$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: naeeDX4ow0rikmfSs7rW61xh95qMXb8/39dhCkf0QzU= Subject key identifier: 48:0D:09:E4:FF:CA:FD:AC:07:73:9C:73:E4:25:3D:20:AF:3B:2B:D6 Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0C04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BFB Signing time: Fri 22 Aug 2025 18:54:16 +0000 Manifest this update: Fri 22 Aug 2025 18:54:16 +0000 Manifest next update: Fri 29 Aug 2025 18:54:16 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: WoGFMho+pKvHHBBUwDYItu+PIxdQO6i0DmqyUtp+u0I=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: vtoSKlT7or456eJjA8slT3V02xUjwJUVTYQRDOjaj2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:54:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3076 (0xc04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Aug 22 18:54:16 2025 GMT Not After : Aug 29 18:54:16 2025 GMT Subject: CN=68a8bcd8-2977 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f7:7f:ca:34:89:87:cb:98:08:90:c2:d6:91: 01:db:33:08:9e:5c:b2:b2:60:17:60:4a:84:27:01: 11:2a:a1:93:d9:40:af:fe:d6:b4:49:d4:8f:49:7a: ed:13:9e:69:8f:35:43:c3:9e:ab:3e:79:f3:c5:f1: ca:28:50:49:ee:67:0f:9a:82:88:c9:17:c6:57:0b: 08:68:21:94:a1:80:55:12:93:0f:ab:53:a4:dd:28: 59:94:c6:8d:20:34:be:66:ba:34:ad:58:8c:a3:93: 0e:b2:22:42:30:68:c4:bf:0d:92:0e:69:f7:60:e5: 82:fc:58:b5:55:76:c8:ce:06:9a:56:18:c7:4e:fe: c5:2d:c6:20:10:8a:e2:3a:55:28:ea:13:f7:35:eb: dd:ab:e3:ff:ba:bf:76:5c:5d:42:9f:75:c6:39:c4: 35:07:12:5a:f9:9f:3b:89:84:74:4a:25:21:88:1b: b0:d9:7c:79:bc:bd:a0:fc:07:37:b1:3b:19:2a:07: f4:d9:af:31:64:52:0c:54:e0:18:6f:63:fa:02:f1: f3:42:3d:38:20:b7:13:be:ed:3e:6d:85:0d:51:8c: a1:16:19:cf:3a:ff:84:00:a9:b5:ea:e7:b1:cd:46: 83:d8:b4:49:3b:88:5c:7b:70:b6:ff:9c:f0:53:78: 82:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:0D:09:E4:FF:CA:FD:AC:07:73:9C:73:E4:25:3D:20:AF:3B:2B:D6 X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ee:ea:5f:5d:60:b8:e5:eb:ef:f4:ea:63:ef:2e:0d:75:4c:b3: 62:40:3c:20:f0:6e:f5:84:3f:e6:e2:8f:6c:28:1b:98:1e:ce: 39:59:16:5f:47:6a:6e:8c:fa:60:87:e0:97:0a:bb:e4:e5:b9: 80:c8:ce:a1:3a:be:b0:81:6a:e2:69:1e:50:8f:b1:57:8c:41: 1d:94:c5:ac:ec:19:11:cc:8f:b2:18:a4:b9:3e:15:5b:d4:2c: 79:e2:93:4a:38:6e:1b:b2:41:48:3c:0e:0a:4b:a6:e7:fd:9b: 54:24:09:2a:ea:f8:9d:d2:af:03:ac:87:2a:30:0e:0f:32:f7: b3:11:8a:f0:a0:51:76:d6:ef:5b:8f:03:86:f8:71:6b:44:9d: 71:04:68:7f:4b:9f:67:42:6f:26:7f:a3:85:e3:f0:24:3f:48: 68:69:3b:a0:17:9b:f5:f4:cb:bd:bc:ce:c2:a6:ba:8d:4c:fb: a4:1b:35:0d:2f:0f:39:5c:09:2d:75:80:fa:23:b5:76:b1:52: 57:fd:4b:4d:c7:ff:06:86:bf:69:ac:d9:94:5a:59:48:78:dd: 39:d2:c6:fb:75:01:c3:f1:d4:d8:82:2b:1e:cf:41:b6:f1:35: de:27:72:5c:57:57:52:ba:7c:a8:ad:1a:8b:ed:fa:8f:c9:36: 9d:38:c6:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwODIyMTg1NDE2WhcNMjUwODI5MTg1NDE2WjAYMRYwFAYD VQQDEw02OGE4YmNkOC0yOTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/d/yjSJh8uYCJDC1pEB2zMInlyysmAXYEqEJwERKqGT2UCv/ta0SdSPSXrt E55pjzVDw56rPnnzxfHKKFBJ7mcPmoKIyRfGVwsIaCGUoYBVEpMPq1Ok3ShZlMaN IDS+Zro0rViMo5MOsiJCMGjEvw2SDmn3YOWC/Fi1VXbIzgaaVhjHTv7FLcYgEIri OlUo6hP3Nevdq+P/ur92XF1Cn3XGOcQ1BxJa+Z87iYR0SiUhiBuw2Xx5vL2g/Ac3 sTsZKgf02a8xZFIMVOAYb2P6AvHzQj04ILcTvu0+bYUNUYyhFhnPOv+EAKm16uex zUaD2LRJO4hce3C2/5zwU3iCHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEgNCeT/ yv2sB3Occ+QlPSCvOyvWMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDu6l9dYLjl6+/06mPvLg11TLNiQDwg8G71hD/m4o9sKBuYHs45WRZf R2pujPpgh+CXCrvk5bmAyM6hOr6wgWriaR5Qj7FXjEEdlMWs7BkRzI+yGKS5PhVb 1Cx54pNKOG4bskFIPA4KS6bn/ZtUJAkq6vid0q8DrIcqMA4PMvezEYrwoFF21u9b jwOG+HFrRJ1xBGh/S59nQm8mf6OF4/AkP0hoaTugF5v19Mu9vM7CprqNTPukGzUN Lw85XAktdYD6I7V2sVJX/UtNx/8Ghr9prNmUWllIeN050sb7dQHD8dTYgisez0G2 8TXeJ3JcV1dSunyorRqL7fqPyTadOMZF -----END CERTIFICATE-----Generated at Sat Aug 23 19:41:33 2025 by rpki-client