$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: mF+q+EjbU6AnO5jTXom6c7UZJ87Q3ZJS+TI0alzUQCs= Subject key identifier: 7B:19:66:0D:36:DD:D0:B4:8A:42:68:3C:AC:CF:B9:2B:72:6A:23:7F Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 0209 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 01FD Signing time: Sat 23 Aug 2025 02:37:33 +0000 Manifest this update: Sat 23 Aug 2025 02:37:33 +0000 Manifest next update: Sat 30 Aug 2025 02:37:33 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: oUxnXgxpygXuoWPSTg7sEdSmAYqDtjFcCOu/QS4sT5k=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:37:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2, serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Validity Not Before: Aug 23 02:37:33 2025 GMT Not After : Aug 30 02:37:33 2025 GMT Subject: CN=68a9296d-1ae0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f3:d1:8d:84:95:11:e2:c9:4c:ab:1b:05:e2: f0:00:3d:d3:61:c9:f3:93:58:b1:53:e3:f8:5e:65: 42:9b:9b:cd:9b:d7:28:d9:fc:b8:73:50:f8:8c:bb: 0e:99:fa:d4:51:b1:a6:04:88:a9:a8:80:ad:36:bb: 29:48:ef:a1:48:e6:74:e0:a0:d8:2a:55:ed:4b:8c: 79:2a:64:a0:63:4f:d0:b3:19:0c:ad:ce:e7:c3:34: bd:fe:37:c2:1a:a1:d2:80:d2:ce:35:1c:0a:20:99: ea:12:52:cf:c9:e7:c1:09:7f:77:a7:a4:6d:e9:6d: 65:51:3a:fc:78:3e:34:7d:30:fc:1f:db:d1:10:fb: b0:1c:59:09:9e:f1:38:76:56:35:d7:35:d3:5a:b7: da:4d:02:de:40:8d:7c:f1:27:9a:43:dc:36:35:cd: 5b:b8:18:78:b1:2e:17:a5:e2:96:c3:37:86:03:85: e3:b4:17:c0:6a:47:8d:4d:a3:91:d3:c1:f7:d4:74: c0:1b:83:37:cd:23:ec:14:4d:7a:21:42:41:d4:68: 90:19:80:ab:5c:d2:0d:d7:8c:86:a5:82:bf:7f:7a: 3f:a9:e3:03:9e:c4:02:b9:6a:5d:c1:7c:49:fb:72: a4:a0:13:4b:6f:a8:54:2d:cf:27:8b:e4:4f:2c:dc: fd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:19:66:0D:36:DD:D0:B4:8A:42:68:3C:AC:CF:B9:2B:72:6A:23:7F X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:74:ae:d9:8f:d5:c1:7d:41:db:d0:30:73:25:a6:48:dd:1b: 0b:34:d2:c2:69:b5:7b:d5:54:da:6d:21:ca:3a:04:0c:28:27: a4:11:20:61:b0:58:4b:bd:d2:f4:62:02:ac:2a:4f:3d:52:84: 78:d4:5f:ba:aa:48:a1:63:2f:71:2f:c1:bb:d9:b4:05:ef:e6: da:ad:64:b8:8d:09:b7:2b:f0:1e:2f:27:af:cc:85:42:ce:ef: fc:f2:2e:06:10:f3:e4:fb:d4:20:aa:43:16:3b:12:92:fa:68: 03:3f:a5:e6:d2:39:43:88:ea:96:00:db:0b:92:dc:07:8f:64: 65:ab:01:0f:e0:8a:a7:5b:0b:f8:7d:10:e9:74:1e:a4:a9:cf: aa:2d:38:aa:40:d0:8d:2a:88:f5:a6:93:96:23:70:74:d0:89: 24:fd:3a:41:a6:02:ec:e4:32:a0:01:fc:fb:28:46:b4:1d:12: ef:7a:21:45:88:42:18:06:97:dd:5d:04:d0:b1:fe:94:9e:26: c7:79:53:f6:36:e0:b8:bf:7f:63:8b:28:68:5b:21:9d:74:79: da:8e:ed:79:20:6b:8c:c7:21:55:01:36:98:75:39:66:22:21: 13:e1:8d:02:71:c0:f5:99:fc:7b:00:62:e3:49:89:83:b2:ad: 07:b9:bc:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUwODIzMDIzNzMzWhcNMjUwODMwMDIzNzMzWjAYMRYwFAYD VQQDEw02OGE5Mjk2ZC0xYWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtPPRjYSVEeLJTKsbBeLwAD3TYcnzk1ixU+P4XmVCm5vNm9co2fy4c1D4jLsO mfrUUbGmBIipqICtNrspSO+hSOZ04KDYKlXtS4x5KmSgY0/QsxkMrc7nwzS9/jfC GqHSgNLONRwKIJnqElLPyefBCX93p6Rt6W1lUTr8eD40fTD8H9vREPuwHFkJnvE4 dlY11zXTWrfaTQLeQI188SeaQ9w2Nc1buBh4sS4XpeKWwzeGA4XjtBfAakeNTaOR 08H31HTAG4M3zSPsFE16IUJB1GiQGYCrXNIN14yGpYK/f3o/qeMDnsQCuWpdwXxJ +3KkoBNLb6hULc8ni+RPLNz9IwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHsZZg02 3dC0ikJoPKzPuStyaiN/MB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEdK7Zj9XBfUHb0DBzJaZI3RsLNNLCabV71VTabSHKOgQMKCekESBh sFhLvdL0YgKsKk89UoR41F+6qkihYy9xL8G72bQF7+barWS4jQm3K/AeLyevzIVC zu/88i4GEPPk+9QgqkMWOxKS+mgDP6Xm0jlDiOqWANsLktwHj2RlqwEP4IqnWwv4 fRDpdB6kqc+qLTiqQNCNKoj1ppOWI3B00Ikk/TpBpgLs5DKgAfz7KEa0HRLveiFF iEIYBpfdXQTQsf6UnibHeVP2NuC4v39jiyhoWyGddHnaju15IGuMxyFVATaYdTlm IiET4Y0CccD1mfx7AGLjSYmDsq0Hubxm -----END CERTIFICATE-----Generated at Sun Aug 24 00:15:40 2025 by rpki-client