$ rpki-client -vvf rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.mft File: giq84EQXvhV7KDO6OwIw3iOEwkA.mft (raw, json) Hash identifier: VcH4BcJ2wKm2Oedog9xqbmEkbMryAq+cQFWStthcUlk= Subject key identifier: 44:4A:E8:63:8A:07:3A:83:B3:CD:98:1C:5E:DF:9D:C7:70:4B:F1:84 Authority key identifier: 82:2A:BC:E0:44:17:BE:15:7B:28:33:BA:3B:02:30:DE:23:84:C2:40 Certificate issuer: /CN=A911FCC1/serialNumber=822ABCE04417BE157B2833BA3B0230DE2384C240 Certificate serial: 0B8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/giq84EQXvhV7KDO6OwIw3iOEwkA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.mft Manifest number: 0B85 Signing time: Fri 22 Aug 2025 19:09:00 +0000 Manifest this update: Fri 22 Aug 2025 19:08:59 +0000 Manifest next update: Fri 29 Aug 2025 19:08:59 +0000 Files and hashes: 1: giq84EQXvhV7KDO6OwIw3iOEwkA.crl (hash: 4kgiMph6Bzt/JOaturJsOK3hMrD0nHx7vXq51N3W3E0=) 2: BFB35A9831E011EA91E99C3CC4F9AE02.roa (hash: 0GHCZ6nEXf3be8gydYVqGJhj2BigeoKuyRGIxasVxbo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.crl rsync://rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/giq84EQXvhV7KDO6OwIw3iOEwkA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2955 (0xb8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FCC1, serialNumber=822ABCE04417BE157B2833BA3B0230DE2384C240 Validity Not Before: Aug 22 19:08:59 2025 GMT Not After : Aug 29 19:08:59 2025 GMT Subject: CN=68a8c04c-77c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:81:7c:f5:a5:4b:15:76:88:b0:b4:96:09:5c: 81:70:13:23:30:34:8e:d2:77:3f:15:66:70:c4:0a: a4:94:3a:26:35:91:a9:70:96:f9:7c:f8:84:93:c7: 19:35:b5:bb:4b:2b:ce:8c:f2:6d:33:ca:78:29:a6: ac:7e:21:cc:7c:ac:9e:99:69:f8:4c:a8:53:ba:f6: 28:4d:af:5c:fc:8d:6d:33:88:d6:13:12:a6:9e:c9: 90:9c:43:f9:d0:a8:ae:27:71:28:fa:9d:20:b8:73: aa:db:5e:78:77:76:9a:a4:4c:66:1c:49:3e:31:47: f0:02:b2:6d:e4:b7:e2:3e:60:e9:87:97:e6:6f:13: 2f:59:c9:e8:69:91:32:6d:fa:8f:df:38:a8:5b:b4: e1:d4:0c:c5:42:96:c8:ff:67:b3:49:9f:c2:e6:cc: 2c:c9:7d:39:e1:9e:74:05:1a:47:40:18:cf:1b:de: c9:63:89:f2:96:2d:0f:5a:17:a1:ae:c8:c8:08:e5: 34:52:48:ea:93:52:10:32:52:99:4c:d9:d5:8c:26: 05:7d:c7:6e:8c:13:e5:40:83:bd:33:30:0f:77:61: 4f:80:89:af:f1:7f:12:09:2f:e4:71:66:ae:e9:bc: a8:ce:44:9e:f2:57:d7:a7:b8:ca:2f:be:ff:5f:36: eb:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:4A:E8:63:8A:07:3A:83:B3:CD:98:1C:5E:DF:9D:C7:70:4B:F1:84 X509v3 Authority Key Identifier: keyid:82:2A:BC:E0:44:17:BE:15:7B:28:33:BA:3B:02:30:DE:23:84:C2:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/giq84EQXvhV7KDO6OwIw3iOEwkA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FCC1/1498FC9E31E011EA837BDE3BC4F9AE02/giq84EQXvhV7KDO6OwIw3iOEwkA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:ff:80:b0:3c:8b:27:de:c3:a0:45:13:ee:fd:55:f3:84:df: 93:51:02:70:aa:63:13:fb:f3:c9:33:13:4f:c3:02:2b:96:db: ce:44:f3:f9:81:1d:77:b0:0b:6c:0e:67:d3:25:95:7c:db:90: 62:2b:d6:63:5f:95:4c:c7:5d:4b:df:1a:cb:22:0d:b6:12:bf: 67:64:25:a2:c8:82:5c:9d:3f:c2:23:be:c3:6f:0f:3d:2d:b2: 62:5e:a8:47:fc:57:aa:58:61:3f:f8:45:f2:2b:7e:35:95:e3: e6:6d:17:43:b6:cd:ea:ef:40:75:13:36:fd:65:6a:a6:1b:0c: 35:b1:79:89:ed:00:07:ae:cc:94:2a:7f:78:5a:29:f8:f5:62: 49:bd:f6:1f:be:17:b2:bc:22:2b:ed:13:c0:d6:32:44:ed:59: 1d:d1:be:23:be:dd:fc:6c:4c:75:70:23:e1:8b:d0:94:bb:7f: e0:a2:26:5c:31:ae:5b:92:29:83:44:4f:99:93:bc:2e:7c:e1: e8:90:06:5c:0b:00:bf:62:63:79:44:86:6a:de:47:34:2a:ef: f5:01:1a:b2:64:45:e2:86:44:80:77:5a:01:c3:72:c9:49:85: eb:36:83:60:bf:8f:87:10:87:57:49:2a:16:9a:67:ab:f2:bc: 12:e0:44:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZDQzExMTAvBgNVBAUTKDgyMkFCQ0UwNDQxN0JFMTU3QjI4MzNCQTNCMDIzMERF MjM4NEMyNDAwHhcNMjUwODIyMTkwODU5WhcNMjUwODI5MTkwODU5WjAYMRYwFAYD VQQDEw02OGE4YzA0Yy03N2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyoF89aVLFXaIsLSWCVyBcBMjMDSO0nc/FWZwxAqklDomNZGpcJb5fPiEk8cZ NbW7SyvOjPJtM8p4KaasfiHMfKyemWn4TKhTuvYoTa9c/I1tM4jWExKmnsmQnEP5 0KiuJ3Eo+p0guHOq2154d3aapExmHEk+MUfwArJt5LfiPmDph5fmbxMvWcnoaZEy bfqP3zioW7Th1AzFQpbI/2ezSZ/C5swsyX054Z50BRpHQBjPG97JY4nyli0PWheh rsjICOU0Ukjqk1IQMlKZTNnVjCYFfcdujBPlQIO9MzAPd2FPgImv8X8SCS/kcWau 6byozkSe8lfXp7jKL77/XzbrAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFERK6GOK BzqDs82YHF7fncdwS/GEMB8GA1UdIwQYMBaAFIIqvOBEF74VeygzujsCMN4jhMJA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkNDMS8xNDk4RkM5RTMx RTAxMUVBODM3QkRFM0JDNEY5QUUwMi9naXE4NEVRWHZoVjdLRE82T3dJdzNpT0V3 a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dpcTg0RVFYdmhWN0tETzZPd0l3M2lPRXdrQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RkNDMS8xNDk4RkM5RTMxRTAxMUVBODM3QkRFM0JDNEY5QUUwMi9naXE4NEVRWHZo VjdLRE82T3dJdzNpT0V3a0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAP/4CwPIsn3sOgRRPu/VXzhN+TUQJwqmMT+/PJMxNPwwIrltvORPP5 gR13sAtsDmfTJZV825BiK9ZjX5VMx11L3xrLIg22Er9nZCWiyIJcnT/CI77Dbw89 LbJiXqhH/FeqWGE/+EXyK341lePmbRdDts3q70B1Ezb9ZWqmGww1sXmJ7QAHrsyU Kn94Win49WJJvfYfvheyvCIr7RPA1jJE7Vkd0b4jvt38bEx1cCPhi9CUu3/goiZc Ma5bkimDRE+Zk7wufOHokAZcCwC/YmN5RIZq3kc0Ku/1ARqyZEXihkSAd1oBw3LJ SYXrNoNgv4+HEIdXSSoWmmer8rwS4EQ9 -----END CERTIFICATE-----Generated at Sun Aug 24 08:51:37 2025 by rpki-client