$ rpki-client -vvf rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.mft File: koDwcHR3Uzh7a6ZXMtbdeZKzUME.mft (raw, json) Hash identifier: pJZ8bAWslHOGvd+aI5I9+h2CBDNbQXCMaPDegnw/BJs= Subject key identifier: 5C:C0:CB:2E:BA:79:6D:A4:0C:41:C9:9B:1F:CD:D6:B9:C6:02:DD:29 Authority key identifier: 92:80:F0:70:74:77:53:38:7B:6B:A6:57:32:D6:DD:79:92:B3:50:C1 Certificate issuer: /CN=A9138679/serialNumber=9280F070747753387B6BA65732D6DD7992B350C1 Certificate serial: 66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/koDwcHR3Uzh7a6ZXMtbdeZKzUME.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.mft Manifest number: 64 Signing time: Sat 23 Aug 2025 07:17:43 +0000 Manifest this update: Sat 23 Aug 2025 07:17:43 +0000 Manifest next update: Sat 30 Aug 2025 07:17:43 +0000 Files and hashes: 1: koDwcHR3Uzh7a6ZXMtbdeZKzUME.crl (hash: mgkjGhFzGsYWo7ycWkVC4yRqAxsbF9Nvz0Y7kO77XFI=) 2: 2CD223FCEA7811EF92D8DC39C4F9AE02.roa (hash: guOkrCtWFoq8Lg0AXDAskb6dB7b68BfvYrXJ0gD0vek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.crl rsync://rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/koDwcHR3Uzh7a6ZXMtbdeZKzUME.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:17:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 102 (0x66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138679, serialNumber=9280F070747753387B6BA65732D6DD7992B350C1 Validity Not Before: Aug 23 07:17:43 2025 GMT Not After : Aug 30 07:17:43 2025 GMT Subject: CN=68a96b17-a592 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:99:89:de:19:aa:d0:0d:0c:b0:e1:14:18:5c: 20:0e:fd:20:1b:46:bd:ba:84:59:a1:46:b6:a4:12: 9d:ee:5c:9a:b4:6b:49:b9:d9:e1:84:02:c7:d0:ff: 50:9f:5d:64:03:25:d0:0d:56:06:eb:b8:3c:13:88: bf:b5:d9:ea:2d:1e:68:c5:2c:03:5e:ef:86:e2:b4: a1:41:88:d9:b3:f7:7c:30:58:cc:5e:e2:6a:07:71: 95:9b:ba:f4:94:24:7a:ff:a1:3d:fb:da:04:1d:99: ee:13:c5:b2:23:65:e6:e0:3e:fb:e2:9f:21:73:da: 88:7c:61:cc:9e:dd:f6:fe:4f:a0:48:44:c6:63:e3: 24:02:06:e2:4f:ed:46:dc:a7:59:9b:01:ba:f3:05: 31:f4:29:8f:0d:c2:45:11:44:f5:6b:18:5a:7a:a8: 75:4c:37:0c:94:05:d0:f8:aa:97:92:ef:04:f4:eb: 80:31:8a:59:1a:5e:a7:87:ed:1f:c2:f4:d2:ce:f2: f6:e8:b0:71:b6:b6:52:42:01:95:47:8a:19:0a:df: b2:1a:82:96:f4:f1:ee:25:7a:17:a7:7f:33:c6:e8: 25:aa:30:17:ab:83:fa:02:52:7b:ba:39:f2:bd:34: da:c0:1b:f0:31:01:65:f2:68:f8:6b:44:0e:32:6d: d8:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C0:CB:2E:BA:79:6D:A4:0C:41:C9:9B:1F:CD:D6:B9:C6:02:DD:29 X509v3 Authority Key Identifier: keyid:92:80:F0:70:74:77:53:38:7B:6B:A6:57:32:D6:DD:79:92:B3:50:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/koDwcHR3Uzh7a6ZXMtbdeZKzUME.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138679/CB2CB3CEEA7711EFA5635680C4F9AE02/koDwcHR3Uzh7a6ZXMtbdeZKzUME.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:c2:73:87:e4:26:08:9c:25:ea:28:05:3e:72:89:6c:f8:e5: 43:c5:30:e5:02:cc:43:05:3c:c4:44:2f:a5:83:36:87:0c:8f: 59:63:2c:da:58:4d:10:80:b3:23:ea:a1:5d:ed:e6:64:7f:02: c9:54:49:c4:53:6f:e6:66:42:27:e6:a2:11:54:5b:ca:64:7c: 57:c9:9d:21:ba:01:22:df:a7:2c:7d:81:8a:fe:c7:cb:50:66: 48:40:74:fe:0f:07:aa:65:67:e6:ef:93:b9:a7:fd:42:e4:78: 1f:7f:d1:d8:d8:98:08:45:ec:13:ee:7b:5c:79:06:9e:27:c5: 29:99:1b:84:04:b8:3b:3b:d1:c9:b5:ab:33:ca:8a:d9:05:61: 3c:3e:49:b8:2c:99:2a:8e:c2:9d:e0:eb:13:b0:df:9d:48:86: 40:f9:ef:ab:d7:0e:51:34:8a:31:66:46:fb:a3:05:69:b0:e0: dc:5a:0a:0e:8c:97:49:13:fd:4c:e0:31:ba:21:4e:5d:47:df: 48:c3:49:9a:f6:9c:39:f5:db:c9:50:9c:15:55:da:77:fe:c1: f3:da:7d:54:e5:dc:12:cb:ce:96:94:81:ff:06:46:46:10:00: 80:36:61:54:a8:98:f0:28:f6:b1:cf:2a:a0:43:30:1b:08:2a: bc:0a:21:8f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz ODY3OTExMC8GA1UEBRMoOTI4MEYwNzA3NDc3NTMzODdCNkJBNjU3MzJENkRENzk5 MkIzNTBDMTAeFw0yNTA4MjMwNzE3NDNaFw0yNTA4MzAwNzE3NDNaMBgxFjAUBgNV BAMTDTY4YTk2YjE3LWE1OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDpmYneGarQDQyw4RQYXCAO/SAbRr26hFmhRrakEp3uXJq0a0m52eGEAsfQ/1Cf XWQDJdANVgbruDwTiL+12eotHmjFLANe74bitKFBiNmz93wwWMxe4moHcZWbuvSU JHr/oT372gQdme4TxbIjZebgPvvinyFz2oh8Ycye3fb+T6BIRMZj4yQCBuJP7Ubc p1mbAbrzBTH0KY8NwkURRPVrGFp6qHVMNwyUBdD4qpeS7wT064AxilkaXqeH7R/C 9NLO8vbosHG2tlJCAZVHihkK37Iagpb08e4lehenfzPG6CWqMBerg/oCUnu6OfK9 NNrAG/AxAWXyaPhrRA4ybdgTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXMDLLrp5 baQMQcmbH83WucYC3SkwHwYDVR0jBBgwFoAUkoDwcHR3Uzh7a6ZXMtbdeZKzUMEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4Njc5L0NCMkNCM0NFRUE3 NzExRUZBNTYzNTY4MEM0RjlBRTAyL2tvRHdjSFIzVXpoN2E2WlhNdGJkZVpLelVN RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva29Ed2NIUjNVemg3YTZaWE10YmRlWkt6VU1FLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4 Njc5L0NCMkNCM0NFRUE3NzExRUZBNTYzNTY4MEM0RjlBRTAyL2tvRHdjSFIzVXpo N2E2WlhNdGJkZVpLelVNRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIzCc4fkJgicJeooBT5yiWz45UPFMOUCzEMFPMREL6WDNocMj1ljLNpY TRCAsyPqoV3t5mR/AslUScRTb+ZmQifmohFUW8pkfFfJnSG6ASLfpyx9gYr+x8tQ ZkhAdP4PB6plZ+bvk7mn/ULkeB9/0djYmAhF7BPue1x5Bp4nxSmZG4QEuDs70cm1 qzPKitkFYTw+SbgsmSqOwp3g6xOw351IhkD576vXDlE0ijFmRvujBWmw4NxaCg6M l0kT/UzgMbohTl1H30jDSZr2nDn128lQnBVV2nf+wfPafVTl3BLLzpaUgf8GRkYQ AIA2YVSomPAo9rHPKqBDMBsIKrwKIY8= -----END CERTIFICATE-----Generated at Sat Aug 23 20:18:56 2025 by rpki-client