$ rpki-client -vvf rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft File: lSpNx8TWEJWYvu5awKIG0nuFxWo.mft (raw, json) Hash identifier: cQIHgJlWQcMOR6fTZM+e7LHgEiiCtmwKSOr9lnrIYKE= Subject key identifier: 49:A0:21:76:0D:1E:87:33:C7:29:FB:75:2C:78:C2:29:D6:65:A5:DB Authority key identifier: 95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A Certificate issuer: /CN=A912D71D/serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft Manifest number: 32 Signing time: Sat 23 Aug 2025 07:53:55 +0000 Manifest this update: Sat 23 Aug 2025 07:53:55 +0000 Manifest next update: Sat 30 Aug 2025 07:53:55 +0000 Files and hashes: 1: lSpNx8TWEJWYvu5awKIG0nuFxWo.crl (hash: ks7XAFSWmM2f6Bb+L2ln9EJr6sEtxZw5GkBYem743uE=) 2: 4002AE6236CF11F0AA705D26C4F9AE02.roa (hash: BjUqiPeyqOJL7zi1VC/yuEDToWrbr9Hg82ANTKNIKSc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D71D, serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Validity Not Before: Aug 23 07:53:55 2025 GMT Not After : Aug 30 07:53:55 2025 GMT Subject: CN=68a97393-bbfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:6f:df:80:3c:7c:11:54:e5:40:04:c2:ad:a7: 31:08:02:d6:4f:7f:ef:0a:85:ff:29:36:8a:48:32: 3c:bc:40:13:1f:b2:e6:8d:c2:91:6c:61:03:d6:92: cd:e3:96:da:fd:9e:2c:dc:86:96:d0:18:6b:00:45: e4:45:d3:8c:ee:3a:3a:29:83:f0:a9:a5:a6:76:31: 0b:05:36:2a:7c:64:d3:c1:9d:a5:52:e2:23:5a:13: b0:86:90:b2:37:89:88:f5:60:1f:da:0e:25:c0:22: 46:04:51:7a:2b:f6:a2:4b:21:17:9d:04:ad:86:e6: 76:fc:d2:57:2d:7d:6a:bb:fa:a5:dd:21:85:7c:37: 61:6c:da:a1:c7:a2:56:b7:b0:a1:59:58:95:9d:5a: f4:15:a8:22:0b:88:39:81:93:31:e5:75:a8:9d:e8: 4d:d8:59:6c:2b:c8:23:fa:79:4c:09:2b:a9:c3:14: f9:cf:29:7a:31:37:34:01:c3:60:b1:00:d5:59:7b: ab:7e:be:d3:a3:ba:fa:06:89:6c:87:94:d7:91:3d: 96:05:80:e9:df:dc:48:2a:16:b5:b5:2c:ab:59:e5: a5:94:1d:9a:3f:b1:92:f5:33:e1:10:54:ab:fc:91: 7b:6a:07:f8:89:7b:45:6e:28:3c:66:e0:76:8c:5c: 35:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:A0:21:76:0D:1E:87:33:C7:29:FB:75:2C:78:C2:29:D6:65:A5:DB X509v3 Authority Key Identifier: keyid:95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:02:cf:24:8e:57:06:a2:72:45:40:4b:f2:48:61:57:67:7c: 4d:ad:3a:94:47:d4:e6:3f:3b:76:f7:cd:02:08:cd:66:b7:04: 90:f9:b4:e3:a2:b6:6f:c1:2d:87:37:30:58:13:5d:27:41:6f: ab:b6:40:93:5a:9a:ff:c0:be:21:77:b3:a7:ba:e7:ad:5b:38: 1c:2e:19:3c:71:37:a2:d9:9c:ee:60:f2:d5:d1:7c:dd:be:ac: d0:eb:1f:31:54:b6:66:b8:50:13:32:87:ba:a2:5a:8d:0c:63: a2:4b:52:0c:8f:0a:9d:ed:92:f9:00:2c:60:c6:d9:13:80:16: a2:11:16:f3:b9:96:01:1c:a8:bb:a1:02:6d:81:d3:68:ed:6e: 63:98:ad:ab:55:e6:9a:99:17:bf:dd:c6:2f:98:17:1b:d8:fe: a0:14:49:6f:b1:32:2d:88:e9:99:1e:1d:5b:52:94:69:1f:88: 75:c1:a2:c1:1d:40:91:2a:08:13:61:5c:7e:38:05:96:f5:62: c0:51:6a:78:3e:16:42:4c:7d:e3:c5:55:e8:dc:0e:d5:12:56: 1c:e3:74:af:e7:e2:c3:2b:e2:f8:6c:ad:17:80:be:97:7b:4a: 03:d1:53:f8:fe:a1:a0:3c:f8:27:44:ea:d6:b6:68:0b:4e:1f: 24:4e:8f:7c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RDcxRDExMC8GA1UEBRMoOTUyQTREQzdDNEQ2MTA5NTk4QkVFRTVBQzBBMjA2RDI3 Qjg1QzU2QTAeFw0yNTA4MjMwNzUzNTVaFw0yNTA4MzAwNzUzNTVaMBgxFjAUBgNV BAMTDTY4YTk3MzkzLWJiZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDeb9+APHwRVOVABMKtpzEIAtZPf+8Khf8pNopIMjy8QBMfsuaNwpFsYQPWks3j ltr9nizchpbQGGsAReRF04zuOjopg/CppaZ2MQsFNip8ZNPBnaVS4iNaE7CGkLI3 iYj1YB/aDiXAIkYEUXor9qJLIRedBK2G5nb80lctfWq7+qXdIYV8N2Fs2qHHola3 sKFZWJWdWvQVqCILiDmBkzHldaid6E3YWWwryCP6eUwJK6nDFPnPKXoxNzQBw2Cx ANVZe6t+vtOjuvoGiWyHlNeRPZYFgOnf3EgqFrW1LKtZ5aWUHZo/sZL1M+EQVKv8 kXtqB/iJe0VuKDxm4HaMXDXvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSaAhdg0e hzPHKft1LHjCKdZlpdswHwYDVR0jBBgwFoAUlSpNx8TWEJWYvu5awKIG0nuFxWow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJENzFELzFFMEY5OTJFMzZD RTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpXWXZ1NWF3S0lHMG51RnhX by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbFNwTng4VFdFSldZdnU1YXdLSUcwbnVGeFdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJE NzFELzFFMEY5OTJFMzZDRTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpX WXZ1NWF3S0lHMG51RnhXby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHgCzySOVwaickVAS/JIYVdnfE2tOpRH1OY/O3b3zQIIzWa3BJD5tOOi tm/BLYc3MFgTXSdBb6u2QJNamv/AviF3s6e6561bOBwuGTxxN6LZnO5g8tXRfN2+ rNDrHzFUtma4UBMyh7qiWo0MY6JLUgyPCp3tkvkALGDG2ROAFqIRFvO5lgEcqLuh Am2B02jtbmOYratV5pqZF7/dxi+YFxvY/qAUSW+xMi2I6ZkeHVtSlGkfiHXBosEd QJEqCBNhXH44BZb1YsBRang+FkJMfePFVejcDtUSVhzjdK/n4sMr4vhsrReAvpd7 SgPRU/j+oaA8+CdE6ta2aAtOHyROj3w= -----END CERTIFICATE-----Generated at Sat Aug 23 12:50:04 2025 by rpki-client