$ rpki-client -vvf rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft File: nQi_OKDTi4yrfP2I9djE7WZ3jME.mft (raw, json) Hash identifier: i4zCyXANW+ZKDqbFCQoif4Znr4ltD4VW4BIJM4ulv+c= Subject key identifier: 80:38:D2:73:66:D9:A0:FE:74:81:E7:D8:CA:8E:95:37:10:85:78:F9 Authority key identifier: 9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 Certificate issuer: /CN=A913F0DF/serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Certificate serial: 0142 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft Manifest number: 013F Signing time: Sat 23 Aug 2025 04:34:05 +0000 Manifest this update: Sat 23 Aug 2025 04:34:04 +0000 Manifest next update: Sat 30 Aug 2025 04:34:04 +0000 Files and hashes: 1: nQi_OKDTi4yrfP2I9djE7WZ3jME.crl (hash: RrJbY2JHsbV8TSofgs7NQwbF75j09vEKpOKZmNwd6Ik=) 2: 7C7AF8E6E67011EEB76DCB76C4F9AE02.roa (hash: tBwNVvJX12RI1rw1ArvMyaYybwsSqQmw1mHttd1wbm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:34:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 322 (0x142) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F0DF, serialNumber=9D08BF38A0D38B8CAB7CFD88F5D8C4ED66778CC1 Validity Not Before: Aug 23 04:34:04 2025 GMT Not After : Aug 30 04:34:04 2025 GMT Subject: CN=68a944bd-7fb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:55:40:9f:e8:2c:0f:4e:e3:d4:01:02:f6:46: b1:bc:7c:4d:26:81:5d:b8:06:2c:61:dd:06:e2:99: 89:ce:55:6d:cd:58:10:4f:e8:73:da:5f:d9:ee:e4: 3c:b3:e8:87:ed:d0:e9:fa:35:49:ac:68:ed:5c:1d: ab:b4:23:06:d6:cd:4c:c1:f0:2c:85:81:bc:0f:2c: 9f:f7:22:6e:32:d9:68:1e:e7:4a:b9:2c:ac:10:2d: 99:33:11:88:69:b9:78:84:3c:ae:bd:72:10:6d:90: 9d:12:9b:28:3e:5b:0f:1f:9e:01:7f:22:4b:68:58: 42:3b:ba:f6:2a:86:f7:ed:16:de:d3:c9:a0:da:c3: bd:27:cc:9f:80:45:11:89:50:59:75:52:f9:a1:14: 51:08:4f:89:bb:24:c7:3f:d8:7b:d2:ad:ce:4d:db: 10:63:80:40:c2:66:3a:a8:70:78:3e:df:14:05:b1: 45:6a:ff:69:18:66:16:b9:06:88:52:d7:1e:55:fb: e1:c5:a2:bc:69:a6:00:34:0c:d6:7d:d1:64:2a:bd: b0:b2:eb:bb:9d:1b:6e:9c:39:e4:eb:39:e3:ae:e9: 95:c9:44:e3:d0:c5:86:96:3c:e4:46:14:51:e0:bd: 44:9b:00:3c:ea:7e:52:b8:14:05:2a:1f:08:77:5d: 7b:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:38:D2:73:66:D9:A0:FE:74:81:E7:D8:CA:8E:95:37:10:85:78:F9 X509v3 Authority Key Identifier: keyid:9D:08:BF:38:A0:D3:8B:8C:AB:7C:FD:88:F5:D8:C4:ED:66:77:8C:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQi_OKDTi4yrfP2I9djE7WZ3jME.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F0DF/E5083648992811EEBBCAE87AC4F9AE02/nQi_OKDTi4yrfP2I9djE7WZ3jME.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:7c:3c:e7:a5:f1:2a:ee:db:20:e9:07:27:e0:56:66:d3:40: 39:97:19:3e:7d:06:fe:d1:fd:34:46:db:c0:53:19:32:75:ba: dc:34:29:21:02:8b:ba:96:1c:d5:35:6d:a0:ff:bd:ca:71:bc: 89:1b:a2:67:56:d1:09:f4:9a:b3:53:b5:54:25:76:e3:cf:90: fe:8c:33:47:01:39:47:c4:ca:ed:2a:0e:73:1d:87:51:ea:71: cb:78:8b:73:65:f7:2f:f9:60:8d:43:22:41:ff:a0:20:72:d7: e9:70:7c:2f:7e:36:c3:0b:88:26:7e:4f:9b:21:ff:d8:2b:95: 48:28:08:1b:26:0c:26:45:6f:e9:b0:16:9d:44:0e:48:57:f7: 84:9d:85:6d:24:18:02:93:fc:98:12:4c:70:dc:67:06:d0:d7: ee:4f:27:ee:f8:8d:55:63:a4:3f:c2:ea:3a:4e:91:38:8e:c4: 1d:e2:42:e5:61:1f:69:95:36:60:98:5d:59:c5:6b:f4:45:d6: df:34:f2:3b:f2:aa:0f:05:53:89:6c:af:9b:80:1a:b6:c2:3f: 81:89:c6:57:93:04:da:9c:32:3d:65:54:d7:00:8b:5a:71:df: 20:9e:dd:6b:e4:9f:80:75:59:37:57:6d:7a:78:be:7e:eb:02: 21:65:90:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0YwREYxMTAvBgNVBAUTKDlEMDhCRjM4QTBEMzhCOENBQjdDRkQ4OEY1RDhDNEVE NjY3NzhDQzEwHhcNMjUwODIzMDQzNDA0WhcNMjUwODMwMDQzNDA0WjAYMRYwFAYD VQQDEw02OGE5NDRiZC03ZmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApVVAn+gsD07j1AEC9kaxvHxNJoFduAYsYd0G4pmJzlVtzVgQT+hz2l/Z7uQ8 s+iH7dDp+jVJrGjtXB2rtCMG1s1MwfAshYG8Dyyf9yJuMtloHudKuSysEC2ZMxGI abl4hDyuvXIQbZCdEpsoPlsPH54BfyJLaFhCO7r2Kob37Rbe08mg2sO9J8yfgEUR iVBZdVL5oRRRCE+JuyTHP9h70q3OTdsQY4BAwmY6qHB4Pt8UBbFFav9pGGYWuQaI UtceVfvhxaK8aaYANAzWfdFkKr2wsuu7nRtunDnk6znjrumVyUTj0MWGljzkRhRR 4L1EmwA86n5SuBQFKh8Id117FQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIA40nNm 2aD+dIHn2MqOlTcQhXj5MB8GA1UdIwQYMBaAFJ0Ivzig04uMq3z9iPXYxO1md4zB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjBERi9FNTA4MzY0ODk5 MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0eXJmUDJJOWRqRTdXWjNq TUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25RaV9PS0RUaTR5cmZQMkk5ZGpFN1daM2pNRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjBERi9FNTA4MzY0ODk5MjgxMUVFQkJDQUU4N0FDNEY5QUUwMi9uUWlfT0tEVGk0 eXJmUDJJOWRqRTdXWjNqTUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgfDznpfEq7tsg6Qcn4FZm00A5lxk+fQb+0f00RtvAUxkydbrcNCkh Aou6lhzVNW2g/73KcbyJG6JnVtEJ9JqzU7VUJXbjz5D+jDNHATlHxMrtKg5zHYdR 6nHLeItzZfcv+WCNQyJB/6AgctfpcHwvfjbDC4gmfk+bIf/YK5VIKAgbJgwmRW/p sBadRA5IV/eEnYVtJBgCk/yYEkxw3GcG0NfuTyfu+I1VY6Q/wuo6TpE4jsQd4kLl YR9plTZgmF1ZxWv0RdbfNPI78qoPBVOJbK+bgBq2wj+BicZXkwTanDI9ZVTXAIta cd8gnt1r5J+AdVk3V216eL5+6wIhZZAm -----END CERTIFICATE-----Generated at Sat Aug 23 18:52:37 2025 by rpki-client