$ rpki-client -vvf rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft File: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft (raw, json) Hash identifier: 0IpIZy+j2fgUzY0Q1BCakaBhIWqn48zt87jCn04vUpM= Subject key identifier: CF:78:8E:3A:98:81:D9:33:48:F2:DB:22:3A:91:1D:A0:29:5A:72:FB Authority key identifier: D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 Certificate issuer: /CN=A9159ECD/serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft Manifest number: D6 Signing time: Fri 22 Aug 2025 23:38:31 +0000 Manifest this update: Fri 22 Aug 2025 23:38:30 +0000 Manifest next update: Fri 29 Aug 2025 23:38:30 +0000 Files and hashes: 1: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl (hash: Oeca8w5smztsx8z9BouFX0vFq6Vavgwo+PyINxMMOu8=) 2: 5A4723DA6F3C11EF8FD45F13C4F9AE02.roa (hash: kyChUBrK7l3YN4vwLMgx+ZZf43nxmdSV9d2PzrRyBN4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:38:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9159ECD, serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Validity Not Before: Aug 22 23:38:30 2025 GMT Not After : Aug 29 23:38:30 2025 GMT Subject: CN=68a8ff76-cb08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e9:09:fc:b7:a6:54:cd:e6:3c:b0:08:1f:d9: 89:e0:60:e8:19:b6:2e:f9:06:3b:49:3d:28:1b:9a: 50:90:c3:e8:9c:3a:c7:6e:91:b7:a9:9d:2b:14:97: 49:a1:fc:25:b4:77:8b:d8:c5:55:0e:63:4e:f6:ee: 6b:af:17:27:c8:38:49:08:04:c7:86:52:4f:29:71: 05:55:b5:b3:d8:8d:5a:7e:3e:88:d5:1e:25:45:0c: 5c:53:53:8a:69:d3:d3:be:2a:fc:52:11:0f:e5:f1: 5c:29:37:0a:c3:56:14:cd:6f:bd:58:cc:f2:50:df: 6b:32:e4:57:a4:36:1c:12:ca:e4:fd:df:a0:61:86: 2e:28:28:c5:29:53:08:51:21:d7:26:29:2d:14:ed: 4a:37:69:73:6c:7f:fe:92:ee:f1:cb:59:d4:90:87: 3e:a5:8b:22:0a:61:36:d2:c7:fd:17:86:b3:dc:c9: 25:9d:2b:90:91:32:9c:be:0e:b7:0c:72:b6:bc:f5: 56:e2:8e:b1:a0:c3:44:8e:ba:14:32:4f:c0:41:7c: 0b:87:f8:37:79:ba:70:97:dd:29:f6:d4:b7:09:84: df:92:48:a9:23:dd:69:eb:1f:2b:d6:91:bd:58:45: db:e6:04:4b:92:1f:1b:1e:68:b8:ba:c6:af:8e:57: ef:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:78:8E:3A:98:81:D9:33:48:F2:DB:22:3A:91:1D:A0:29:5A:72:FB X509v3 Authority Key Identifier: keyid:D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:32:55:4f:37:fd:c2:c1:7e:89:c6:c7:ef:cd:c4:d7:fd:f7: 9f:f9:d4:8b:48:c4:dd:82:35:ab:48:6c:6d:b6:f7:8f:17:14: 9d:4b:72:8c:da:13:41:1e:a6:63:df:9d:d6:01:24:89:ac:af: 7f:03:d0:a1:0b:ec:04:04:3c:aa:bc:fc:ef:9b:c0:c1:93:36: 91:69:4c:81:e5:ff:f1:17:71:ed:4c:3f:ac:8e:bb:a2:bd:26: fe:56:eb:84:4f:39:ff:04:2e:b5:08:8b:92:ad:18:bb:32:76: 17:c5:88:ee:24:df:b8:96:43:d5:cf:8f:41:dd:a9:3c:4c:b3: fe:c8:02:af:ce:ed:bb:d8:e5:bd:71:5d:b3:16:81:00:2a:50: 62:9f:a0:20:ff:7c:1e:7c:62:01:43:7a:75:33:5b:19:66:44: 8e:f5:66:4d:3d:b1:b9:b9:2f:81:7e:51:45:0b:26:1e:13:74: d4:91:5b:f7:81:95:7f:1c:df:40:0a:41:1f:1f:a4:75:56:19: 3f:b9:17:11:77:0c:ed:c3:dc:ce:61:6a:c8:a2:de:5d:09:37: 56:9e:39:89:98:06:08:3e:64:8d:33:f3:8b:42:ba:0a:f8:94: fc:b1:29:a1:41:39:c9:2e:14:fc:8f:75:a6:1b:59:15:7c:de: e5:5e:cf:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTlFQ0QxMTAvBgNVBAUTKEQ5NURBMTE3MTQxMjMwMEFCNTNCM0U0ODcwRjJGNDQx RjA2QzgxMjQwHhcNMjUwODIyMjMzODMwWhcNMjUwODI5MjMzODMwWjAYMRYwFAYD VQQDEw02OGE4ZmY3Ni1jYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqekJ/LemVM3mPLAIH9mJ4GDoGbYu+QY7ST0oG5pQkMPonDrHbpG3qZ0rFJdJ ofwltHeL2MVVDmNO9u5rrxcnyDhJCATHhlJPKXEFVbWz2I1afj6I1R4lRQxcU1OK adPTvir8UhEP5fFcKTcKw1YUzW+9WMzyUN9rMuRXpDYcEsrk/d+gYYYuKCjFKVMI USHXJiktFO1KN2lzbH/+ku7xy1nUkIc+pYsiCmE20sf9F4az3MklnSuQkTKcvg63 DHK2vPVW4o6xoMNEjroUMk/AQXwLh/g3ebpwl90p9tS3CYTfkkipI91p6x8r1pG9 WEXb5gRLkh8bHmi4usavjlfvSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM94jjqY gdkzSPLbIjqRHaApWnL7MB8GA1UdIwQYMBaAFNldoRcUEjAKtTs+SHDy9EHwbIEk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUVDRC9FRjYzODNFMjNE OUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01BcTFPejVJY1BMMFFmQnNn U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJWMmhGeFFTTUFxMU96NUljUEwwUWZCc2dTUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OUVDRC9FRjYzODNFMjNEOUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01B cTFPejVJY1BMMFFmQnNnU1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDHMlVPN/3CwX6JxsfvzcTX/fef+dSLSMTdgjWrSGxttvePFxSdS3KM 2hNBHqZj353WASSJrK9/A9ChC+wEBDyqvPzvm8DBkzaRaUyB5f/xF3HtTD+sjrui vSb+VuuETzn/BC61CIuSrRi7MnYXxYjuJN+4lkPVz49B3ak8TLP+yAKvzu272OW9 cV2zFoEAKlBin6Ag/3wefGIBQ3p1M1sZZkSO9WZNPbG5uS+BflFFCyYeE3TUkVv3 gZV/HN9ACkEfH6R1Vhk/uRcRdwztw9zOYWrIot5dCTdWnjmJmAYIPmSNM/OLQroK +JT8sSmhQTnJLhT8j3WmG1kVfN7lXs/7 -----END CERTIFICATE-----Generated at Sat Aug 23 20:30:19 2025 by rpki-client