$ rpki-client -vvf rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft File: sDQcND_hUl92ySmWEMoOeOk-h8M.mft (raw, json) Hash identifier: BMBwU7RbGYD1xE2OZy9UJ5YGCx/fI6e8Ez+8Ut5bjVU= Subject key identifier: C6:54:B2:CD:F9:2A:1D:65:3E:B7:C7:EC:A9:7E:93:CD:DE:8A:8B:B8 Authority key identifier: B0:34:1C:34:3F:E1:52:5F:76:C9:29:96:10:CA:0E:78:E9:3E:87:C3 Certificate issuer: /CN=A9167FBA/serialNumber=B0341C343FE1525F76C9299610CA0E78E93E87C3 Certificate serial: 53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft Manifest number: 52 Signing time: Sat 23 Aug 2025 07:31:16 +0000 Manifest this update: Sat 23 Aug 2025 07:31:16 +0000 Manifest next update: Sat 30 Aug 2025 07:31:16 +0000 Files and hashes: 1: sDQcND_hUl92ySmWEMoOeOk-h8M.crl (hash: 6zJwDDu+o85osniSVreirNttMDlLh/7Na9jYtLOt7BY=) 2: F4B92E1C05A111F082D17325C4F9AE02.roa (hash: kGx1CJpE3cHBsf4M7cgjGHBrxKAD0rzUUv2UM3HRfTY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.crl rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167FBA, serialNumber=B0341C343FE1525F76C9299610CA0E78E93E87C3 Validity Not Before: Aug 23 07:31:16 2025 GMT Not After : Aug 30 07:31:16 2025 GMT Subject: CN=68a96e44-163e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:55:37:47:9c:76:3c:1a:0b:8c:38:e5:aa:bc: 28:9e:cb:4b:32:c7:a0:8e:3f:aa:09:99:ec:00:bd: 00:3f:b2:c2:91:96:1c:e8:3a:68:ee:4a:57:32:a2: 68:1e:39:b7:63:57:f5:2c:07:14:87:ea:a6:c2:0f: 77:b4:c5:af:bf:13:71:17:ed:4e:61:fc:f2:da:26: 58:d1:34:2a:84:ee:1d:2d:4f:ee:7b:d4:2c:53:58: d5:cf:30:6b:33:cb:92:f0:68:d1:61:ca:12:03:8c: 58:dd:59:c7:78:61:df:dd:b6:63:79:54:60:10:0c: 2d:5e:83:4d:cc:ed:0e:66:4b:43:3f:5a:4f:12:30: 95:cc:0e:48:9d:39:3e:d6:e9:d2:14:90:af:57:c4: 86:06:ba:22:f4:bd:f7:07:56:95:ed:47:6f:e3:82: ba:2f:38:eb:3d:d7:02:d3:9f:1d:3c:2a:bb:03:18: 5a:58:05:05:37:70:f4:50:e0:54:c7:3f:26:93:91: 6f:9b:e2:3f:6b:cc:ed:1c:a7:1e:2b:0f:4e:96:b6: 69:7d:6c:f3:9e:c9:e3:67:0d:20:b5:44:f6:e5:2b: 2e:1d:3f:ab:2d:06:d6:60:44:2e:87:99:ae:be:7a: d3:70:4a:b7:6c:4d:48:44:d0:2b:f4:45:b1:93:89: a2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:54:B2:CD:F9:2A:1D:65:3E:B7:C7:EC:A9:7E:93:CD:DE:8A:8B:B8 X509v3 Authority Key Identifier: keyid:B0:34:1C:34:3F:E1:52:5F:76:C9:29:96:10:CA:0E:78:E9:3E:87:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sDQcND_hUl92ySmWEMoOeOk-h8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167FBA/42FC3D8A048F11F0872E8547C4F9AE02/sDQcND_hUl92ySmWEMoOeOk-h8M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:bc:cf:db:e0:69:02:38:72:5d:0f:e0:e5:d1:3c:ca:d2:ee: 3a:d6:1e:8d:c9:15:cb:97:a1:37:9c:e3:da:00:c4:a2:ac:86: a6:99:a7:45:05:4e:18:d9:3c:54:86:be:e5:31:6a:73:eb:44: 86:d1:fe:f3:22:82:9f:23:e8:d0:e6:9c:ab:d4:c5:40:8b:97: e8:ba:83:da:6e:2c:c0:4b:02:f6:ab:cf:cc:8c:33:b0:71:cb: 68:aa:fc:68:ad:f3:8d:5f:4c:01:b4:8e:8b:05:48:46:a3:40: ba:1c:c4:52:4e:2f:a0:ee:45:57:26:f3:d9:ed:83:24:27:9b: 39:16:70:25:37:0f:c5:4b:03:94:d0:ea:86:7b:b1:15:db:e5: bb:b4:6e:72:de:af:0a:44:fa:c4:67:f6:02:94:8d:bb:1f:be: fd:db:44:e6:1e:12:f3:dc:9f:7f:bd:2b:a1:41:b2:c8:ee:4b: d4:02:7d:22:fe:d8:f0:b5:e9:38:89:22:22:bb:45:49:08:87: 1e:33:21:39:bf:2c:d1:00:5b:d9:0a:9a:14:49:7f:36:a2:1c: 89:8a:c4:52:4f:1f:37:b9:2d:99:68:ec:72:55:0e:85:ce:cd: 3c:cc:21:e5:af:8f:c9:c0:02:ce:fd:20:3d:bd:49:63:26:69: 9d:6f:b0:a3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 N0ZCQTExMC8GA1UEBRMoQjAzNDFDMzQzRkUxNTI1Rjc2QzkyOTk2MTBDQTBFNzhF OTNFODdDMzAeFw0yNTA4MjMwNzMxMTZaFw0yNTA4MzAwNzMxMTZaMBgxFjAUBgNV BAMTDTY4YTk2ZTQ0LTE2M2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoVTdHnHY8GguMOOWqvCiey0syx6COP6oJmewAvQA/ssKRlhzoOmjuSlcyomge ObdjV/UsBxSH6qbCD3e0xa+/E3EX7U5h/PLaJljRNCqE7h0tT+571CxTWNXPMGsz y5LwaNFhyhIDjFjdWcd4Yd/dtmN5VGAQDC1eg03M7Q5mS0M/Wk8SMJXMDkidOT7W 6dIUkK9XxIYGuiL0vfcHVpXtR2/jgrovOOs91wLTnx08KrsDGFpYBQU3cPRQ4FTH PyaTkW+b4j9rzO0cpx4rD06Wtml9bPOeyeNnDSC1RPblKy4dP6stBtZgRC6Hma6+ etNwSrdsTUhE0Cv0RbGTiaLbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxlSyzfkq HWU+t8fsqX6Tzd6Ki7gwHwYDVR0jBBgwFoAUsDQcND/hUl92ySmWEMoOeOk+h8Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3RkJBLzQyRkMzRDhBMDQ4 RjExRjA4NzJFODU0N0M0RjlBRTAyL3NEUWNORF9oVWw5MnlTbVdFTW9PZU9rLWg4 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvc0RRY05EX2hVbDkyeVNtV0VNb09lT2staDhNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3 RkJBLzQyRkMzRDhBMDQ4RjExRjA4NzJFODU0N0M0RjlBRTAyL3NEUWNORF9oVWw5 MnlTbVdFTW9PZU9rLWg4TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALe8z9vgaQI4cl0P4OXRPMrS7jrWHo3JFcuXoTec49oAxKKshqaZp0UF ThjZPFSGvuUxanPrRIbR/vMigp8j6NDmnKvUxUCLl+i6g9puLMBLAvarz8yMM7Bx y2iq/Git841fTAG0josFSEajQLocxFJOL6DuRVcm89ntgyQnmzkWcCU3D8VLA5TQ 6oZ7sRXb5bu0bnLerwpE+sRn9gKUjbsfvv3bROYeEvPcn3+9K6FBssjuS9QCfSL+ 2PC16TiJIiK7RUkIhx4zITm/LNEAW9kKmhRJfzaiHImKxFJPHze5LZlo7HJVDoXO zTzMIeWvj8nAAs79ID29SWMmaZ1vsKM= -----END CERTIFICATE-----Generated at Sat Aug 23 10:39:20 2025 by rpki-client