$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft File: 1AsQwSJMYeDTGML8YAOTeOz3LQA.mft (raw, json) Hash identifier: 2aFyB8A+kMmZ0fr7tPwgeFkD2WlO7juZuS9geDj6bgo= Subject key identifier: DB:6C:B2:9C:AC:A6:D9:2D:9D:DC:13:92:5A:9C:63:63:C6:4D:9D:23 Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0AFD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft Manifest number: 0AF5 Signing time: Fri 22 Aug 2025 19:30:21 +0000 Manifest this update: Fri 22 Aug 2025 19:30:21 +0000 Manifest next update: Fri 29 Aug 2025 19:30:21 +0000 Files and hashes: 1: 1AsQwSJMYeDTGML8YAOTeOz3LQA.crl (hash: XTikSNykhJS70xERUf8NzKIv83L6z4qTkYwh6ZVqSHc=) 2: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (hash: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2813 (0xafd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: Aug 22 19:30:21 2025 GMT Not After : Aug 29 19:30:21 2025 GMT Subject: CN=68a8c54d-ee37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1c:92:79:78:ed:13:0b:2d:51:3a:89:88:1d: b7:13:fb:d4:e5:ee:a0:9c:3d:83:56:ec:14:f2:9a: 11:a9:01:2e:79:48:0b:d9:35:69:0a:ca:d3:be:97: c6:63:4f:6c:f7:79:01:7f:af:3f:38:61:a2:c5:25: 63:f4:33:bb:5f:c8:54:4e:0f:8b:08:fe:9c:56:54: 82:c2:d7:4f:8a:9d:d7:c1:da:87:46:20:e3:32:b5: d2:41:cc:09:72:e5:bb:ea:56:dd:bb:11:9d:8f:b6: 20:39:88:ab:b5:98:e4:34:14:b7:6a:c4:d6:34:2b: 0b:46:5c:f1:a3:7a:bf:1f:30:a9:6c:3e:a5:10:02: 67:d0:9b:cf:d7:a8:20:61:9d:30:62:10:43:51:35: ca:94:58:8c:0b:1d:16:5c:98:54:ee:74:7b:cd:80: 25:2c:3d:b8:f3:2a:05:67:5b:e9:cf:67:eb:db:bd: 9e:bf:1b:3d:4c:33:b5:f2:d5:de:b8:48:98:b2:18: 9f:a7:d8:c0:46:e5:5a:b4:ec:fb:71:80:f8:fd:6e: 9a:f5:08:d6:f5:f5:53:41:91:09:27:9a:d7:73:98: d4:52:54:2e:62:64:c8:6f:4c:65:dd:bd:2b:9d:70: 64:24:64:44:6f:3b:83:66:c3:33:3f:8e:10:23:d3: 15:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:6C:B2:9C:AC:A6:D9:2D:9D:DC:13:92:5A:9C:63:63:C6:4D:9D:23 X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:a1:a9:0d:7e:88:f9:64:a8:03:1c:bd:db:28:62:bf:9b:a9: ba:7d:00:22:d6:98:81:2b:73:55:ef:8b:e2:2b:88:6f:31:8a: 1a:0f:07:a8:af:a5:5c:00:09:a6:1b:80:15:aa:ca:90:ff:52: 75:28:1c:eb:48:e3:08:ce:04:93:54:42:55:4b:44:d4:3c:70: 8d:17:0d:11:ae:48:12:e7:3b:c7:0b:f1:e2:a6:7a:71:52:f5: 8a:69:fd:d9:d6:59:79:2e:2b:3f:27:12:5a:ef:85:c4:f6:92: e8:ec:8c:8b:93:12:2a:eb:55:4a:c3:d5:53:de:fd:3a:e2:3c: ea:0e:5e:fb:82:18:05:0f:d2:f2:1b:00:bf:03:0b:5c:fe:20: c1:d0:8d:55:d1:5d:6a:ab:f8:7f:c6:aa:e9:61:71:82:7c:20: f8:49:c4:dd:a6:ac:a6:9f:c6:d1:01:dc:1f:f5:08:ea:d5:83: 00:6c:d1:a3:21:5f:24:bb:b7:20:3b:70:94:7f:96:20:57:35: a1:46:1b:4f:d6:c3:87:e2:b8:a7:6c:e4:9a:2f:96:2a:0c:72: cd:d3:37:10:f2:f0:83:25:76:5a:d2:7b:98:49:bb:14:52:e6: e4:b5:0c:d2:82:3f:53:2e:90:11:a3:a9:74:95:1e:b1:a9:b0: 83:44:8f:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCv0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUwODIyMTkzMDIxWhcNMjUwODI5MTkzMDIxWjAYMRYwFAYD VQQDEw02OGE4YzU0ZC1lZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4hySeXjtEwstUTqJiB23E/vU5e6gnD2DVuwU8poRqQEueUgL2TVpCsrTvpfG Y09s93kBf68/OGGixSVj9DO7X8hUTg+LCP6cVlSCwtdPip3XwdqHRiDjMrXSQcwJ cuW76lbduxGdj7YgOYirtZjkNBS3asTWNCsLRlzxo3q/HzCpbD6lEAJn0JvP16gg YZ0wYhBDUTXKlFiMCx0WXJhU7nR7zYAlLD248yoFZ1vpz2fr272evxs9TDO18tXe uEiYshifp9jARuVatOz7cYD4/W6a9QjW9fVTQZEJJ5rXc5jUUlQuYmTIb0xl3b0r nXBkJGREbzuDZsMzP44QI9MVnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNtsspys ptktndwTklqcY2PGTZ0jMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0MyMC84NjU3MUMxMDRFQTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVll RFRHTUw4WUFPVGVPejNMUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABoakNfoj5ZKgDHL3bKGK/m6m6fQAi1piBK3NV74viK4hvMYoaDweo r6VcAAmmG4AVqsqQ/1J1KBzrSOMIzgSTVEJVS0TUPHCNFw0RrkgS5zvHC/Hipnpx UvWKaf3Z1ll5Lis/JxJa74XE9pLo7IyLkxIq61VKw9VT3v064jzqDl77ghgFD9Ly GwC/Awtc/iDB0I1V0V1qq/h/xqrpYXGCfCD4ScTdpqymn8bRAdwf9Qjq1YMAbNGj IV8ku7cgO3CUf5YgVzWhRhtP1sOH4rinbOSaL5YqDHLN0zcQ8vCDJXZa0nuYSbsU UubktQzSgj9TLpARo6l0lR6xqbCDRI/p -----END CERTIFICATE-----Generated at Sat Aug 23 19:26:51 2025 by rpki-client