$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft File: 33HZn0zTs4Mms-1HyOSl35ieQvI.mft (raw, json) Hash identifier: E4pgefyADsBC/OVh6f+MLQ51BZKNQVzczPa6n+c9Olc= Subject key identifier: D1:70:39:23:49:1F:2C:5B:54:44:4E:1F:A6:C5:CB:71:8D:BD:ED:1D Authority key identifier: DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 Certificate issuer: /CN=A915A0EE/serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft Manifest number: 01AB Signing time: Sat 23 Aug 2025 03:27:45 +0000 Manifest this update: Sat 23 Aug 2025 03:27:44 +0000 Manifest next update: Sat 30 Aug 2025 03:27:44 +0000 Files and hashes: 1: 33HZn0zTs4Mms-1HyOSl35ieQvI.crl (hash: OyMHn4b2BnxXAq60uHmsMj+TnvPyMLDTgxYNbZyyEyc=) 2: 1BDBCE5013A011EE91039C41C4F9AE02.roa (hash: p/oubbOjEb8Zn+B8haVjlomp+846cFby5ixQFCvfJFE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:27:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0EE, serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Validity Not Before: Aug 23 03:27:44 2025 GMT Not After : Aug 30 03:27:44 2025 GMT Subject: CN=68a93530-a8bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:30:d2:70:97:5a:9e:20:6c:5b:e7:06:ca:27: 9b:a8:e7:d9:d9:7a:11:05:6e:9d:dc:03:e0:b9:e2: ce:28:a1:6d:40:8b:c2:81:4d:86:6b:2d:f9:cd:77: 2c:0d:27:ae:03:92:e0:a4:ef:19:b4:a7:2e:ff:ab: 23:e7:ae:08:1b:1b:34:48:64:21:98:46:5d:89:d4: bb:40:ba:e0:a5:a2:ac:36:a3:9c:2c:4c:4a:b6:f8: 26:6a:0a:13:47:d1:9e:65:0e:00:e7:7d:70:6d:ef: ee:91:bb:84:e2:90:58:bc:3c:af:58:db:c3:7e:e9: 4f:54:74:66:58:83:49:3a:a4:75:09:af:51:23:fe: 16:96:aa:53:25:6e:35:62:c3:27:fe:b5:f2:90:22: 89:c6:63:09:55:77:bd:94:74:e0:76:b9:7a:13:c4: 78:4d:48:6b:02:32:66:03:50:cf:58:9e:51:52:91: 5c:54:61:4c:a4:6c:e5:de:3d:4d:50:99:77:7f:d7: 78:2f:ec:65:cb:4a:80:45:71:3b:51:4e:6c:cd:69: 87:04:af:58:97:5a:19:d9:09:04:19:53:3d:0d:4f: 4d:1d:22:c8:06:3f:88:5d:53:22:92:02:06:2f:e5: f8:ac:6b:46:7b:62:47:b6:a3:d4:7a:d1:f5:2f:33: 78:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:70:39:23:49:1F:2C:5B:54:44:4E:1F:A6:C5:CB:71:8D:BD:ED:1D X509v3 Authority Key Identifier: keyid:DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:d4:ec:13:69:8f:09:4f:5a:3b:6d:84:01:2d:c2:1d:38:5e: bf:fb:45:2f:c2:15:d2:a2:87:75:95:a9:a8:c1:56:e5:5b:b3: ec:27:c4:9a:16:88:10:57:0a:ea:8c:e6:46:9d:68:68:33:02: 3d:d7:7d:ff:e3:07:9a:a4:72:8a:61:09:83:41:dd:25:33:ff: 63:46:7e:c8:5a:43:a0:e1:15:da:79:e4:d8:62:58:65:4a:18: 5c:38:e4:8d:e9:a6:45:66:fd:83:90:28:6e:47:81:91:0a:8e: 9c:90:14:3c:e3:86:1d:82:90:3f:72:b7:17:46:94:65:9f:ce: 99:bb:20:c6:5e:cc:41:38:7e:43:3c:b6:65:02:35:91:dd:28: 85:6b:c5:ee:7c:06:ad:9e:20:24:90:20:90:6d:9f:c8:21:10: d2:bb:35:3e:44:4f:29:93:d2:e6:ae:4a:8b:20:c7:26:39:35: 5c:6f:e9:e4:52:bb:e9:e3:d9:fe:5d:34:2a:02:2b:b6:eb:66: 0f:6b:c8:3c:dc:96:05:83:f0:fb:79:5c:ee:61:19:a9:2c:21: a4:29:f1:b5:1a:52:13:62:32:ad:a6:1b:6b:75:7c:75:70:e6: 67:ff:ac:fc:69:50:1b:ec:16:c4:26:64:ac:ce:67:81:9f:1e: f5:fa:0d:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwRUUxMTAvBgNVBAUTKERGNzFEOTlGNENEM0IzODMyNkIzRUQ0N0M4RTRBNURG OTg5RTQyRjIwHhcNMjUwODIzMDMyNzQ0WhcNMjUwODMwMDMyNzQ0WjAYMRYwFAYD VQQDEw02OGE5MzUzMC1hOGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzjDScJdaniBsW+cGyiebqOfZ2XoRBW6d3APgueLOKKFtQIvCgU2Gay35zXcs DSeuA5LgpO8ZtKcu/6sj564IGxs0SGQhmEZdidS7QLrgpaKsNqOcLExKtvgmagoT R9GeZQ4A531wbe/ukbuE4pBYvDyvWNvDfulPVHRmWINJOqR1Ca9RI/4WlqpTJW41 YsMn/rXykCKJxmMJVXe9lHTgdrl6E8R4TUhrAjJmA1DPWJ5RUpFcVGFMpGzl3j1N UJl3f9d4L+xly0qARXE7UU5szWmHBK9Yl1oZ2QkEGVM9DU9NHSLIBj+IXVMikgIG L+X4rGtGe2JHtqPUetH1LzN4fwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFwOSNJ HyxbVEROH6bFy3GNve0dMB8GA1UdIwQYMBaAFN9x2Z9M07ODJrPtR8jkpd+YnkLy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBFRS81NUM4MDNDQTA5 QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0TW1zLTFIeU9TbDM1aWVR dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMzSFpuMHpUczRNbXMtMUh5T1NsMzVpZVF2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QTBFRS81NUM4MDNDQTA5QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0 TW1zLTFIeU9TbDM1aWVRdkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAW1OwTaY8JT1o7bYQBLcIdOF6/+0UvwhXSood1lamowVblW7PsJ8Sa FogQVwrqjOZGnWhoMwI9133/4weapHKKYQmDQd0lM/9jRn7IWkOg4RXaeeTYYlhl ShhcOOSN6aZFZv2DkChuR4GRCo6ckBQ844YdgpA/crcXRpRln86ZuyDGXsxBOH5D PLZlAjWR3SiFa8XufAatniAkkCCQbZ/IIRDSuzU+RE8pk9LmrkqLIMcmOTVcb+nk Urvp49n+XTQqAiu262YPa8g83JYFg/D7eVzuYRmpLCGkKfG1GlITYjKtphtrdXx1 cOZn/6z8aVAb7BbEJmSszmeBnx71+g0Y -----END CERTIFICATE-----Generated at Sun Aug 24 08:50:02 2025 by rpki-client