$ rpki-client -vvf rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft File: U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft (raw, json) Hash identifier: +uBLP8RgoqvNEpStikQE/pKiXvLjQhr50f5PDpvoOHI= Subject key identifier: A2:77:92:EF:4C:FF:F8:08:2A:F2:3A:04:53:FB:F5:D0:A0:81:3B:AB Authority key identifier: 53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B Certificate issuer: /CN=A914E070/serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B Certificate serial: 0131 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft Manifest number: 012D Signing time: Sat 23 Aug 2025 04:49:10 +0000 Manifest this update: Sat 23 Aug 2025 04:49:09 +0000 Manifest next update: Sat 30 Aug 2025 04:49:09 +0000 Files and hashes: 1: U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl (hash: XmNcd6jKsIN+S81MDMZLBaIG56+qacalVutfmB8WfY4=) 2: 3772F678BC1211EE8C54FD2EC4F9AE02.roa (hash: BVkUXHmaunafReC96ZYpGOgVThUwi3Y9iPZ+tZjaqqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:49:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 305 (0x131) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E070, serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B Validity Not Before: Aug 23 04:49:09 2025 GMT Not After : Aug 30 04:49:09 2025 GMT Subject: CN=68a94845-169d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:a0:de:bb:6c:94:18:5f:c6:f2:c5:5a:24:25: b4:00:a2:ee:7e:4f:2c:f9:3f:24:dc:f5:a4:77:22: 4e:28:48:bb:3a:d9:76:37:37:04:fd:0d:77:39:eb: 39:98:84:ef:88:e7:f8:7c:bf:43:49:06:57:f9:55: 2c:40:1d:a3:ac:07:ec:14:ee:b6:d9:35:cb:10:a1: d2:ea:d0:3f:22:b5:fc:96:73:9d:79:14:91:36:b2: 91:12:44:6f:86:16:ba:73:f4:81:36:16:9d:ff:b4: 5a:a3:b8:a3:5a:5d:34:eb:70:88:05:fa:d6:e6:62: b7:c1:41:f5:57:cc:53:27:13:b4:3f:78:ed:4d:2e: 05:9d:d7:4d:3f:cb:2b:32:1e:68:a1:42:ab:35:dd: 70:17:18:b8:f0:59:49:1a:5f:9b:f4:f3:0d:cb:4e: 2e:a1:66:aa:02:bc:d6:72:11:af:78:a0:12:8c:9f: 8d:1f:74:44:e1:da:db:c3:22:2d:b4:2b:60:71:7e: cb:a5:c5:59:44:5a:75:a8:1d:b2:04:3f:d3:2d:d3: 80:c6:6f:98:2b:fe:87:7c:ae:21:e7:0d:57:47:8d: 1d:8b:49:80:fa:d0:39:78:63:2f:09:32:4e:34:35: 85:48:48:c2:8b:0b:85:42:70:5b:cc:19:a9:00:f5: 78:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:77:92:EF:4C:FF:F8:08:2A:F2:3A:04:53:FB:F5:D0:A0:81:3B:AB X509v3 Authority Key Identifier: keyid:53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:e4:81:3b:05:33:6b:a2:48:1c:fc:2f:6c:e1:ee:7c:10:4c: 0e:81:f8:67:c2:6d:52:fa:70:c1:3d:27:d4:23:37:2d:24:3c: 27:34:76:29:7f:82:1d:da:73:29:54:c0:d9:2a:27:14:82:5f: e3:0a:03:e3:61:e3:08:d1:91:ec:80:4f:2c:1d:f4:8d:ba:77: 7b:a5:cf:1b:b0:3c:50:74:ab:1d:80:53:8b:12:c8:f9:02:7d: 7c:d6:ae:5b:0a:ff:39:41:08:b1:2d:db:95:f2:0c:42:4d:63: 0b:48:90:38:89:84:04:d2:ff:86:3b:22:d9:dc:b7:3e:98:9d: c0:d9:91:a1:20:d0:2a:f5:4d:e6:ac:87:55:80:47:29:61:77: 1f:3d:26:1b:91:c0:f9:e0:71:53:38:65:77:d3:38:3d:f3:a1: 47:e6:9b:c9:e1:fb:02:eb:0a:da:e9:a3:89:97:7f:6f:4d:da: 22:65:16:81:d6:d3:d5:29:df:50:32:6f:b9:31:74:70:80:e4: 1e:ad:97:1f:90:9e:f5:f2:19:96:2e:73:d6:5d:b7:3c:8c:d9: 79:25:b3:0f:45:4c:83:14:b4:88:ee:d3:8f:63:ca:e2:8b:41: c2:ca:6e:1d:53:ea:3d:4f:5d:11:ec:21:a1:91:d3:db:09:48: c0:97:fe:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUwNzAxMTAvBgNVBAUTKDUzOUJCNzZDOEE0Mzc5QTRERTM5OUMwNTJEMzhDMUI0 NTNBNjZGMUIwHhcNMjUwODIzMDQ0OTA5WhcNMjUwODMwMDQ0OTA5WjAYMRYwFAYD VQQDEw02OGE5NDg0NS0xNjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4qDeu2yUGF/G8sVaJCW0AKLufk8s+T8k3PWkdyJOKEi7Otl2NzcE/Q13Oes5 mITviOf4fL9DSQZX+VUsQB2jrAfsFO622TXLEKHS6tA/IrX8lnOdeRSRNrKREkRv hha6c/SBNhad/7Rao7ijWl0063CIBfrW5mK3wUH1V8xTJxO0P3jtTS4FnddNP8sr Mh5ooUKrNd1wFxi48FlJGl+b9PMNy04uoWaqArzWchGveKASjJ+NH3RE4drbwyIt tCtgcX7LpcVZRFp1qB2yBD/TLdOAxm+YK/6HfK4h5w1XR40di0mA+tA5eGMvCTJO NDWFSEjCiwuFQnBbzBmpAPV4qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKJ3ku9M //gIKvI6BFP79dCggTurMB8GA1UdIwQYMBaAFFObt2yKQ3mk3jmcBS04wbRTpm8b MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTA3MC84OUM1NTk3Q0JD MTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVhVGVPWndGTFRqQnRGT21i eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U1dTNiSXBEZWFUZU9ad0ZMVGpCdEZPbWJ4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTA3MC84OUM1NTk3Q0JDMTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVh VGVPWndGTFRqQnRGT21ieHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAv5IE7BTNrokgc/C9s4e58EEwOgfhnwm1S+nDBPSfUIzctJDwnNHYp f4Id2nMpVMDZKicUgl/jCgPjYeMI0ZHsgE8sHfSNund7pc8bsDxQdKsdgFOLEsj5 An181q5bCv85QQixLduV8gxCTWMLSJA4iYQE0v+GOyLZ3Lc+mJ3A2ZGhINAq9U3m rIdVgEcpYXcfPSYbkcD54HFTOGV30zg986FH5pvJ4fsC6wra6aOJl39vTdoiZRaB 1tPVKd9QMm+5MXRwgOQerZcfkJ718hmWLnPWXbc8jNl5JbMPRUyDFLSI7tOPY8ri i0HCym4dU+o9T10R7CGhkdPbCUjAl/5A -----END CERTIFICATE-----Generated at Sun Aug 24 01:01:59 2025 by rpki-client