$ rpki-client -vvf rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft File: DDegHLYzYjRPtzlnYP2U2cm5fHo.mft (raw, json) Hash identifier: /lLuzN1fY37QrhnqusRyNQ64zjDIaal6rokk9bGHSxE= Subject key identifier: 21:41:DA:6B:35:37:EA:E4:30:27:0A:2B:F2:33:B7:8A:2B:84:B2:E6 Authority key identifier: 0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A Certificate issuer: /CN=A912B64D/serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Certificate serial: 0175 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft Manifest number: 0173 Signing time: Sat 23 Aug 2025 03:53:06 +0000 Manifest this update: Sat 23 Aug 2025 03:53:05 +0000 Manifest next update: Sat 30 Aug 2025 03:53:05 +0000 Files and hashes: 1: DDegHLYzYjRPtzlnYP2U2cm5fHo.crl (hash: oa3AMBzn9Y34aoBK1Z+uzyMi5HIXcA9azNwqE7ZYrWQ=) 2: 865B3F7C467C11EEBDE3D43CC4F9AE02.roa (hash: MTq717nmucrc35Yd/8a9v/UNjUpnghaYXRqZ7x8/L7U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:53:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 373 (0x175) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B64D, serialNumber=0C37A01CB63362344FB7396760FD94D9C9B97C7A Validity Not Before: Aug 23 03:53:05 2025 GMT Not After : Aug 30 03:53:05 2025 GMT Subject: CN=68a93b21-41a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:7f:fd:8a:da:65:34:16:54:6e:04:67:1a:33: d0:5b:92:b8:d5:60:33:b7:af:1a:5f:54:0a:61:c9: 80:0a:ca:18:f9:e8:e8:aa:45:25:bf:61:8b:90:41: 7b:56:f9:af:d3:3e:b0:1e:60:45:9e:16:07:0a:1b: 7e:63:d9:a6:78:80:4f:23:24:50:d6:53:14:ed:82: 0c:5a:1f:84:cf:ac:95:a0:fa:4e:88:04:43:94:ea: c2:d9:ca:6a:d0:20:ba:5d:ff:2c:ca:a8:d2:dd:f8: f8:49:07:ed:6c:e1:ac:26:3b:5f:9a:ee:fd:55:89: 2c:93:60:33:c2:83:a4:26:da:10:84:d3:c3:aa:84: 2a:19:fc:d3:55:f5:67:d5:5f:47:7d:6d:04:b3:13: 98:ab:6f:b1:07:4c:92:89:67:95:95:32:e8:2a:99: ac:4f:d3:18:85:e2:ff:f7:5d:62:3a:20:4f:46:3f: 72:5e:79:8c:33:7e:e8:35:e6:b8:7f:b9:ae:e6:9b: b0:62:49:aa:f3:48:8b:c0:69:7b:1c:e9:79:e8:39: 88:26:81:98:f3:1d:8b:92:dc:bd:b8:de:27:b1:f4: 39:6c:e7:f0:2f:f9:72:8c:97:58:3d:ee:bd:4a:96: 08:58:b0:b1:4a:a4:e5:74:a4:17:b5:dd:2d:b0:84: f7:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:41:DA:6B:35:37:EA:E4:30:27:0A:2B:F2:33:B7:8A:2B:84:B2:E6 X509v3 Authority Key Identifier: keyid:0C:37:A0:1C:B6:33:62:34:4F:B7:39:67:60:FD:94:D9:C9:B9:7C:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DDegHLYzYjRPtzlnYP2U2cm5fHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B64D/2BBE4014467C11EE92D6463CC4F9AE02/DDegHLYzYjRPtzlnYP2U2cm5fHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:43:1f:b4:d0:85:e4:2a:8f:af:a9:0a:58:24:87:04:f9:bb: 3b:03:13:cf:b0:95:95:15:02:1f:ff:f2:f2:ef:e0:b1:9b:c9: 01:19:91:c9:de:bc:c7:0b:87:fe:54:ae:98:56:d8:ff:f1:dd: 59:4a:30:53:71:39:18:53:85:a9:d1:05:9d:a0:27:38:07:80: 15:86:f7:0c:63:53:58:c6:ca:13:0d:0b:ec:f2:7e:13:15:db: ea:ed:9c:ad:e6:bd:fd:3b:a9:b5:88:54:9c:5b:87:18:5f:ea: b4:10:3a:d6:26:62:bd:38:36:19:af:95:19:cb:21:86:29:16: 1b:1c:55:5d:54:73:ed:dd:28:4f:fe:ea:e3:9d:74:fb:49:6c: 26:53:e3:ce:4f:a4:87:d5:93:5a:f7:97:4a:e6:54:0d:96:ba: 4b:45:64:0b:e8:8e:39:16:34:bc:a1:a5:c2:94:c2:b3:3b:27: e2:86:d6:31:6e:84:66:f8:8b:19:46:09:9e:ab:17:62:6c:ac: 15:a2:4f:85:28:ae:25:0d:c9:f7:14:96:9c:d1:57:3e:3a:00: 05:b3:cd:56:7b:7f:ae:6d:fd:fe:57:85:a1:b1:b2:c2:d4:9c: c3:3e:29:cb:b7:eb:ec:be:71:a9:08:e5:d4:c0:a2:28:b5:12: 15:4d:46:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkI2NEQxMTAvBgNVBAUTKDBDMzdBMDFDQjYzMzYyMzQ0RkI3Mzk2NzYwRkQ5NEQ5 QzlCOTdDN0EwHhcNMjUwODIzMDM1MzA1WhcNMjUwODMwMDM1MzA1WjAYMRYwFAYD VQQDEw02OGE5M2IyMS00MWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA63/9itplNBZUbgRnGjPQW5K41WAzt68aX1QKYcmACsoY+ejoqkUlv2GLkEF7 Vvmv0z6wHmBFnhYHCht+Y9mmeIBPIyRQ1lMU7YIMWh+Ez6yVoPpOiARDlOrC2cpq 0CC6Xf8syqjS3fj4SQftbOGsJjtfmu79VYksk2AzwoOkJtoQhNPDqoQqGfzTVfVn 1V9HfW0EsxOYq2+xB0ySiWeVlTLoKpmsT9MYheL/911iOiBPRj9yXnmMM37oNea4 f7mu5puwYkmq80iLwGl7HOl56DmIJoGY8x2Lkty9uN4nsfQ5bOfwL/lyjJdYPe69 SpYIWLCxSqTldKQXtd0tsIT3kQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFB2ms1 N+rkMCcKK/Izt4orhLLmMB8GA1UdIwQYMBaAFAw3oBy2M2I0T7c5Z2D9lNnJuXx6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjY0RC8yQkJFNDAxNDQ2 N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellqUlB0emxuWVAyVTJjbTVm SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0REZWdITFl6WWpSUHR6bG5ZUDJVMmNtNWZIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjY0RC8yQkJFNDAxNDQ2N0MxMUVFOTJENjQ2M0NDNEY5QUUwMi9ERGVnSExZellq UlB0emxuWVAyVTJjbTVmSG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJQx+00IXkKo+vqQpYJIcE+bs7AxPPsJWVFQIf//Ly7+Cxm8kBGZHJ 3rzHC4f+VK6YVtj/8d1ZSjBTcTkYU4Wp0QWdoCc4B4AVhvcMY1NYxsoTDQvs8n4T Fdvq7Zyt5r39O6m1iFScW4cYX+q0EDrWJmK9ODYZr5UZyyGGKRYbHFVdVHPt3ShP /urjnXT7SWwmU+POT6SH1ZNa95dK5lQNlrpLRWQL6I45FjS8oaXClMKzOyfihtYx boRm+IsZRgmeqxdibKwVok+FKK4lDcn3FJac0Vc+OgAFs81We3+ubf3+V4WhsbLC 1JzDPinLt+vsvnGpCOXUwKIotRIVTUYH -----END CERTIFICATE-----Generated at Sat Aug 23 17:04:32 2025 by rpki-client