$ rpki-client -vvf rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft File: p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft (raw, json) Hash identifier: e2YbEv5oGcOXXlIPFLnEQXUM2BboJ3kSZd0zrMPWxEI= Subject key identifier: D1:42:5C:A3:45:0B:7B:58:27:19:D8:E6:5E:8C:C3:8C:D8:B6:38:DE Authority key identifier: A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 Certificate issuer: /CN=A9165297/serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Certificate serial: 0E29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft Manifest number: 0E20 Signing time: Fri 22 Aug 2025 17:56:32 +0000 Manifest this update: Fri 22 Aug 2025 17:56:32 +0000 Manifest next update: Fri 29 Aug 2025 17:56:32 +0000 Files and hashes: 1: p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl (hash: U8EMQFN3M+Y0RIFV22PiaiKq1r3vAMYipA6UKEOHrSk=) 2: 457A00A8AF7A11E9AFF10782C4F9AE02.roa (hash: lsDHgOBln7+ddbbNwOz6PGFl2yY518xAw7ctm0LLOvg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:56:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3625 (0xe29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165297, serialNumber=A7F882C0ACC8F0D8F1DB361CD40B12606B0C68C6 Validity Not Before: Aug 22 17:56:32 2025 GMT Not After : Aug 29 17:56:32 2025 GMT Subject: CN=68a8af50-cd04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c9:5a:0c:40:0b:95:3f:57:cf:ba:84:c4:84: d4:7e:5c:29:d1:56:26:9c:be:e3:7b:cc:bd:87:7e: ea:ef:7e:c4:1c:82:18:12:9a:00:62:ae:74:f5:df: 65:1e:f0:ed:eb:6a:4f:0e:da:02:20:12:86:cd:e4: 5d:47:b9:43:b5:5c:9a:32:e1:c1:eb:23:da:5b:77: 79:62:80:81:ad:dc:16:f8:7e:9b:49:52:b1:20:ec: 41:58:b6:d8:37:d9:e1:62:86:90:4b:f4:4c:ea:e7: 2d:5d:90:bf:e0:dd:43:7d:72:bc:e1:b9:e7:f6:ca: d3:41:fa:02:ed:53:6d:fe:fb:89:03:fc:e9:59:84: 29:0f:cb:84:c9:69:bb:98:5b:c7:e4:26:29:c2:88: 9f:7e:cf:51:a3:65:65:d9:78:56:4e:86:d2:4e:97: c1:93:6a:c9:12:4d:19:e2:9a:bd:1a:24:bb:f7:7f: 73:0d:d2:28:89:2a:12:a8:8d:37:0a:df:47:d9:38: 19:5d:63:1a:24:b9:5d:5f:46:0b:00:a9:ff:ab:c3: e7:10:80:8f:d6:c8:08:62:85:e8:b7:00:ce:6c:41: 9a:be:f3:9e:98:54:a4:b1:a1:a3:8c:e3:35:56:95: 6e:ff:44:f3:53:e8:de:ca:42:29:e7:fb:13:82:b4: cc:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:42:5C:A3:45:0B:7B:58:27:19:D8:E6:5E:8C:C3:8C:D8:B6:38:DE X509v3 Authority Key Identifier: keyid:A7:F8:82:C0:AC:C8:F0:D8:F1:DB:36:1C:D4:0B:12:60:6B:0C:68:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_iCwKzI8Njx2zYc1AsSYGsMaMY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165297/4301FDBEAF6E11E9A9258067C4F9AE02/p_iCwKzI8Njx2zYc1AsSYGsMaMY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:f5:ec:d0:bd:cb:00:59:b0:66:23:8e:06:d4:9e:61:10:2b: f7:b3:7b:47:0f:24:75:76:20:9f:30:64:84:a0:ce:0d:c1:c5: c0:fb:cb:a8:e1:7b:04:20:b5:a1:62:51:6e:58:89:5d:b5:f1: e6:ff:92:30:bf:63:bb:e7:0a:1a:76:51:ff:0c:4d:7b:58:a8: 63:d1:96:fc:bd:14:81:1d:3e:94:ca:38:44:1b:b4:e5:e3:b5: bc:fc:06:d0:40:2b:bf:a6:28:6a:f8:26:c2:c7:a5:31:4c:57: 79:68:c5:8c:b7:04:27:59:ef:28:3c:13:0c:52:70:68:11:b7: e1:5e:ec:5c:d6:69:e4:7d:73:a1:da:12:9c:61:5f:5b:31:90: 01:d7:b9:9f:5a:47:dd:c6:da:0b:fc:7f:db:a5:ad:ff:26:67: 57:df:7c:9f:5f:75:12:29:c7:e8:08:90:94:8e:12:ba:c5:64: e3:29:0e:25:43:7a:e8:9c:a6:99:ab:43:71:f1:8e:f5:d5:cd: e5:1a:f1:b2:4b:96:17:63:ee:1a:21:69:ae:ff:d1:2d:23:c2: 46:17:f5:38:69:25:e4:3f:5e:91:b7:e0:ca:e4:de:52:ee:2e: da:1a:72:b6:7e:6d:a4:cd:35:3a:ff:a1:29:45:48:60:49:6a: 7e:d5:b6:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjUyOTcxMTAvBgNVBAUTKEE3Rjg4MkMwQUNDOEYwRDhGMURCMzYxQ0Q0MEIxMjYw NkIwQzY4QzYwHhcNMjUwODIyMTc1NjMyWhcNMjUwODI5MTc1NjMyWjAYMRYwFAYD VQQDEw02OGE4YWY1MC1jZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArMlaDEALlT9Xz7qExITUflwp0VYmnL7je8y9h37q737EHIIYEpoAYq509d9l HvDt62pPDtoCIBKGzeRdR7lDtVyaMuHB6yPaW3d5YoCBrdwW+H6bSVKxIOxBWLbY N9nhYoaQS/RM6uctXZC/4N1DfXK84bnn9srTQfoC7VNt/vuJA/zpWYQpD8uEyWm7 mFvH5CYpwoiffs9Ro2Vl2XhWTobSTpfBk2rJEk0Z4pq9GiS7939zDdIoiSoSqI03 Ct9H2TgZXWMaJLldX0YLAKn/q8PnEICP1sgIYoXotwDObEGavvOemFSksaGjjOM1 VpVu/0TzU+jeykIp5/sTgrTMkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFCXKNF C3tYJxnY5l6Mw4zYtjjeMB8GA1UdIwQYMBaAFKf4gsCsyPDY8ds2HNQLEmBrDGjG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTI5Ny80MzAxRkRCRUFG NkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThOangyelljMUFzU1lHc01h TVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BfaUN3S3pJOE5qeDJ6WWMxQXNTWUdzTWFNWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTI5Ny80MzAxRkRCRUFGNkUxMUU5QTkyNTgwNjdDNEY5QUUwMi9wX2lDd0t6SThO angyelljMUFzU1lHc01hTVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDH9ezQvcsAWbBmI44G1J5hECv3s3tHDyR1diCfMGSEoM4NwcXA+8uo 4XsEILWhYlFuWIldtfHm/5Iwv2O75woadlH/DE17WKhj0Zb8vRSBHT6UyjhEG7Tl 47W8/AbQQCu/pihq+CbCx6UxTFd5aMWMtwQnWe8oPBMMUnBoEbfhXuxc1mnkfXOh 2hKcYV9bMZAB17mfWkfdxtoL/H/bpa3/JmdX33yfX3USKcfoCJCUjhK6xWTjKQ4l Q3ronKaZq0Nx8Y711c3lGvGyS5YXY+4aIWmu/9EtI8JGF/U4aSXkP16Rt+DK5N5S 7i7aGnK2fm2kzTU6/6EpRUhgSWp+1bY0 -----END CERTIFICATE-----Generated at Sat Aug 23 19:11:15 2025 by rpki-client