$ rpki-client -vvf rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft File: ihHrdksVeFOdbtOykDv2H0wIAHw.mft (raw, json) Hash identifier: +0fJgHlV4sbHAIBhIG0seRA9wXCASqvReU2x9aA0rOY= Subject key identifier: EE:36:BD:9F:01:23:D9:85:1A:3B:54:0F:73:80:FB:DA:E1:F3:ED:7E Authority key identifier: 8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C Certificate issuer: /CN=A914CC0F/serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft Manifest number: 3A Signing time: Fri 22 Aug 2025 20:14:22 +0000 Manifest this update: Fri 22 Aug 2025 20:14:21 +0000 Manifest next update: Fri 29 Aug 2025 20:14:21 +0000 Files and hashes: 1: ihHrdksVeFOdbtOykDv2H0wIAHw.crl (hash: xZ7q0MmavYcHX3y6UQSDFG2FpgnAT9F3Ty3QFQphoNA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:14:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CC0F, serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Validity Not Before: Aug 22 20:14:21 2025 GMT Not After : Aug 29 20:14:21 2025 GMT Subject: CN=68a8cf9d-51b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:da:00:fe:e7:30:e0:3e:21:c5:56:ac:7c:cf: f9:a1:a9:8e:cf:98:a9:f3:a5:f8:64:27:40:ca:a5: 3c:92:54:ae:1a:ef:5b:48:57:24:8f:39:1a:a3:54: cc:c5:50:15:f4:df:9c:dc:c6:2e:d9:28:ac:88:f3: 68:1f:e2:17:d9:20:ab:d6:80:91:35:c3:f6:43:cf: a7:28:9d:72:c7:93:99:2f:3b:6e:aa:34:15:78:92: aa:b3:e0:4b:92:5a:b1:bc:76:73:cc:6c:83:0e:72: 07:07:39:b1:ce:36:9e:82:05:4c:dc:5c:f1:e9:28: ec:e9:df:69:7c:2a:b1:21:09:ae:15:4c:54:d2:ab: ea:70:8e:61:a7:84:58:8b:9d:1b:fa:b2:88:2a:b1: 5a:28:df:8d:9e:66:6a:79:a4:2a:7f:fd:c0:7b:e0: 69:88:b0:b8:be:6d:f7:60:9f:f8:7a:6b:ed:2d:c9: a9:26:5a:4c:3b:e3:0a:68:52:0b:35:cc:90:04:47: a1:f3:21:3b:98:d5:62:94:8f:cf:8e:d0:2e:4e:b6: a7:be:d7:0c:57:fa:b8:a0:9d:18:7f:e7:23:e1:b1: 86:32:d8:3b:0a:b3:6f:6d:c8:da:50:fb:1e:a2:2b: a2:0e:e1:3b:e5:ba:11:e2:92:70:86:76:34:86:a4: 53:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:36:BD:9F:01:23:D9:85:1A:3B:54:0F:73:80:FB:DA:E1:F3:ED:7E X509v3 Authority Key Identifier: keyid:8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:7d:9a:7d:3a:18:14:91:55:00:af:c7:9d:8e:1b:da:ea:10: 18:9d:31:42:2f:3b:af:fd:aa:bd:95:39:03:ae:ec:23:9f:70: 66:c5:bc:d2:c1:b6:9a:1b:0f:b2:9c:6a:aa:78:21:0b:a5:9a: 8c:2b:da:46:e0:88:af:6e:66:b2:8b:ef:df:97:f1:64:1f:84: 90:68:45:a4:f2:fe:21:99:94:18:e4:3a:39:45:5c:7e:f6:f7: 8b:43:60:db:ff:81:6a:05:00:a0:21:86:6f:8a:e6:38:3c:2e: 37:b9:36:9e:b7:2d:30:c5:b1:4c:b1:14:21:6d:00:93:a8:24: cf:b0:cf:de:e1:2f:f1:85:84:f2:c1:34:49:dc:f7:8d:b9:17: c8:9e:24:80:73:cc:5a:47:ac:e5:44:73:71:94:db:9a:e1:39: a2:0b:28:ee:67:a3:47:c9:d0:d8:e3:92:f4:73:d0:06:ad:5b: 68:22:fc:b9:ac:b6:8b:c9:fb:b2:62:b7:a2:6a:fc:ca:49:cc: 83:00:bf:92:c8:02:54:37:db:30:ac:a4:9a:e5:b4:78:b1:e6: 16:a0:2a:62:0d:f9:19:40:af:37:e9:3d:17:ad:7f:0a:47:63: 8a:8c:cc:21:c9:89:ef:a0:c5:58:7f:3a:c4:5b:a2:f4:d0:41: 38:a2:d0:04 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Q0MwRjExMC8GA1UEBRMoOEExMUVCNzY0QjE1Nzg1MzlENkVEM0IyOTAzQkY2MUY0 QzA4MDA3QzAeFw0yNTA4MjIyMDE0MjFaFw0yNTA4MjkyMDE0MjFaMBgxFjAUBgNV BAMTDTY4YThjZjlkLTUxYjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDN2gD+5zDgPiHFVqx8z/mhqY7PmKnzpfhkJ0DKpTySVK4a71tIVySPORqjVMzF UBX035zcxi7ZKKyI82gf4hfZIKvWgJE1w/ZDz6conXLHk5kvO26qNBV4kqqz4EuS WrG8dnPMbIMOcgcHObHONp6CBUzcXPHpKOzp32l8KrEhCa4VTFTSq+pwjmGnhFiL nRv6sogqsVoo342eZmp5pCp//cB74GmIsLi+bfdgn/h6a+0tyakmWkw74wpoUgs1 zJAER6HzITuY1WKUj8+O0C5Otqe+1wxX+rignRh/5yPhsYYy2DsKs29tyNpQ+x6i K6IO4TvluhHiknCGdjSGpFNVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7ja9nwEj 2YUaO1QPc4D72uHz7X4wHwYDVR0jBBgwFoAUihHrdksVeFOdbtOykDv2H0wIAHww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDQzBGLzQ5RTk5NkM0MkM2 MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZPZGJ0T3lrRHYySDB3SUFI dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaWhIcmRrc1ZlRk9kYnRPeWtEdjJIMHdJQUh3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRD QzBGLzQ5RTk5NkM0MkM2MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZP ZGJ0T3lrRHYySDB3SUFIdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK99mn06GBSRVQCvx52OG9rqEBidMUIvO6/9qr2VOQOu7COfcGbFvNLB tpobD7Kcaqp4IQulmowr2kbgiK9uZrKL79+X8WQfhJBoRaTy/iGZlBjkOjlFXH72 94tDYNv/gWoFAKAhhm+K5jg8Lje5Np63LTDFsUyxFCFtAJOoJM+wz97hL/GFhPLB NEnc9425F8ieJIBzzFpHrOVEc3GU25rhOaILKO5no0fJ0NjjkvRz0AatW2gi/Lms tovJ+7Jit6Jq/MpJzIMAv5LIAlQ32zCspJrltHix5hagKmIN+RlArzfpPRetfwpH Y4qMzCHJie+gxVh/OsRbovTQQTii0AQ= -----END CERTIFICATE-----Generated at Sat Aug 23 10:56:28 2025 by rpki-client