:0a:00: 9f:4e:0c:37:81:d4:c2:b3:fc:6b:3f:92:1c:7c:2c:51:ae:f6: de:bb:ee:fc:64:22:02:e9:dc:ec:e0:46:e0:bb:3f:eb:44:72: 6b:df:31:03:11:50:31:fd:5d:96:f3:a9:d9:a0:26:94:b2:57: b2:73:a3:e1:a2:8e:0f:63:01:3b:90:5e:30:2b:d4:f9:84:8a: 60:2e:7d:99:95:1f:1f:be:2c:60:16:c8:05:74:a7:6e:2c:81: 69:1b:ba:dd:89:66:64:dc:5a:63:d9:a9:66:5f:81:d6:28:2b: ad:bc:b2:ab -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3 RTQ4NDQwOTAeFw0yNTA4MjMwNzUwMjBaFw0yNTA4MzAwNzUwMjBaMBgxFjAUBgNV BAMTDTY4YTk3MmJjLTQxZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCFckG+8Md/uYUq+nMW4qzW24rgms+saMyf86wNoYeJC9jbvsfG8LgGlDMe9FH V58BiMry77fNUGO/FziTnRjvIy+JnYPhTZBTG8Bf8aYK7SaOCLQIlLiKXakhMPt/ +EBM22LoSGnbSToNCJLTsSy1VGsJ2gdTQQMWRt/SLNEWCDAbze9MDNfHZQFpz0/F wF3tsyHNX+JHIlNCrUFuTQoWg9KoTifxJqNOZZG9xgj0yzbb3JPaEbucbfHucbyb Kfx0KVp8/4Mbpu6I7xmezxTU0S/Cfo4xTca2Y1d/qftaM+uxB8OnfAa7Ozt0ulXP gycjGqwyqGEJnAdFXmfb8sTnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvJk8StSg BrAud6aQfO3KZHwLR6cwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE RkM5LzhEMzVFODJFMzAyQzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlY akhzSkZJaTFMTDM1SVJBay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAJxBa+BBTUyT3IXiyJT1Q/LqNeao6i49qGY1HUHA4ndXipBuDssKhK5 LjZKctij6cT5drsK8p+H1QxHXdnt7N7pe3MhDGdySHbRU4s51t8PWobKNq8lMCDs a+Smz6b6cCR3693o0cGxH0Sw+iqaYoRnCbj746FRxkhSKCdaPfC0hYnb9EkHhQru Zit4anIKAJ9ODDeB1MKz/Gs/khx8LFGu9t677vxkIgLp3OzgRuC7P+tEcmvfMQMR UDH9XZbzqdmgJpSyV7Jzo+Gijg9jATuQXjAr1PmEimAufZmVHx++LGAWyAV0p24s gWkbut2JZmTcWmPZqWZfgdYoK628sqs= -----END CERTIFICATE-----Generated at Sat Aug 23 14:28:09 2025 by rpki-client