$ rpki-client -vvf rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.mft File: PkLTM0oc4Yid_GfkLfYoWCGFJRk.mft (raw, json) Hash identifier: dKiiegg3nOtvK9CEqmoNUqGAGNONrtlGtco75v55hUw= Subject key identifier: E8:D3:CA:BD:A5:E9:82:54:2A:12:24:BD:CF:30:FF:F8:23:F9:79:9E Authority key identifier: 3E:42:D3:33:4A:1C:E1:88:9D:FC:67:E4:2D:F6:28:58:21:85:25:19 Certificate issuer: /CN=A915A39E/serialNumber=3E42D3334A1CE1889DFC67E42DF6285821852519 Certificate serial: 04AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PkLTM0oc4Yid_GfkLfYoWCGFJRk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.mft Manifest number: 04A8 Signing time: Sat 23 Aug 2025 00:09:08 +0000 Manifest this update: Sat 23 Aug 2025 00:09:07 +0000 Manifest next update: Sat 30 Aug 2025 00:09:07 +0000 Files and hashes: 1: PkLTM0oc4Yid_GfkLfYoWCGFJRk.crl (hash: GHyVyxZ8SU70eePFLCJJCV7i3MngCOxLLHxDDEA1vlM=) 2: 47A72A7441ED11EC9B02377AC4F9AE02.roa (hash: JRIJmi6CkdzwRl9tqXcDbUlpayemlqeCYja07bnQOys=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.crl rsync://rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PkLTM0oc4Yid_GfkLfYoWCGFJRk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:09:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1196 (0x4ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A39E, serialNumber=3E42D3334A1CE1889DFC67E42DF6285821852519 Validity Not Before: Aug 23 00:09:07 2025 GMT Not After : Aug 30 00:09:07 2025 GMT Subject: CN=68a906a3-4f49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:76:33:80:73:74:ea:b4:e5:eb:b9:89:06:62: 86:d2:0a:3b:db:75:f3:72:0d:9a:65:a0:e7:fd:09: 4a:28:e9:81:16:61:ca:52:53:2e:38:a1:ac:59:bd: 29:27:88:bb:4d:99:2c:cf:c1:69:af:03:5b:7d:0b: 59:d0:ff:dc:33:6d:bc:be:87:f4:b4:6f:e9:1d:81: e0:4e:24:46:77:53:8c:a4:1d:3f:e8:ae:0f:fa:6f: a5:f5:cc:c2:4f:e5:21:62:db:22:60:ab:9a:9f:38: 02:17:61:d2:08:62:b6:9a:09:64:32:0d:26:44:02: cc:19:8e:0a:1a:95:13:80:1f:75:34:cf:cf:31:02: f0:fc:11:d3:04:cc:aa:77:77:98:43:d3:b5:70:8a: 10:f4:00:b4:40:e9:14:5a:31:dd:50:75:87:10:e8: a0:3f:b3:af:63:de:57:4e:1a:9b:9b:08:c6:00:54: 4d:64:13:80:e0:02:18:cb:95:8e:31:1b:3d:5a:8b: cb:e3:5b:6b:1e:92:dd:af:61:48:74:4f:25:b7:aa: 99:f4:09:33:02:f8:d3:f6:a4:58:bb:d9:6a:cf:d6: de:ec:cd:1d:0f:a9:f7:29:df:4e:4a:e3:d9:87:f2: fa:94:62:ec:fb:9f:80:00:3f:76:ff:79:a1:b3:b3: 1a:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:D3:CA:BD:A5:E9:82:54:2A:12:24:BD:CF:30:FF:F8:23:F9:79:9E X509v3 Authority Key Identifier: keyid:3E:42:D3:33:4A:1C:E1:88:9D:FC:67:E4:2D:F6:28:58:21:85:25:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PkLTM0oc4Yid_GfkLfYoWCGFJRk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A39E/CA31689641E911ECB2589673C4F9AE02/PkLTM0oc4Yid_GfkLfYoWCGFJRk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:20:34:9c:d7:53:96:87:7f:46:15:e9:ac:3e:b5:0d:d2:19: 9a:b1:75:3b:a5:e2:1b:3b:ff:3d:1e:e8:37:ca:12:47:51:28: 46:fe:43:88:1d:2b:23:86:63:a5:f7:f2:45:06:9c:6d:de:42: 47:76:7b:10:e9:05:c0:8e:17:27:e3:03:9d:96:5c:2a:97:5f: 04:d4:02:8b:1b:b7:67:15:32:83:5a:93:80:b7:db:ce:49:5e: 0a:85:f3:04:b6:6d:11:cb:23:fc:7b:09:2d:62:6c:6b:c7:a2: 1e:4b:8f:7d:49:48:fb:31:40:c0:9c:c0:60:61:75:3b:62:fe: 7a:51:a8:39:89:17:6a:6d:87:9f:f6:2c:6f:0b:82:ee:e8:78: b2:ef:c5:0d:6c:74:27:40:07:9e:09:25:3d:49:ae:1f:2a:4a: 8f:de:1c:d6:b4:60:65:4f:d0:bc:a0:8c:9b:6d:db:9b:40:a9: a5:f5:46:e4:d2:42:4f:29:06:c9:5c:c4:07:7f:50:f5:9c:59: 9e:6a:7c:df:bc:33:43:4e:d8:96:ce:72:57:6c:c2:9f:d4:a7: 99:b2:cd:87:4b:34:79:8a:3c:64:5c:12:e4:28:de:bf:b9:0b: 86:54:da:94:cd:46:78:91:fb:c5:39:0f:4c:0d:84:c2:10:f6: 7c:c4:a9:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEzOUUxMTAvBgNVBAUTKDNFNDJEMzMzNEExQ0UxODg5REZDNjdFNDJERjYyODU4 MjE4NTI1MTkwHhcNMjUwODIzMDAwOTA3WhcNMjUwODMwMDAwOTA3WjAYMRYwFAYD VQQDEw02OGE5MDZhMy00ZjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9HYzgHN06rTl67mJBmKG0go723Xzcg2aZaDn/QlKKOmBFmHKUlMuOKGsWb0p J4i7TZksz8FprwNbfQtZ0P/cM228vof0tG/pHYHgTiRGd1OMpB0/6K4P+m+l9czC T+UhYtsiYKuanzgCF2HSCGK2mglkMg0mRALMGY4KGpUTgB91NM/PMQLw/BHTBMyq d3eYQ9O1cIoQ9AC0QOkUWjHdUHWHEOigP7OvY95XThqbmwjGAFRNZBOA4AIYy5WO MRs9WovL41trHpLdr2FIdE8lt6qZ9AkzAvjT9qRYu9lqz9be7M0dD6n3Kd9OSuPZ h/L6lGLs+5+AAD92/3mhs7MaBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOjTyr2l 6YJUKhIkvc8w//gj+XmeMB8GA1UdIwQYMBaAFD5C0zNKHOGInfxn5C32KFghhSUZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTM5RS9DQTMxNjg5NjQx RTkxMUVDQjI1ODk2NzNDNEY5QUUwMi9Qa0xUTTBvYzRZaWRfR2ZrTGZZb1dDR0ZK UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BrTFRNMG9jNFlpZF9HZmtMZllvV0NHRkpSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QTM5RS9DQTMxNjg5NjQxRTkxMUVDQjI1ODk2NzNDNEY5QUUwMi9Qa0xUTTBvYzRZ aWRfR2ZrTGZZb1dDR0ZKUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvIDSc11OWh39GFemsPrUN0hmasXU7peIbO/89Hug3yhJHUShG/kOI HSsjhmOl9/JFBpxt3kJHdnsQ6QXAjhcn4wOdllwql18E1AKLG7dnFTKDWpOAt9vO SV4KhfMEtm0RyyP8ewktYmxrx6IeS499SUj7MUDAnMBgYXU7Yv56Uag5iRdqbYef 9ixvC4Lu6Hiy78UNbHQnQAeeCSU9Sa4fKkqP3hzWtGBlT9C8oIybbdubQKml9Ubk 0kJPKQbJXMQHf1D1nFmeanzfvDNDTtiWznJXbMKf1KeZss2HSzR5ijxkXBLkKN6/ uQuGVNqUzUZ4kfvFOQ9MDYTCEPZ8xKmN -----END CERTIFICATE-----Generated at Sat Aug 23 22:16:46 2025 by rpki-client