$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft File: imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft (raw, json) Hash identifier: esXmW15Q+/Ddhl/1CUwPXC5mb/GmGgbjdcTJY1R2Oqs= Subject key identifier: BE:03:61:FB:BB:C1:9A:C5:22:93:48:F0:1C:2E:44:A0:15:CE:4A:A6 Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2DBC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft Manifest number: 2D51 Signing time: Fri 22 Aug 2025 15:33:53 +0000 Manifest this update: Fri 22 Aug 2025 15:33:52 +0000 Manifest next update: Fri 29 Aug 2025 15:33:52 +0000 Files and hashes: 1: imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl (hash: cvNbeH41l26Rnci2qijNOtq4whxd6Mcr4d6H6w46RWg=) 2: 3E0A6ED49E7B11EFBD44280AC4F9AE02.roa (hash: arjppb8o0dAo/PmRzQByMlM088vFXvA0RnVconCK+zU=) 3: 4221CE240EC211EB9F6B1914C4F9AE02.roa (hash: fUhNa2zvGR6tljYmicsoP8kxi9R8oyVSsotkZ+dJbwI=) 4: EAB11C569E7A11EF9C2A9E09C4F9AE02.roa (hash: S4ikhB4wQjYJoUuGIHYvTR4A3rR63MmfA1fRonhKGKU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:33:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11708 (0x2dbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: Aug 22 15:33:52 2025 GMT Not After : Aug 29 15:33:52 2025 GMT Subject: CN=68a88de0-a22b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7c:fc:1f:b1:54:d0:0b:c8:6e:5c:9e:93:e2: 06:fc:40:5a:ab:db:4a:36:d4:a5:1a:1a:a6:31:08: 4d:8d:1b:be:9d:bc:93:02:39:cf:3d:50:a1:bf:cf: 98:25:66:40:59:0f:6c:23:01:bf:53:6a:55:7a:b2: 8d:2a:5d:b7:91:bb:91:cf:f0:c3:50:28:cd:e5:af: 92:38:2e:d9:59:2a:08:e3:a9:d2:94:c8:18:f3:00: 0b:82:4d:e9:1b:3a:f4:1b:cb:61:86:99:5a:44:d4: 5f:94:7b:92:ab:e5:53:b1:01:3a:96:a3:dc:37:f8: c0:f3:f8:6b:a4:3a:38:53:c2:a8:6a:36:03:30:77: 65:00:1c:9f:05:73:a1:04:fd:47:08:2e:20:83:bc: 8e:ee:46:84:e4:a7:4f:d7:bc:b8:a3:b6:c4:b5:b5: 0d:22:c2:da:6b:86:ad:30:53:55:66:9b:5e:96:37: ef:7c:46:ab:ca:2d:6f:dc:1e:b2:7a:b9:87:14:a7: 90:21:c0:59:2b:c1:f7:0d:cd:16:07:e0:75:4f:ee: f5:d6:98:bf:29:e7:cf:c4:0a:23:05:e7:bb:23:d7: b5:f1:84:b6:20:df:55:ac:82:fd:12:f7:1c:6c:ff: 91:df:8a:b0:c4:bf:23:77:b0:f1:0e:79:82:2d:4c: 81:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:03:61:FB:BB:C1:9A:C5:22:93:48:F0:1C:2E:44:A0:15:CE:4A:A6 X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d6:66:64:9a:24:6c:b8:18:1f:da:f4:13:58:8a:66:e5:8a:0f: 1f:0d:fe:b8:02:7a:e8:16:2a:3b:ff:ed:32:78:63:97:33:45: 36:7b:cc:0a:3a:8d:f2:27:51:ad:cd:fe:74:aa:54:43:6e:67: 9b:ab:57:0a:9e:8a:d1:02:0b:c1:ec:38:7a:76:8c:a5:6a:a7: e7:6e:1f:45:3c:cb:42:18:8c:a3:c8:07:39:05:12:c2:35:98: c7:08:37:45:3b:63:57:31:b3:58:30:ad:49:74:04:09:42:cd: 08:02:8f:14:06:2b:0e:c9:93:cd:ad:22:6c:c8:17:03:c6:51: 9c:a3:40:75:67:f3:3f:f4:65:34:fe:87:01:2b:f8:76:3e:ad: af:c7:cd:5f:2d:44:65:3f:cf:2a:d9:f5:d4:84:41:c4:34:3a: 23:06:d8:1e:d6:e4:3d:c3:40:46:1f:11:8c:cd:12:74:24:58: 40:f1:6e:11:9e:cb:88:96:09:67:4d:fd:74:6f:6b:8c:03:2c: e0:18:a4:4d:e2:5c:86:c4:d1:df:c5:18:1c:cd:87:b5:99:af: 91:0d:53:45:4b:e0:fd:3e:a8:ad:77:07:83:37:8f:ff:a4:d7: 58:bf:69:28:0f:f8:d9:ff:fa:d6:13:56:b4:d8:e9:47:0b:db: fb:f0:05:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjUwODIyMTUzMzUyWhcNMjUwODI5MTUzMzUyWjAYMRYwFAYD VQQDEw02OGE4OGRlMC1hMjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApXz8H7FU0AvIblyek+IG/EBaq9tKNtSlGhqmMQhNjRu+nbyTAjnPPVChv8+Y JWZAWQ9sIwG/U2pVerKNKl23kbuRz/DDUCjN5a+SOC7ZWSoI46nSlMgY8wALgk3p Gzr0G8thhplaRNRflHuSq+VTsQE6lqPcN/jA8/hrpDo4U8KoajYDMHdlAByfBXOh BP1HCC4gg7yO7kaE5KdP17y4o7bEtbUNIsLaa4atMFNVZpteljfvfEaryi1v3B6y ermHFKeQIcBZK8H3Dc0WB+B1T+711pi/KefPxAojBee7I9e18YS2IN9VrIL9Evcc bP+R34qwxL8jd7DxDnmCLUyBDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4DYfu7 wZrFIpNI8BwuRKAVzkqmMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzUyMy8xMkI5OTdFODlBRTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01k RDBkanBOdmRYVXpBSDlaTUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDWZmSaJGy4GB/a9BNYimblig8fDf64AnroFio7/+0yeGOXM0U2e8wK Oo3yJ1Gtzf50qlRDbmebq1cKnorRAgvB7Dh6doylaqfnbh9FPMtCGIyjyAc5BRLC NZjHCDdFO2NXMbNYMK1JdAQJQs0IAo8UBisOyZPNrSJsyBcDxlGco0B1Z/M/9GU0 /ocBK/h2Pq2vx81fLURlP88q2fXUhEHENDojBtge1uQ9w0BGHxGMzRJ0JFhA8W4R nsuIlglnTf10b2uMAyzgGKRN4lyGxNHfxRgczYe1ma+RDVNFS+D9PqitdweDN4// pNdYv2koD/jZ//rWE1a02OlHC9v78AUw -----END CERTIFICATE-----Generated at Sat Aug 23 09:18:33 2025 by rpki-client