$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft File: lyuQ2cUZIlatlkdbOSurGnp5zC0.mft (raw, json) Hash identifier: 0paTHDeOHNG/vwOCFohJJK6hyhoZYqnhfQw4arG73NU= Subject key identifier: 7C:77:2A:AB:D6:E6:BE:D3:FF:A9:E0:FC:AE:DE:2E:42:30:E6:97:26 Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D Certificate issuer: /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Certificate serial: 40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft Manifest number: 3C Signing time: Sat 23 Aug 2025 07:48:13 +0000 Manifest this update: Sat 23 Aug 2025 07:48:13 +0000 Manifest next update: Sat 30 Aug 2025 07:48:13 +0000 Files and hashes: 1: lyuQ2cUZIlatlkdbOSurGnp5zC0.crl (hash: 5JnvkNVgN3Wy90mx47xC+KlI1Owz2pl+0PL+iWGPmIc=) 2: DCC2224A313011F0BE214A64C4F9AE02.roa (hash: boAAaQY0nzMtC8MdALGWU7uiMFPgsCoPJLOiVmNOgmU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Validity Not Before: Aug 23 07:48:13 2025 GMT Not After : Aug 30 07:48:13 2025 GMT Subject: CN=68a9723d-a0c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:86:ad:79:99:97:02:30:ca:99:e6:0f:74:b3: 30:e6:e8:4a:af:fd:ca:df:ba:d0:bc:08:1a:0d:b4: b1:1e:70:b8:f7:76:32:37:51:c4:3e:bc:07:60:64: 65:fa:e0:ca:b0:61:28:c9:b3:14:0b:2d:6c:1f:c4: 05:fa:05:40:c7:fb:4a:5f:48:96:3d:ba:31:73:25: 38:3d:b3:11:a0:c9:18:dd:ce:e0:16:62:5f:be:25: b1:cc:ac:23:98:7a:13:4b:4a:4e:8d:cb:53:e8:50: 8b:01:0b:9f:67:31:97:eb:f4:d1:ee:55:38:f5:09: 57:02:05:fb:dd:bb:00:54:30:51:d2:22:22:41:ae: fd:78:35:64:e0:2c:0b:fd:1d:30:19:9a:96:e0:0b: 46:6c:2b:44:18:c5:e3:8b:fe:18:4d:bb:89:b0:a6: 43:ce:ab:03:71:f3:42:c2:2d:d6:13:41:ba:dc:df: 97:47:e4:4c:2c:19:0b:0d:a8:6b:33:6f:c9:9f:9c: 7d:33:3b:d4:88:64:6f:a3:05:45:07:58:10:91:4b: 35:02:8d:fc:13:6c:c8:d8:7f:d1:2c:56:c4:08:70: 4b:38:53:b3:9e:97:95:17:6c:ae:51:16:98:2c:cd: 71:fb:c2:fb:7f:b8:05:e0:f1:e9:58:a3:1f:5f:19: 39:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:77:2A:AB:D6:E6:BE:D3:FF:A9:E0:FC:AE:DE:2E:42:30:E6:97:26 X509v3 Authority Key Identifier: keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:ac:97:55:05:be:e6:2a:09:fc:63:6c:ff:45:fc:7e:3f:01: 60:b6:3c:8b:dd:f9:b2:77:bb:91:81:af:3d:a9:07:38:5f:9d: f2:6f:8f:d2:f7:65:f9:15:8c:26:89:8e:cf:3e:3e:76:d9:25: 9c:6b:78:38:e8:00:af:e3:eb:a1:19:3d:3e:36:1d:0f:af:d8: a6:01:9f:b9:5e:82:36:b0:96:54:72:a5:b5:b0:5d:e8:7d:d7: ea:56:09:4a:a8:bd:a5:f0:c8:aa:e8:24:7c:9f:1c:3c:9a:e6: 7b:05:e8:b2:3d:7e:ab:22:ec:bb:a9:90:91:16:d6:4a:65:81: fe:ec:31:41:41:3e:83:9c:ad:e1:56:4e:0d:21:0a:14:5e:f3: e4:76:96:dc:13:99:2e:0f:b0:5b:29:b0:18:90:47:3d:2c:4f: 63:be:5c:72:c2:43:7e:da:14:00:6a:20:6b:ee:2a:7b:d1:ac: bc:ad:6c:1d:0d:2b:c7:02:f8:94:99:d5:6a:de:cc:46:22:5b: 40:0b:51:7c:20:77:6c:11:87:1f:6f:ad:54:cf:7d:f8:5a:0e: 57:ad:8b:c8:5d:1c:77:c4:b6:1b:8e:95:f3:5d:44:2e:6f:48: 96:14:87:fc:e2:a9:83:d5:6f:1d:b6:1d:a5:97:5c:ca:91:a8: a4:03:ef:59 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3 QTc5Q0MyRDAeFw0yNTA4MjMwNzQ4MTNaFw0yNTA4MzAwNzQ4MTNaMBgxFjAUBgNV BAMTDTY4YTk3MjNkLWEwYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3hq15mZcCMMqZ5g90szDm6Eqv/crfutC8CBoNtLEecLj3djI3UcQ+vAdgZGX6 4MqwYSjJsxQLLWwfxAX6BUDH+0pfSJY9ujFzJTg9sxGgyRjdzuAWYl++JbHMrCOY ehNLSk6Ny1PoUIsBC59nMZfr9NHuVTj1CVcCBfvduwBUMFHSIiJBrv14NWTgLAv9 HTAZmpbgC0ZsK0QYxeOL/hhNu4mwpkPOqwNx80LCLdYTQbrc35dH5EwsGQsNqGsz b8mfnH0zO9SIZG+jBUUHWBCRSzUCjfwTbMjYf9EsVsQIcEs4U7Oel5UXbK5RFpgs zXH7wvt/uAXg8elYox9fGTndAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfHcqq9bm vtP/qeD8rt4uQjDmlyYwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMy RkQ5LzdGOUE3MDM0MkJCNTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxh dGxrZGJPU3VyR25wNXpDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABWsl1UFvuYqCfxjbP9F/H4/AWC2PIvd+bJ3u5GBrz2pBzhfnfJvj9L3 ZfkVjCaJjs8+PnbZJZxreDjoAK/j66EZPT42HQ+v2KYBn7legjawllRypbWwXeh9 1+pWCUqovaXwyKroJHyfHDya5nsF6LI9fqsi7LupkJEW1kplgf7sMUFBPoOcreFW Tg0hChRe8+R2ltwTmS4PsFspsBiQRz0sT2O+XHLCQ37aFABqIGvuKnvRrLytbB0N K8cC+JSZ1WrezEYiW0ALUXwgd2wRhx9vrVTPffhaDleti8hdHHfEthuOlfNdRC5v SJYUh/ziqYPVbx22HaWXXMqRqKQD71k= -----END CERTIFICATE-----Generated at Sat Aug 23 13:42:05 2025 by rpki-client