$ rpki-client -vvf rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft File: iCJHhVdMHyPKnEOe2PVTiPamjOI.mft (raw, json) Hash identifier: ajx9nilNKgLqdAAogXOLppCxVNjWarskasU2w9pM2bU= Subject key identifier: 1B:29:31:F7:FF:AE:6D:AD:BA:FC:E5:55:98:42:FE:92:36:55:4F:C9 Authority key identifier: 88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2 Certificate issuer: /CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2 Certificate serial: 021A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft Manifest number: 0214 Signing time: Sat 23 Aug 2025 02:17:56 +0000 Manifest this update: Sat 23 Aug 2025 02:17:55 +0000 Manifest next update: Sat 30 Aug 2025 02:17:55 +0000 Files and hashes: 1: iCJHhVdMHyPKnEOe2PVTiPamjOI.crl (hash: UIkxvYsx7q10nTS1+7UHv6r3YITvtHSWcNYCS5h3+Rw=) 2: 2455276E39B311EEA6DFE66BC4F9AE02.roa (hash: i/snzsv5ugVK5M4wkOzh02txTFh9Vl9HyndyddhSqd8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:17:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 538 (0x21a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91689B7, serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2 Validity Not Before: Aug 23 02:17:55 2025 GMT Not After : Aug 30 02:17:55 2025 GMT Subject: CN=68a924d4-65d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:83:0e:e3:8c:d9:f8:62:7e:e6:62:50:64:95: f7:4f:8e:93:7f:8b:ed:7f:f1:53:1e:fc:32:1f:b8: 23:67:37:17:b6:99:eb:3e:d5:0f:e2:54:bc:20:2f: 01:0a:17:ac:03:70:6d:e9:5f:00:c3:95:25:d8:ef: 51:8e:a2:10:29:f4:21:e9:7f:1b:fa:45:73:eb:a3: 86:fb:e0:0a:0c:36:b9:6b:38:a7:fa:46:52:d8:de: 14:bb:57:f2:59:d1:9c:64:3f:c7:03:e4:5a:48:d7: 5e:80:e5:7d:1d:87:23:40:31:17:6f:a0:60:e4:1d: 5b:e0:da:ed:c5:fb:87:e0:3e:25:dc:e1:ae:bd:2e: 4a:4a:fc:ff:bb:e9:ba:6d:12:fc:e6:d2:7a:a9:f5: b4:29:47:a9:cd:61:11:dc:d9:f9:5e:92:d7:fd:ce: 81:98:76:ca:9f:ad:7a:a7:6a:2e:29:38:6c:69:7f: f9:e9:3b:1e:d3:18:71:d8:97:3d:53:7e:34:1d:89: d4:58:e2:74:73:05:a2:f5:be:35:81:66:df:7a:d4: 0f:60:22:b2:5d:d5:93:b2:d0:6e:b3:f5:30:d3:83: 8d:b5:4f:e9:ea:e7:97:95:41:fb:af:d9:2b:67:4c: 75:c1:48:d1:f0:8d:14:92:22:62:0d:91:0a:98:c8: e7:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:29:31:F7:FF:AE:6D:AD:BA:FC:E5:55:98:42:FE:92:36:55:4F:C9 X509v3 Authority Key Identifier: keyid:88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:2d:4f:0c:83:2d:76:9a:4d:92:ae:85:80:a7:dc:db:3c:92: aa:c8:44:1f:a5:5a:53:0c:25:bc:1c:7a:4f:16:21:7a:9c:6d: a2:ca:ea:fd:16:9d:92:28:8b:de:a4:de:16:07:55:6b:82:c5: 2d:fe:1c:71:12:6f:2d:d6:40:93:c0:c1:4d:d7:98:56:af:37: 8d:1f:d6:1f:de:c2:bb:57:a4:36:01:ed:62:16:bd:ae:6d:bc: 28:6d:2b:4c:a1:63:8b:6d:8f:94:b8:43:b3:25:e1:68:03:ed: 78:3e:53:ec:d6:e9:92:4c:5f:43:70:c1:bd:c6:d7:df:c8:ad: 76:a4:28:af:cc:35:18:2d:7d:ef:ca:c4:c3:b9:1c:d8:1b:98: 94:35:af:33:58:c9:2d:5a:90:98:3a:b6:cd:84:fb:2f:b8:a5: 7e:0d:57:ca:7c:52:52:da:f3:fb:da:a5:a1:d5:2f:39:15:6b: 29:78:69:7b:86:39:69:f5:73:ec:87:fb:11:7c:d5:44:4f:5e: f6:60:1e:5c:32:b2:92:6e:0f:a6:41:1c:be:d3:9e:ee:e6:8a: 8c:39:c5:4e:f1:71:73:47:63:7f:01:9c:77:0b:53:e3:67:e1: b0:1f:84:90:b7:31:2d:d7:0f:9f:13:6a:66:47:ac:11:d3:88: 66:ba:f4:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njg5QjcxMTAvBgNVBAUTKDg4MjI0Nzg1NTc0QzFGMjNDQTlDNDM5RUQ4RjU1Mzg4 RjZBNjhDRTIwHhcNMjUwODIzMDIxNzU1WhcNMjUwODMwMDIxNzU1WjAYMRYwFAYD VQQDEw02OGE5MjRkNC02NWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzIMO44zZ+GJ+5mJQZJX3T46Tf4vtf/FTHvwyH7gjZzcXtpnrPtUP4lS8IC8B ChesA3Bt6V8Aw5Ul2O9RjqIQKfQh6X8b+kVz66OG++AKDDa5azin+kZS2N4Uu1fy WdGcZD/HA+RaSNdegOV9HYcjQDEXb6Bg5B1b4NrtxfuH4D4l3OGuvS5KSvz/u+m6 bRL85tJ6qfW0KUepzWER3Nn5XpLX/c6BmHbKn616p2ouKThsaX/56Tse0xhx2Jc9 U340HYnUWOJ0cwWi9b41gWbfetQPYCKyXdWTstBus/Uw04ONtU/p6ueXlUH7r9kr Z0x1wUjR8I0UkiJiDZEKmMjnmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBspMff/ rm2tuvzlVZhC/pI2VU/JMB8GA1UdIwQYMBaAFIgiR4VXTB8jypxDntj1U4j2pozi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODlCNy9CMUU1NEFCODU2 QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5UEtuRU9lMlBWVGlQYW1q T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lDSkhoVmRNSHlQS25FT2UyUFZUaVBhbWpPSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 ODlCNy9CMUU1NEFCODU2QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5 UEtuRU9lMlBWVGlQYW1qT0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQLU8Mgy12mk2SroWAp9zbPJKqyEQfpVpTDCW8HHpPFiF6nG2iyur9 Fp2SKIvepN4WB1VrgsUt/hxxEm8t1kCTwMFN15hWrzeNH9Yf3sK7V6Q2Ae1iFr2u bbwobStMoWOLbY+UuEOzJeFoA+14PlPs1umSTF9DcMG9xtffyK12pCivzDUYLX3v ysTDuRzYG5iUNa8zWMktWpCYOrbNhPsvuKV+DVfKfFJS2vP72qWh1S85FWspeGl7 hjlp9XPsh/sRfNVET172YB5cMrKSbg+mQRy+057u5oqMOcVO8XFzR2N/AZx3C1Pj Z+GwH4SQtzEt1w+fE2pmR6wR04hmuvRi -----END CERTIFICATE-----Generated at Sat Aug 23 19:03:12 2025 by rpki-client