$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: 7/R4Nj4aOHYmVNg7lZ2s2X2ZP3LK/78DCgdTYMwOwvI= Subject key identifier: 51:12:FC:DA:0D:14:92:39:DB:45:17:C6:B3:56:F9:EF:C4:40:6A:1B Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 048D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 0479 Signing time: Fri 22 Aug 2025 17:13:30 +0000 Manifest this update: Fri 22 Aug 2025 17:13:30 +0000 Manifest next update: Fri 29 Aug 2025 17:13:30 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: Ls0SeRXpB5gs7S2LTb1+3RVzLsJocHa/VaOPpYv4eqg=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:13:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1165 (0x48d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Aug 22 17:13:30 2025 GMT Not After : Aug 29 17:13:30 2025 GMT Subject: CN=68a8a53a-9886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:db:7c:01:27:e2:7f:c5:d0:44:5b:4a:c3:2d: 93:88:86:3a:35:55:59:c9:b3:df:25:c9:d6:68:32: f0:e7:cc:b6:f8:8f:bb:ab:d3:55:8d:b4:9b:41:d7: d0:e0:00:ad:2c:93:c7:78:01:75:13:7a:7a:6d:0d: 92:b7:c0:ee:af:49:c3:f4:45:bb:62:76:74:ba:23: 65:b2:22:b0:62:a4:fd:3c:cf:8d:0d:9a:75:b8:c3: 75:ea:80:37:24:10:d7:bf:3c:c4:30:0b:1b:18:ed: 6f:97:e8:0d:52:0f:31:1d:85:4d:39:db:a3:d3:47: 1e:83:7f:02:dd:17:34:81:58:fb:70:ef:6b:26:ed: e7:3b:57:09:83:03:4a:a5:bb:e5:e2:73:e6:9c:c7: c1:6a:4e:6c:a3:4c:ab:6a:0a:73:c7:3f:e3:9c:cf: 8f:35:b3:6b:7c:78:c3:7a:6e:ec:93:1b:b2:0f:04: 0c:fa:de:c1:9a:d2:64:17:fb:92:a0:82:0f:e1:d1: ff:eb:8e:f1:12:4e:db:f8:b1:2e:ef:6a:70:48:4c: dc:b6:08:86:4f:92:34:d6:17:40:5c:31:45:66:50: 89:17:91:fb:af:72:f8:86:fa:37:51:8f:bf:3c:88: d3:85:bb:8c:3a:14:28:dd:80:be:c7:22:5d:ee:24: 4e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:12:FC:DA:0D:14:92:39:DB:45:17:C6:B3:56:F9:EF:C4:40:6A:1B X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:f5:23:dd:3a:a1:b9:b2:a7:7f:c8:3f:33:76:e7:1b:d4:24: 99:43:22:ea:4f:50:36:cc:8b:c0:7a:43:db:08:c8:c5:a5:6f: 78:7f:73:dc:e0:be:c4:5d:c9:53:01:3e:09:2b:95:69:1d:ef: 42:b1:65:52:dc:67:c9:6a:a9:e5:6a:21:16:9c:f3:16:b0:6d: 56:3d:e5:55:50:e3:92:77:b7:e8:53:a2:b1:1e:aa:3d:8e:86: bb:ea:43:b1:be:7b:25:7f:ff:c6:ee:d7:04:c7:8b:6c:b2:9d: 82:81:c5:c0:15:64:2e:2c:4f:4e:64:35:e3:42:da:23:6a:65: e6:8e:85:d3:7b:63:3d:5c:e6:8e:09:6a:2b:31:bf:38:da:a2: ed:22:2e:a6:9f:c6:5c:7d:4b:31:f3:1b:f1:2c:28:e8:c9:7c: da:66:81:78:45:84:bd:9f:79:96:07:cf:86:8e:3b:5b:c1:8b: 6b:f6:d9:33:85:19:f9:35:a9:aa:54:40:6a:e3:0d:e8:19:29: d9:74:c7:48:45:c7:ed:de:25:ac:5a:6e:6b:fd:9b:5b:af:aa: 56:48:94:f8:8a:44:0c:32:80:a0:e1:dd:26:51:a9:40:b0:4a: 01:dc:1d:a8:f5:42:a8:57:e6:31:b3:84:1d:9a:ad:35:d8:7a: f4:a1:5b:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUwODIyMTcxMzMwWhcNMjUwODI5MTcxMzMwWjAYMRYwFAYD VQQDEw02OGE4YTUzYS05ODg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAodt8ASfif8XQRFtKwy2TiIY6NVVZybPfJcnWaDLw58y2+I+7q9NVjbSbQdfQ 4ACtLJPHeAF1E3p6bQ2St8Dur0nD9EW7YnZ0uiNlsiKwYqT9PM+NDZp1uMN16oA3 JBDXvzzEMAsbGO1vl+gNUg8xHYVNOduj00ceg38C3Rc0gVj7cO9rJu3nO1cJgwNK pbvl4nPmnMfBak5so0yragpzxz/jnM+PNbNrfHjDem7skxuyDwQM+t7BmtJkF/uS oIIP4dH/647xEk7b+LEu72pwSEzctgiGT5I01hdAXDFFZlCJF5H7r3L4hvo3UY+/ PIjThbuMOhQo3YC+xyJd7iROrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFES/NoN FJI520UXxrNW+e/EQGobMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAr9SPdOqG5sqd/yD8zducb1CSZQyLqT1A2zIvAekPbCMjFpW94f3Pc 4L7EXclTAT4JK5VpHe9CsWVS3GfJaqnlaiEWnPMWsG1WPeVVUOOSd7foU6KxHqo9 joa76kOxvnslf//G7tcEx4tssp2CgcXAFWQuLE9OZDXjQtojamXmjoXTe2M9XOaO CWorMb842qLtIi6mn8ZcfUsx8xvxLCjoyXzaZoF4RYS9n3mWB8+GjjtbwYtr9tkz hRn5NamqVEBq4w3oGSnZdMdIRcft3iWsWm5r/Ztbr6pWSJT4ikQMMoCg4d0mUalA sEoB3B2o9UKoV+Yxs4Qdmq012Hr0oVuQ -----END CERTIFICATE-----Generated at Sat Aug 23 10:40:01 2025 by rpki-client