$ rpki-client -vvf rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft File: WAfnFR1ax7dL8iyZCSvS6S6mBig.mft (raw, json) Hash identifier: QzMvq3yzYez870OqURD3K9r5WQTKKq0V5bTw82PiKao= Subject key identifier: 3C:3B:CE:37:CA:75:E1:C0:93:1D:7A:8B:25:06:B5:4E:E3:8A:04:1C Authority key identifier: 58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28 Certificate issuer: /CN=A9144EC5/serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628 Certificate serial: 05F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft Manifest number: 05EA Signing time: Fri 22 Aug 2025 23:09:51 +0000 Manifest this update: Fri 22 Aug 2025 23:09:51 +0000 Manifest next update: Fri 29 Aug 2025 23:09:51 +0000 Files and hashes: 1: WAfnFR1ax7dL8iyZCSvS6S6mBig.crl (hash: nZymRmtLy/noP9UN/xcrV4O9WE2bHdztza42+LNLdM0=) 2: 9CCB30B0C5F411EB8A6F1525C4F9AE02.roa (hash: W3evTqtE3AeQu/+UCpmY09IhagDrzP1HZj8k+plv7KQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:09:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1525 (0x5f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144EC5, serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628 Validity Not Before: Aug 22 23:09:51 2025 GMT Not After : Aug 29 23:09:51 2025 GMT Subject: CN=68a8f8bf-e3e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ec:3d:bb:b7:76:c6:75:2a:e2:92:1a:28:6b: 62:df:05:89:db:19:d1:0a:07:48:2f:5c:5f:e9:8f: f6:ac:03:47:69:bd:16:28:37:e8:02:46:73:69:35: 76:1d:09:60:fb:44:96:0b:bf:4c:01:eb:c6:1d:15: d1:7b:b2:6b:e3:63:2d:c1:a8:be:ea:19:58:bf:c9: 91:4b:43:5f:d8:b9:09:e4:03:0d:81:f3:cb:09:0d: 1a:f1:78:56:1a:23:71:4f:6e:cc:ff:be:4c:52:f1: 4c:54:19:87:e7:f0:7d:3c:26:05:01:65:35:91:d6: 90:3d:73:eb:5d:e1:43:74:86:19:0f:e3:6b:96:b3: 87:f0:29:ef:82:9e:17:55:a7:b0:4e:33:12:f2:85: dc:99:fc:2a:1e:1c:71:a4:d5:f8:8d:31:14:d7:46: 4f:ef:e5:44:47:42:08:d3:16:15:ed:21:85:2b:3b: f5:37:48:c8:be:cd:e2:06:52:ba:54:0d:9d:7b:05: 99:94:6a:20:5d:dd:56:d3:12:94:71:fc:bf:04:cd: aa:af:c0:54:d2:ff:20:4b:23:0b:32:25:21:bc:27: 2e:f3:b0:3d:b8:18:b3:10:60:ce:ee:77:16:b2:d4: cc:07:c0:e3:3f:12:18:80:1b:f5:f0:15:8d:e1:1a: 5a:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:3B:CE:37:CA:75:E1:C0:93:1D:7A:8B:25:06:B5:4E:E3:8A:04:1C X509v3 Authority Key Identifier: keyid:58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:7c:67:5a:8b:ed:ca:c6:36:5d:8d:b1:d6:ce:1f:bd:b7:96: b8:45:e6:31:a5:1d:c3:5f:6d:ac:74:6f:73:d2:e1:32:f6:af: 53:b5:8c:69:2a:19:82:d6:6e:1b:57:f4:e4:1b:9f:0e:b2:43: 6a:47:9a:be:6c:39:01:9d:39:61:7e:8b:39:71:be:67:ce:21: 06:87:b4:4d:37:2f:65:7b:d6:d0:74:90:0b:3a:48:15:4e:b9: 7a:67:87:24:96:eb:31:af:ef:8e:b9:c1:72:ae:05:ee:65:d2: f7:6f:13:7e:c1:8b:5d:0a:4c:fd:53:3d:25:e4:fd:71:cb:9e: d6:ab:55:b1:e0:e3:41:f0:9e:7b:c7:e6:24:09:b5:33:aa:05: 47:47:3a:36:95:2e:be:aa:4f:14:e3:85:1b:01:89:73:20:4c: 8a:76:f0:78:35:a7:2d:5e:1f:ff:ba:70:22:f1:a0:e5:47:d9: 33:4a:63:f0:96:e3:db:db:12:62:c0:9e:9a:25:ae:c6:00:e8: 3d:1a:44:0a:c2:a5:e3:d0:39:74:db:09:69:37:65:9f:43:95: 2d:d1:3f:8b:4f:b3:3a:30:07:16:80:03:ea:2e:f8:25:92:58: 4a:a0:b6:4c:a3:cc:6f:1c:11:06:12:5a:47:1e:71:9d:8d:bf: 60:c2:bc:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDRFQzUxMTAvBgNVBAUTKDU4MDdFNzE1MUQ1QUM3Qjc0QkYyMkM5OTA5MkJEMkU5 MkVBNjA2MjgwHhcNMjUwODIyMjMwOTUxWhcNMjUwODI5MjMwOTUxWjAYMRYwFAYD VQQDEw02OGE4ZjhiZi1lM2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx+w9u7d2xnUq4pIaKGti3wWJ2xnRCgdIL1xf6Y/2rANHab0WKDfoAkZzaTV2 HQlg+0SWC79MAevGHRXRe7Jr42Mtwai+6hlYv8mRS0Nf2LkJ5AMNgfPLCQ0a8XhW GiNxT27M/75MUvFMVBmH5/B9PCYFAWU1kdaQPXPrXeFDdIYZD+NrlrOH8Cnvgp4X VaewTjMS8oXcmfwqHhxxpNX4jTEU10ZP7+VER0II0xYV7SGFKzv1N0jIvs3iBlK6 VA2dewWZlGogXd1W0xKUcfy/BM2qr8BU0v8gSyMLMiUhvCcu87A9uBizEGDO7ncW stTMB8DjPxIYgBv18BWN4RpanQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDw7zjfK deHAkx16iyUGtU7jigQcMB8GA1UdIwQYMBaAFFgH5xUdWse3S/IsmQkr0ukupgYo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEVDNS80MzlFM0MyOEM1 MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3ZEw4aXlaQ1N2UzZTNm1C aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dBZm5GUjFheDdkTDhpeVpDU3ZTNlM2bUJpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NEVDNS80MzlFM0MyOEM1MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3 ZEw4aXlaQ1N2UzZTNm1CaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASfGdai+3KxjZdjbHWzh+9t5a4ReYxpR3DX22sdG9z0uEy9q9TtYxp KhmC1m4bV/TkG58OskNqR5q+bDkBnTlhfos5cb5nziEGh7RNNy9le9bQdJALOkgV Trl6Z4cklusxr++OucFyrgXuZdL3bxN+wYtdCkz9Uz0l5P1xy57Wq1Wx4ONB8J57 x+YkCbUzqgVHRzo2lS6+qk8U44UbAYlzIEyKdvB4NactXh//unAi8aDlR9kzSmPw luPb2xJiwJ6aJa7GAOg9GkQKwqXj0Dl02wlpN2WfQ5Ut0T+LT7M6MAcWgAPqLvgl klhKoLZMo8xvHBEGElpHHnGdjb9gwry5 -----END CERTIFICATE-----Generated at Sat Aug 23 19:36:43 2025 by rpki-client