$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft File: D96C0nlIVMmvzdhe-37-ScR9Lu4.mft (raw, json) Hash identifier: k52M9qJnzg7Ogsk24L+0uTQKTwWZQuMLrKLMZgs9Do8= Subject key identifier: 5B:AB:F5:91:99:19:CD:A0:09:1A:83:81:F0:E0:FD:A3:09:CF:A7:40 Authority key identifier: 0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE Certificate issuer: /CN=A914C33A/serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE Certificate serial: 0D0F Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft Manifest number: 0D04 Signing time: Fri 22 Aug 2025 15:37:07 +0000 Manifest this update: Fri 22 Aug 2025 15:37:06 +0000 Manifest next update: Fri 29 Aug 2025 15:37:06 +0000 Files and hashes: 1: D96C0nlIVMmvzdhe-37-ScR9Lu4.crl (hash: RylGoAr3IdQwRfaINLRjzqRaXNzh23CypfV/jTlIDvw=) 2: 0DF331C28F9411EAA5E7B573C4F9AE02.roa (hash: lu8oWRNPgJxFZ7Lozlet3TlMRukqbbGr2PrraLSuCsA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:37:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3343 (0xd0f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914C33A, serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE Validity Not Before: Aug 22 15:37:06 2025 GMT Not After : Aug 29 15:37:06 2025 GMT Subject: CN=68a88ea3-c31a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d2:ca:15:0e:2f:38:59:7b:59:b1:87:ca:33: 62:b9:37:03:b3:69:c8:59:2c:16:92:1a:fa:11:54: 59:57:6f:a3:70:6d:37:31:15:85:50:3f:6a:2c:79: 7d:f5:7f:e0:e5:96:1e:72:1f:dd:f2:fc:5a:8f:2b: 1e:88:36:f7:16:21:54:ad:0e:d1:a6:2c:d5:f3:4f: c1:d0:02:7b:23:7f:bd:c6:bd:b7:3e:f8:95:28:39: 44:cc:9a:42:b7:5f:35:f8:33:05:49:87:68:24:ab: cd:f3:44:04:f7:3e:7e:66:25:af:ab:16:52:5d:53: 4d:aa:3a:ee:9d:a3:fd:ea:19:ce:02:70:ba:83:85: 40:06:27:50:8d:ad:d3:76:dd:e3:97:b2:f6:64:aa: 22:19:cf:44:c1:56:61:8c:c3:e0:9e:55:19:12:27: ac:fd:90:f2:ea:9d:e1:f5:1f:87:9d:f7:9c:fb:a2: 7b:7e:cb:f6:d3:ee:c5:de:f8:a8:6f:8c:a2:1c:ae: 39:25:77:2b:f1:0e:fa:9d:b2:3c:b9:1f:95:ad:7b: 2d:8c:67:65:23:82:77:a4:7f:f2:13:4d:b4:8d:a3: 58:88:ec:2b:56:ce:41:72:73:b6:c0:39:ef:a3:d7: 8e:b7:ed:1c:a9:bc:01:d3:b6:ee:b6:5b:98:f7:02: d9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:AB:F5:91:99:19:CD:A0:09:1A:83:81:F0:E0:FD:A3:09:CF:A7:40 X509v3 Authority Key Identifier: keyid:0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:f8:c3:b9:58:11:bd:fa:0b:3a:e5:41:66:82:89:b4:d8:bd: ec:3e:ba:d2:bd:ee:d9:46:9b:86:71:13:b5:ab:33:c9:52:49: 9d:1e:a5:c7:e0:a6:de:be:84:1b:91:b8:96:9c:ab:0a:53:e3: a9:6b:2c:b1:24:6b:05:2f:7e:03:54:1e:c7:50:25:43:f2:15: c7:a1:93:ce:de:9a:ca:12:0c:be:64:0e:3c:90:36:dc:2f:cf: 4c:10:0f:a2:4a:27:8c:fc:33:19:e2:e6:a4:9e:87:8e:9e:35: b6:a6:fc:aa:8b:4a:a4:e0:7a:d2:8e:44:90:5e:36:15:79:57: ae:f8:79:ac:4e:6b:a3:ad:be:46:e7:35:3e:0a:89:98:5f:e3: 43:44:9d:60:89:38:5e:39:a5:96:53:6f:a6:07:7c:7e:61:5e: cb:96:8d:da:40:6d:a0:62:3f:c0:3a:46:63:72:87:2a:a8:8e: 3e:8b:15:2e:8c:f8:15:a5:4e:d9:99:cf:c4:32:1e:6f:1c:b7: f2:bf:9f:a1:90:36:a5:41:c2:2d:31:03:84:fc:b5:d3:89:31: 12:e1:78:1f:d9:58:4f:df:75:44:3e:0d:50:25:04:c1:dc:a1: 3d:df:05:8f:5b:7e:ae:b4:b7:47:da:aa:db:27:ef:82:af:63: ff:9d:70:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEMzM0ExMTAvBgNVBAUTKDBGREU4MkQyNzk0ODU0QzlBRkNERDg1RUZCN0VGRTQ5 QzQ3RDJFRUUwHhcNMjUwODIyMTUzNzA2WhcNMjUwODI5MTUzNzA2WjAYMRYwFAYD VQQDEw02OGE4OGVhMy1jMzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArNLKFQ4vOFl7WbGHyjNiuTcDs2nIWSwWkhr6EVRZV2+jcG03MRWFUD9qLHl9 9X/g5ZYech/d8vxajyseiDb3FiFUrQ7RpizV80/B0AJ7I3+9xr23PviVKDlEzJpC t181+DMFSYdoJKvN80QE9z5+ZiWvqxZSXVNNqjrunaP96hnOAnC6g4VABidQja3T dt3jl7L2ZKoiGc9EwVZhjMPgnlUZEies/ZDy6p3h9R+Hnfec+6J7fsv20+7F3vio b4yiHK45JXcr8Q76nbI8uR+VrXstjGdlI4J3pH/yE020jaNYiOwrVs5BcnO2wDnv o9eOt+0cqbwB07butluY9wLZRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFur9ZGZ Gc2gCRqDgfDg/aMJz6dAMB8GA1UdIwQYMBaAFA/egtJ5SFTJr83YXvt+/knEfS7u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS84RjQ3QTlGQUU5 N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZNbXZ6ZGhlLTM3LVNjUjlM dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL0Q5NkMwbmxJVk1tdnpkaGUtMzctU2NSOUx1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QzMzQS84RjQ3QTlGQUU5N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZN bXZ6ZGhlLTM3LVNjUjlMdTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAz+MO5WBG9+gs65UFmgom02L3sPrrSve7ZRpuGcRO1qzPJUkmdHqXH 4KbevoQbkbiWnKsKU+OpayyxJGsFL34DVB7HUCVD8hXHoZPO3prKEgy+ZA48kDbc L89MEA+iSieM/DMZ4uaknoeOnjW2pvyqi0qk4HrSjkSQXjYVeVeu+HmsTmujrb5G 5zU+ComYX+NDRJ1giTheOaWWU2+mB3x+YV7Llo3aQG2gYj/AOkZjcocqqI4+ixUu jPgVpU7Zmc/EMh5vHLfyv5+hkDalQcItMQOE/LXTiTES4Xgf2VhP33VEPg1QJQTB 3KE93wWPW36utLdH2qrbJ++Cr2P/nXDi -----END CERTIFICATE-----Generated at Sat Aug 23 13:44:11 2025 by rpki-client