$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: JeWnD9P2vWUsMClffMs65CTTh+3JgOxs50+VJfGzho0= Subject key identifier: EE:2D:12:88:CE:A9:9E:08:90:C0:0B:FF:C5:0C:48:D5:A2:6B:88:48 Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 0433 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 0427 Signing time: Sat 23 Aug 2025 00:34:49 +0000 Manifest this update: Sat 23 Aug 2025 00:34:49 +0000 Manifest next update: Sat 30 Aug 2025 00:34:49 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: BkZzk+8rpPubPtp9jPTwu5s9XG7HB8yjwqpGID+3N1g=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: ciNIImuAbj1AO0K4GihG7jlhzLEKvAURaWl26eH889E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:34:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1075 (0x433) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Aug 23 00:34:49 2025 GMT Not After : Aug 30 00:34:49 2025 GMT Subject: CN=68a90ca9-d061 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:fe:09:27:c0:03:6c:af:26:bb:fb:a4:09:a2: c1:66:cd:40:7c:a4:8b:5a:63:01:89:aa:4f:10:d0: 00:4d:fd:d6:c0:59:83:7a:d9:35:0d:41:7a:30:31: db:07:c0:0c:24:3c:30:0e:1c:bd:2f:5d:8a:08:c9: c2:be:63:72:ab:fd:c2:57:06:ac:2e:2f:0f:2a:01: b3:45:1c:06:f8:10:60:62:59:c0:1d:5e:a6:1d:d5: 95:c0:85:21:01:74:4d:a3:24:98:2e:05:60:90:b0: bf:89:4b:01:08:b5:80:bd:3f:e6:1b:a8:05:6a:96: 2b:cd:1b:ce:d6:b7:c1:82:82:f4:64:96:f3:b0:18: a8:62:47:ee:51:4f:f5:f0:a2:52:45:86:18:a7:42: f4:1f:ab:25:94:f3:52:0a:aa:6d:cf:87:10:e2:fa: 20:0d:ec:32:1f:08:2d:f1:5e:bb:45:f3:81:e0:1b: 5c:3d:9b:21:43:a4:e2:f9:e9:77:d3:f6:e1:50:18: ca:c1:e2:22:5b:7d:fe:8b:9b:b1:38:23:54:62:af: a4:e7:60:08:34:6d:0e:c1:e7:85:1e:67:0c:bd:06: 67:37:df:96:52:c1:bc:92:a4:56:7f:30:9f:3f:2a: 49:83:83:de:40:d7:82:d7:13:cc:bc:b8:4d:1d:e5: 81:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:2D:12:88:CE:A9:9E:08:90:C0:0B:FF:C5:0C:48:D5:A2:6B:88:48 X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:73:e1:03:b0:ae:1c:46:48:fd:ba:4f:87:75:94:25:3b:be: 7b:92:b0:c2:d5:2b:b7:a0:e7:2e:b7:e9:88:c8:42:73:5a:10: c9:42:36:6a:2b:56:8f:50:93:78:28:3a:50:47:c7:56:d8:c1: 2a:b0:f2:44:12:ec:2d:7b:30:f5:ff:86:2e:37:6f:79:31:32: 28:30:8e:e5:02:ae:e9:d0:91:25:cb:88:f6:83:8e:ad:12:1b: 3a:9c:d6:4e:25:de:a2:16:dc:2f:6f:34:86:b7:32:fe:b6:cd: d2:9d:48:5b:d9:0f:ec:b9:0d:91:b1:d4:14:50:39:33:dd:50: 42:9a:29:eb:16:7f:bd:a7:d2:3e:8b:29:55:cb:f4:46:a3:a1: 57:8b:7c:09:c4:30:74:95:72:af:b3:f2:36:0b:ec:03:fd:71: 71:2b:78:65:1b:ba:4f:1a:26:65:88:35:dd:88:95:dd:f1:25: 12:30:20:d9:bb:c4:90:88:6d:ce:02:ae:96:85:a7:80:1e:ce: 42:ed:c3:4f:30:c4:fb:80:9a:37:f8:71:dd:d9:9e:a3:5d:b0: 0f:01:71:d2:c4:a2:b3:15:12:7e:c6:30:65:9c:b5:0c:ed:fd: 4c:dc:80:2e:b6:79:25:1d:05:35:64:86:98:8e:4b:38:74:ba: 44:b2:6b:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwODIzMDAzNDQ5WhcNMjUwODMwMDAzNDQ5WjAYMRYwFAYD VQQDEw02OGE5MGNhOS1kMDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxP4JJ8ADbK8mu/ukCaLBZs1AfKSLWmMBiapPENAATf3WwFmDetk1DUF6MDHb B8AMJDwwDhy9L12KCMnCvmNyq/3CVwasLi8PKgGzRRwG+BBgYlnAHV6mHdWVwIUh AXRNoySYLgVgkLC/iUsBCLWAvT/mG6gFapYrzRvO1rfBgoL0ZJbzsBioYkfuUU/1 8KJSRYYYp0L0H6sllPNSCqptz4cQ4vogDewyHwgt8V67RfOB4BtcPZshQ6Ti+el3 0/bhUBjKweIiW33+i5uxOCNUYq+k52AING0OweeFHmcMvQZnN9+WUsG8kqRWfzCf PypJg4PeQNeC1xPMvLhNHeWBTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO4tEojO qZ4IkMAL/8UMSNWia4hIMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMc+EDsK4cRkj9uk+HdZQlO757krDC1Su3oOcut+mIyEJzWhDJQjZq K1aPUJN4KDpQR8dW2MEqsPJEEuwtezD1/4YuN295MTIoMI7lAq7p0JEly4j2g46t Ehs6nNZOJd6iFtwvbzSGtzL+ts3SnUhb2Q/suQ2RsdQUUDkz3VBCminrFn+9p9I+ iylVy/RGo6FXi3wJxDB0lXKvs/I2C+wD/XFxK3hlG7pPGiZliDXdiJXd8SUSMCDZ u8SQiG3OAq6WhaeAHs5C7cNPMMT7gJo3+HHd2Z6jXbAPAXHSxKKzFRJ+xjBlnLUM 7f1M3IAutnklHQU1ZIaYjks4dLpEsmsP -----END CERTIFICATE-----Generated at Sat Aug 23 13:53:22 2025 by rpki-client