$ rpki-client -vvf rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft File: -Xh9LKFDLKbpMzLg7e9rB7JF17A.mft (raw, json) Hash identifier: B7Kv3oRb88pQn2vVIOHNmZSqSQuXo6CI9VfIQZoDb5Q= Subject key identifier: 48:63:19:F7:6A:DA:72:F0:55:B7:C4:93:AC:50:97:64:8E:85:53:BE Authority key identifier: F9:78:7D:2C:A1:43:2C:A6:E9:33:32:E0:ED:EF:6B:07:B2:45:D7:B0 Certificate issuer: /CN=A912DA1F/serialNumber=F9787D2CA1432CA6E93332E0EDEF6B07B245D7B0 Certificate serial: 0842 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft Manifest number: 0839 Signing time: Fri 22 Aug 2025 20:51:52 +0000 Manifest this update: Fri 22 Aug 2025 20:51:51 +0000 Manifest next update: Fri 29 Aug 2025 20:51:51 +0000 Files and hashes: 1: -Xh9LKFDLKbpMzLg7e9rB7JF17A.crl (hash: 2YKobKoFn6GITFUE6nwb26PNvpp9GVGvkoZ+jSCp/tw=) 2: D6883996DABE11EAB12A5209C4F9AE02.roa (hash: uybnkX1k8gPyTR5CU7p1ceux1tCfl8jTIgkNDS2MSjc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.crl rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:51:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2114 (0x842) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DA1F, serialNumber=F9787D2CA1432CA6E93332E0EDEF6B07B245D7B0 Validity Not Before: Aug 22 20:51:51 2025 GMT Not After : Aug 29 20:51:51 2025 GMT Subject: CN=68a8d867-40b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6f:b2:d6:27:35:d6:d8:45:f9:8b:ce:67:50: 6c:bb:ff:f6:07:4d:d8:d1:6b:68:1c:11:f7:d6:9e: 70:1e:8c:d3:cd:54:92:59:10:0c:83:9b:ea:de:8d: af:69:bd:3c:80:7f:41:cc:31:e2:ad:98:05:c6:f5: 84:97:58:0d:92:90:65:db:a5:cc:a0:81:38:84:f8: 21:08:68:12:86:31:c1:ba:11:57:b5:87:1e:85:1e: 5c:85:a9:e8:96:96:37:46:7c:18:ff:86:9e:e9:23: 01:3f:07:78:25:e3:9b:d0:81:c6:65:fc:73:e0:7b: e0:21:11:5a:07:ab:1f:4b:66:ba:1f:3f:58:0e:b8: 00:1d:f6:bb:9e:1a:fb:68:38:49:82:48:e0:3d:cb: 30:b0:c2:0d:bf:25:8a:92:c0:28:f7:79:97:27:57: d8:7d:0d:d6:e1:69:8d:17:2f:af:93:e1:5d:8f:24: 80:06:98:a6:ba:9c:8e:33:bd:8a:12:b5:e1:b2:e2: c9:b9:cc:52:54:de:a2:de:7b:81:9c:1f:f4:8a:49: 4d:78:6f:66:83:9d:a9:46:79:1b:79:65:7e:c8:82: 9d:c4:c5:12:b2:6e:7f:5f:e7:8c:a7:ce:bd:a7:f9: 6a:e2:ed:ef:16:91:80:94:72:3a:24:cd:d8:be:aa: 78:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:63:19:F7:6A:DA:72:F0:55:B7:C4:93:AC:50:97:64:8E:85:53:BE X509v3 Authority Key Identifier: keyid:F9:78:7D:2C:A1:43:2C:A6:E9:33:32:E0:ED:EF:6B:07:B2:45:D7:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Xh9LKFDLKbpMzLg7e9rB7JF17A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DA1F/FB14A882DABC11EAA6202C85C4F9AE02/-Xh9LKFDLKbpMzLg7e9rB7JF17A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:72:f3:5f:0b:d0:c8:d3:32:ab:bb:f8:4b:cb:21:bb:bc:21: 07:aa:6b:48:5b:29:ee:2a:0c:92:ff:2e:e1:2d:83:9d:b9:95: 8a:04:6b:99:41:23:be:d0:fe:a6:50:36:af:d0:7e:cb:53:5e: 33:ba:b2:73:30:a9:77:0c:64:69:0d:6f:b9:f4:77:04:39:38: 51:5c:da:07:67:cb:63:d7:ef:a1:ef:fa:f0:f9:1f:f8:96:37: 61:92:83:03:7b:8e:b7:49:13:6f:18:50:ec:00:b5:4b:b2:fc: ee:df:2f:c3:5f:5c:76:20:57:58:62:ce:11:50:22:ef:0d:0a: f8:61:e6:30:c0:2f:bc:b9:cc:ff:1a:4c:30:01:04:1a:c9:e2: 78:1e:95:31:bc:90:26:46:37:ef:25:7e:27:f5:a5:c0:31:3c: 84:48:f5:e7:e8:8f:93:43:5c:b1:8a:77:eb:be:b8:67:00:86: 47:e1:26:cb:4c:a7:78:5c:13:2c:64:e0:9b:87:58:07:e4:88: 32:6e:54:33:38:57:9b:b9:79:3f:5b:4c:94:bd:38:10:2b:9e: 67:f1:a5:7e:bf:59:dd:95:1a:16:63:f4:b2:f6:b3:12:41:08: f2:88:24:f0:a8:9f:a4:c4:b6:18:89:45:23:c9:c9:62:2d:fe: 71:f7:f4:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRBMUYxMTAvBgNVBAUTKEY5Nzg3RDJDQTE0MzJDQTZFOTMzMzJFMEVERUY2QjA3 QjI0NUQ3QjAwHhcNMjUwODIyMjA1MTUxWhcNMjUwODI5MjA1MTUxWjAYMRYwFAYD VQQDEw02OGE4ZDg2Ny00MGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuG+y1ic11thF+YvOZ1Bsu//2B03Y0WtoHBH31p5wHozTzVSSWRAMg5vq3o2v ab08gH9BzDHirZgFxvWEl1gNkpBl26XMoIE4hPghCGgShjHBuhFXtYcehR5chano lpY3RnwY/4ae6SMBPwd4JeOb0IHGZfxz4HvgIRFaB6sfS2a6Hz9YDrgAHfa7nhr7 aDhJgkjgPcswsMINvyWKksAo93mXJ1fYfQ3W4WmNFy+vk+FdjySABpimupyOM72K ErXhsuLJucxSVN6i3nuBnB/0iklNeG9mg52pRnkbeWV+yIKdxMUSsm5/X+eMp869 p/lq4u3vFpGAlHI6JM3Yvqp4/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEhjGfdq 2nLwVbfEk6xQl2SOhVO+MB8GA1UdIwQYMBaAFPl4fSyhQyym6TMy4O3vaweyRdew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREExRi9GQjE0QTg4MkRB QkMxMUVBQTYyMDJDODVDNEY5QUUwMi8tWGg5TEtGRExLYnBNekxnN2U5ckI3SkYx N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YaDlMS0ZETEticE16TGc3ZTlyQjdKRjE3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy REExRi9GQjE0QTg4MkRBQkMxMUVBQTYyMDJDODVDNEY5QUUwMi8tWGg5TEtGRExL YnBNekxnN2U5ckI3SkYxN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKcvNfC9DI0zKru/hLyyG7vCEHqmtIWynuKgyS/y7hLYOduZWKBGuZ QSO+0P6mUDav0H7LU14zurJzMKl3DGRpDW+59HcEOThRXNoHZ8tj1++h7/rw+R/4 ljdhkoMDe463SRNvGFDsALVLsvzu3y/DX1x2IFdYYs4RUCLvDQr4YeYwwC+8ucz/ GkwwAQQayeJ4HpUxvJAmRjfvJX4n9aXAMTyESPXn6I+TQ1yxinfrvrhnAIZH4SbL TKd4XBMsZOCbh1gH5IgyblQzOFebuXk/W0yUvTgQK55n8aV+v1ndlRoWY/Sy9rMS QQjyiCTwqJ+kxLYYiUUjycliLf5x9/Qv -----END CERTIFICATE-----Generated at Sun Aug 24 00:17:46 2025 by rpki-client