$ rpki-client -vvf rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.mft File: aCDlNpQmEvNLA3PdH3ftI0_981w.mft (raw, json) Hash identifier: z4hS8dPmuqko/BJKtM/gr7WYdcB0kLBIlX+SYXMtZLg= Subject key identifier: DD:B1:24:02:35:5B:F7:46:75:CE:F4:4E:46:D8:25:27:F3:BC:09:8A Authority key identifier: 68:20:E5:36:94:26:12:F3:4B:03:73:DD:1F:77:ED:23:4F:FD:F3:5C Certificate issuer: /CN=A911F8C9/serialNumber=6820E536942612F34B0373DD1F77ED234FFDF35C Certificate serial: 0471 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aCDlNpQmEvNLA3PdH3ftI0_981w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.mft Manifest number: 046A Signing time: Sat 23 Aug 2025 00:23:23 +0000 Manifest this update: Sat 23 Aug 2025 00:23:22 +0000 Manifest next update: Sat 30 Aug 2025 00:23:22 +0000 Files and hashes: 1: aCDlNpQmEvNLA3PdH3ftI0_981w.crl (hash: usvCTtp+D+9oq9sk+ffsatnEMdckD4JsDqzSQwTG2As=) 2: 0DC4BC0C5CDE11ECB486850FC4F9AE02.roa (hash: 252kB+fX+BBhzn4gsCNSBIXgmIL37+s/mdPS5IK/AQY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.crl rsync://rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aCDlNpQmEvNLA3PdH3ftI0_981w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:23:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1137 (0x471) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F8C9, serialNumber=6820E536942612F34B0373DD1F77ED234FFDF35C Validity Not Before: Aug 23 00:23:22 2025 GMT Not After : Aug 30 00:23:22 2025 GMT Subject: CN=68a909fa-dded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c2:e4:0b:f5:5c:d3:51:ed:8f:7f:6a:d1:2c: a2:fd:3d:6e:47:dc:ee:06:59:8a:cb:25:57:11:5e: 54:2a:5a:1c:cb:0e:fe:69:39:84:d4:31:72:87:f0: 9d:18:24:f3:b2:62:f4:2a:79:4a:0f:b9:0b:c4:57: 62:91:fc:4a:b2:c1:d9:45:52:30:fe:45:81:f0:c6: 97:43:00:02:97:76:8f:19:bb:2d:2d:2e:4e:23:0c: 1e:8a:b4:96:ce:9e:97:46:da:ba:be:a2:10:72:e6: 68:92:7d:fb:c3:61:83:cf:d6:d5:ee:14:3c:4f:74: 06:c4:4c:29:5f:78:e2:1a:7a:39:e7:f8:7e:cf:43: 47:96:e2:32:75:9b:29:0b:ac:1e:e7:fe:59:88:65: 9d:e1:87:30:11:ea:ab:d0:2f:b7:41:93:f7:fd:36: 7c:56:c6:8a:3d:35:b8:25:09:4f:7d:b0:df:de:12: 67:bd:ed:ae:32:45:4d:fb:c5:a6:1b:14:7f:3d:c7: ec:f1:95:b9:45:81:12:0e:8c:92:d0:71:ac:a6:18: 14:16:ea:a0:6e:22:c0:b1:af:fb:59:7c:c3:45:e7: fc:ea:74:2f:6c:a8:2a:ff:3d:1d:24:7b:40:1a:cb: 31:d1:d3:80:d3:94:f5:18:1d:39:3e:f5:f3:3d:31: 13:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B1:24:02:35:5B:F7:46:75:CE:F4:4E:46:D8:25:27:F3:BC:09:8A X509v3 Authority Key Identifier: keyid:68:20:E5:36:94:26:12:F3:4B:03:73:DD:1F:77:ED:23:4F:FD:F3:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aCDlNpQmEvNLA3PdH3ftI0_981w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F8C9/4B4D712A5CDB11ECBD54F70CC4F9AE02/aCDlNpQmEvNLA3PdH3ftI0_981w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:47:3d:10:45:64:0b:32:5e:a7:63:77:33:4b:26:26:93:80: 42:c7:aa:fb:ce:87:25:b3:9b:1e:3c:ed:a1:3d:34:20:c0:d3: 77:c8:95:c1:0a:68:b0:6a:69:1f:c6:fd:6b:4e:48:85:7b:02: 3a:7a:ff:42:e5:cd:a4:83:49:82:37:73:fe:e8:24:1d:70:3c: 34:3a:01:c4:bc:ec:5e:dd:72:60:cc:cf:41:e5:37:8b:0b:50: 90:cd:f1:5b:b4:f5:ba:80:27:72:42:7d:c8:8c:5c:4c:7d:b7: 5c:6f:f7:7d:46:4f:4f:b4:1a:63:fd:43:cd:b3:ee:65:2d:68: 57:14:88:7e:08:06:97:a4:13:85:e6:d0:1a:9b:9b:5b:a1:31: c9:c4:db:12:3d:1e:61:a9:68:a7:82:fd:15:d8:56:f1:81:b2: 8f:39:37:6b:a9:d0:30:3b:0a:a6:16:af:93:44:e2:8b:60:1c: eb:98:60:9f:c8:2a:b4:43:a5:37:e5:83:61:0c:62:de:5c:8d: 50:10:64:c3:e1:d2:58:1a:73:41:04:5c:70:d9:b0:45:2d:05: f1:7d:82:18:67:e1:b5:c8:a0:9c:76:9f:77:54:df:0e:6d:d9: ff:5a:f2:77:0a:a2:91:b1:56:fe:fd:2a:56:a0:73:02:a8:85: fd:a3:a3:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUY4QzkxMTAvBgNVBAUTKDY4MjBFNTM2OTQyNjEyRjM0QjAzNzNERDFGNzdFRDIz NEZGREYzNUMwHhcNMjUwODIzMDAyMzIyWhcNMjUwODMwMDAyMzIyWjAYMRYwFAYD VQQDEw02OGE5MDlmYS1kZGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6sLkC/Vc01Htj39q0Syi/T1uR9zuBlmKyyVXEV5UKlocyw7+aTmE1DFyh/Cd GCTzsmL0KnlKD7kLxFdikfxKssHZRVIw/kWB8MaXQwACl3aPGbstLS5OIwweirSW zp6XRtq6vqIQcuZokn37w2GDz9bV7hQ8T3QGxEwpX3jiGno55/h+z0NHluIydZsp C6we5/5ZiGWd4YcwEeqr0C+3QZP3/TZ8VsaKPTW4JQlPfbDf3hJnve2uMkVN+8Wm GxR/Pcfs8ZW5RYESDoyS0HGsphgUFuqgbiLAsa/7WXzDRef86nQvbKgq/z0dJHtA Gssx0dOA05T1GB05PvXzPTETRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN2xJAI1 W/dGdc70TkbYJSfzvAmKMB8GA1UdIwQYMBaAFGgg5TaUJhLzSwNz3R937SNP/fNc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjhDOS80QjRENzEyQTVD REIxMUVDQkQ1NEY3MENDNEY5QUUwMi9hQ0RsTnBRbUV2TkxBM1BkSDNmdEkwXzk4 MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FDRGxOcFFtRXZOTEEzUGRIM2Z0STBfOTgxdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RjhDOS80QjRENzEyQTVDREIxMUVDQkQ1NEY3MENDNEY5QUUwMi9hQ0RsTnBRbUV2 TkxBM1BkSDNmdEkwXzk4MXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYRz0QRWQLMl6nY3czSyYmk4BCx6r7zocls5sePO2hPTQgwNN3yJXB Cmiwamkfxv1rTkiFewI6ev9C5c2kg0mCN3P+6CQdcDw0OgHEvOxe3XJgzM9B5TeL C1CQzfFbtPW6gCdyQn3IjFxMfbdcb/d9Rk9PtBpj/UPNs+5lLWhXFIh+CAaXpBOF 5tAam5tboTHJxNsSPR5hqWingv0V2FbxgbKPOTdrqdAwOwqmFq+TROKLYBzrmGCf yCq0Q6U35YNhDGLeXI1QEGTD4dJYGnNBBFxw2bBFLQXxfYIYZ+G1yKCcdp93VN8O bdn/WvJ3CqKRsVb+/SpWoHMCqIX9o6PI -----END CERTIFICATE-----Generated at Sun Aug 24 04:58:37 2025 by rpki-client