$ rpki-client -vvf rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft File: ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft (raw, json) Hash identifier: S2XM7Vn4zNz0SaRT0UaPIqhBhVvqQ7lydKulbkFtfAM= Subject key identifier: 68:6A:8A:75:2B:54:57:C8:0F:D9:56:B2:10:F7:34:AD:EA:7D:E5:43 Authority key identifier: 21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC Certificate issuer: /CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Certificate serial: 18D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft Manifest number: 18C7 Signing time: Fri 22 Aug 2025 16:34:31 +0000 Manifest this update: Fri 22 Aug 2025 16:34:30 +0000 Manifest next update: Fri 29 Aug 2025 16:34:30 +0000 Files and hashes: 1: ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl (hash: ooxY68Qmu2o2q/0/YJVmjS/IkA0Irx0YRaikqtRJqec=) 2: BD843CCE984011E79A256C82C4F9AE02.roa (hash: cv0ZUc0lebxpCeCaHLbic5zL6MtIPbL3843SH+qN9Dk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:34:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6352 (0x18d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912382E, serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Validity Not Before: Aug 22 16:34:30 2025 GMT Not After : Aug 29 16:34:30 2025 GMT Subject: CN=68a89c17-c8df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f2:70:f1:e8:9c:e8:e8:c4:cf:4f:7f:18:61: e6:25:dd:f7:a5:24:a4:bb:c0:35:72:85:7c:88:80: ff:60:5d:8c:80:4d:75:05:56:6a:4b:c6:04:8f:ae: bf:43:d2:ff:90:f5:e8:be:40:2d:87:7b:11:25:24: c0:c0:b2:96:d3:ea:48:60:3d:83:e5:e2:38:f8:bb: 3e:fc:99:57:70:87:f0:ee:fa:00:bf:2d:ae:3a:ec: 49:97:80:83:a4:7a:48:ec:0c:0f:70:1c:1f:07:b7: ac:5f:01:6e:d3:c3:90:84:eb:f6:b0:c2:ac:0b:c0: d6:ff:4d:91:30:1f:25:62:01:49:5c:56:4d:e8:88: 26:82:b5:5b:01:b6:4c:75:46:5d:90:fd:9b:bf:5d: 3e:8e:85:a2:5c:e4:2d:6d:52:59:9e:0f:85:1e:ea: 59:5d:af:1e:37:41:9a:e4:3f:d3:f2:a0:5d:ab:51: 00:e9:44:9a:68:4d:e5:67:9b:5b:58:45:c2:14:60: af:ba:1d:9e:53:23:3f:17:18:2c:ce:ae:6b:0e:a5: f0:10:19:fc:40:3c:b7:0f:af:54:7e:7f:b5:9e:1f: ff:0d:25:12:8e:08:01:34:67:8e:33:11:dc:cc:46: ea:0a:b2:89:b7:e3:02:88:b8:73:29:62:29:6e:08: 35:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:6A:8A:75:2B:54:57:C8:0F:D9:56:B2:10:F7:34:AD:EA:7D:E5:43 X509v3 Authority Key Identifier: keyid:21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:fd:8e:b5:c8:90:b4:38:c2:ee:79:cb:7c:64:bc:c6:87:fe: 19:e2:98:99:ab:cb:67:88:f2:9c:31:ee:cb:96:37:87:3c:92: fd:bb:e2:fe:12:1e:54:ed:69:73:a3:61:9d:f1:62:64:ee:a4: 3e:06:b1:72:71:ef:6d:8c:90:35:36:fd:20:d0:60:e7:e5:b1: ec:dc:9e:e1:96:0c:cd:00:f6:cf:88:1e:ae:3d:5a:cf:c1:c1: 81:a8:96:8f:8a:af:3c:66:da:10:f2:06:7a:a7:fb:57:71:9a: 92:7a:b2:be:c0:89:c3:0e:f2:01:6c:59:f9:18:c2:81:15:ac: 30:da:78:c8:c5:42:68:bb:66:da:f5:56:e9:d8:86:f3:cf:83: f0:f7:49:48:0a:c3:24:5d:6a:3b:ea:ad:4d:ba:82:4f:9c:88: db:27:e2:53:3a:66:9e:21:5c:43:71:d4:97:54:e1:dd:50:48: 5c:81:05:3d:53:a4:0e:1f:39:f7:2a:38:62:57:f4:66:62:6b: d2:52:d1:6c:70:3d:88:ae:ce:ba:c7:8d:e4:56:7e:9f:1f:9e: 73:d2:6f:c7:07:a5:7c:f9:9e:6e:09:09:70:8b:41:66:13:52: b9:cc:ca:28:e9:8f:59:c5:36:3d:f5:38:81:25:4d:59:3a:43: e5:88:74:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4MkUxMTAvBgNVBAUTKDIxMzQzNkJBMjNBOUFGMjUwQkYyNURERUE1MEM3NjIy MTlGOTA2QkMwHhcNMjUwODIyMTYzNDMwWhcNMjUwODI5MTYzNDMwWjAYMRYwFAYD VQQDEw02OGE4OWMxNy1jOGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyvJw8eic6OjEz09/GGHmJd33pSSku8A1coV8iID/YF2MgE11BVZqS8YEj66/ Q9L/kPXovkAth3sRJSTAwLKW0+pIYD2D5eI4+Ls+/JlXcIfw7voAvy2uOuxJl4CD pHpI7AwPcBwfB7esXwFu08OQhOv2sMKsC8DW/02RMB8lYgFJXFZN6IgmgrVbAbZM dUZdkP2bv10+joWiXOQtbVJZng+FHupZXa8eN0Ga5D/T8qBdq1EA6USaaE3lZ5tb WEXCFGCvuh2eUyM/Fxgszq5rDqXwEBn8QDy3D69Ufn+1nh//DSUSjggBNGeOMxHc zEbqCrKJt+MCiLhzKWIpbgg1kQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGhqinUr VFfID9lWshD3NK3qfeVDMB8GA1UdIwQYMBaAFCE0Nrojqa8lC/Jd3qUMdiIZ+Qa8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgyRS8zMTFFQUM1Njk4 NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5VUw4bDNlcFF4MklobjVC cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lUUTJ1aU9wcnlVTDhsM2VwUXgySWhuNUJydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgyRS8zMTFFQUM1Njk4NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5 VUw4bDNlcFF4MklobjVCcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5/Y61yJC0OMLuect8ZLzGh/4Z4piZq8tniPKcMe7LljeHPJL9u+L+ Eh5U7Wlzo2Gd8WJk7qQ+BrFyce9tjJA1Nv0g0GDn5bHs3J7hlgzNAPbPiB6uPVrP wcGBqJaPiq88ZtoQ8gZ6p/tXcZqSerK+wInDDvIBbFn5GMKBFaww2njIxUJou2ba 9Vbp2Ibzz4Pw90lICsMkXWo76q1NuoJPnIjbJ+JTOmaeIVxDcdSXVOHdUEhcgQU9 U6QOHzn3KjhiV/RmYmvSUtFscD2Irs66x43kVn6fH55z0m/HB6V8+Z5uCQlwi0Fm E1K5zMoo6Y9ZxTY99TiBJU1ZOkPliHQY -----END CERTIFICATE-----Generated at Sat Aug 23 22:16:44 2025 by rpki-client