$ rpki-client -vvf rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft File: 8kxEMhD3QcvlnQFOum7pcrXN2uc.mft (raw, json) Hash identifier: Z43rKZm87cb2hs0mcn+ls09oyJg8mg/YGg6hiUnhzB8= Subject key identifier: 9C:8E:68:9D:66:63:D5:39:A6:2F:1C:C9:C4:0E:5A:10:86:7B:73:08 Authority key identifier: F2:4C:44:32:10:F7:41:CB:E5:9D:01:4E:BA:6E:E9:72:B5:CD:DA:E7 Certificate issuer: /CN=A916B95A/serialNumber=F24C443210F741CBE59D014EBA6EE972B5CDDAE7 Certificate serial: BD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft Manifest number: BB Signing time: Thu 03 Jul 2025 06:03:07 +0000 Manifest this update: Thu 03 Jul 2025 06:03:07 +0000 Manifest next update: Thu 10 Jul 2025 06:03:07 +0000 Files and hashes: 1: 8kxEMhD3QcvlnQFOum7pcrXN2uc.crl (hash: Zf08G8RmGgWaQW8wQZ1q2f/8LEbKo/teeaLpcnGvoxo=) 2: 20A6C35C37AF11EF844EC638C4F9AE02.roa (hash: SBjUcQwgq8eYibunzuM6B0MYbh92vDqaJjZbumGPIz4=) 3: 2117AE6E37AF11EF844EC638C4F9AE02.roa (hash: rxylyIaFWofGp8fi7f1ysoxvtfFGdtzKVIc05XTsdvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.crl rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 189 (0xbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B95A, serialNumber=F24C443210F741CBE59D014EBA6EE972B5CDDAE7 Validity Not Before: Jul 3 06:03:07 2025 GMT Not After : Jul 10 06:03:07 2025 GMT Subject: CN=68661d1b-76de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:f5:f7:17:ac:24:78:a4:be:dc:8c:60:f4:c8: d0:2b:be:dd:a2:8a:64:cd:81:da:0d:68:7a:fb:d6: 89:59:60:83:4a:91:47:10:8c:c7:ed:f3:49:b8:05: 25:97:a8:31:85:66:b3:6f:97:89:ba:b2:60:89:98: 8f:c3:1c:ac:4a:b9:a7:3c:36:46:36:f9:76:16:da: 23:28:b9:5f:5b:3e:13:2b:37:7e:be:d9:8d:6b:87: 93:51:03:6a:0e:25:50:ef:b3:88:9d:32:8b:e9:cd: 8f:25:ab:a1:15:89:25:f9:18:b4:90:62:10:fb:9b: b9:75:2b:df:05:82:6a:c8:24:16:e1:0f:bf:b4:99: 8c:2f:51:cf:38:82:55:86:b8:1b:05:68:02:c3:b3: d5:5b:16:05:b6:82:5e:a4:e1:7e:68:55:83:87:2e: 56:f7:7a:b7:37:b9:a6:e7:66:f2:e4:4a:3f:63:95: c4:a1:2f:2f:b8:8c:3f:05:05:12:b0:1e:91:ab:4e: 15:5c:83:4f:a4:bc:8f:49:7f:94:1d:25:61:85:33: 0b:84:d1:2a:77:26:4c:5d:a9:cd:0d:6f:ab:2b:33: c1:f1:4d:57:06:21:ff:1b:da:89:36:cb:c9:e2:19: 5a:87:cc:b6:42:94:50:bd:b7:47:92:9a:f4:cd:38: 80:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:8E:68:9D:66:63:D5:39:A6:2F:1C:C9:C4:0E:5A:10:86:7B:73:08 X509v3 Authority Key Identifier: keyid:F2:4C:44:32:10:F7:41:CB:E5:9D:01:4E:BA:6E:E9:72:B5:CD:DA:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8kxEMhD3QcvlnQFOum7pcrXN2uc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B95A/512C705E37AE11EF8A458E37C4F9AE02/8kxEMhD3QcvlnQFOum7pcrXN2uc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:24:9b:b5:89:64:1d:9a:54:89:88:d6:7c:c1:21:c2:08:c8: 28:9c:76:c2:22:a6:48:21:63:ce:27:6c:83:c8:24:b0:76:59: ef:72:fe:e2:33:20:b3:68:56:30:55:27:08:b1:ba:02:c5:c0: 4e:b9:5b:9e:3e:aa:93:b8:d6:2c:0b:e8:95:fd:9b:13:b5:c1: 84:40:04:c2:7e:75:a6:5b:fd:c8:1e:65:3a:f2:2a:30:95:77: 7f:4f:48:4f:c2:3c:6c:97:77:dd:c1:ec:de:8d:9e:59:af:47: 4e:ef:ce:7b:76:f6:1d:de:7d:14:6c:71:55:93:06:ca:12:e7: ef:88:8f:84:3f:89:be:03:e0:99:a0:bb:50:43:68:d6:25:9d: 3b:ce:4a:7e:ef:96:8b:80:29:00:94:9b:71:14:05:02:e0:db: 6a:66:71:de:78:c2:59:88:75:6c:c3:f3:c3:c5:57:c1:e1:28: ff:7f:b1:bf:fe:3a:ba:5f:21:16:6a:d2:09:c0:95:23:6a:5e: c4:52:cc:29:78:a2:86:a8:bd:e1:03:4d:e5:91:44:ae:71:fb: e3:c6:be:0c:a7:ef:c0:40:89:63:15:39:a4:98:ff:5f:7b:2a: c4:39:05:94:30:33:75:86:93:18:f1:4c:f7:49:11:24:19:3c: e2:5f:2a:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI5NUExMTAvBgNVBAUTKEYyNEM0NDMyMTBGNzQxQ0JFNTlEMDE0RUJBNkVFOTcy QjVDRERBRTcwHhcNMjUwNzAzMDYwMzA3WhcNMjUwNzEwMDYwMzA3WjAYMRYwFAYD VQQDEw02ODY2MWQxYi03NmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwPX3F6wkeKS+3Ixg9MjQK77doopkzYHaDWh6+9aJWWCDSpFHEIzH7fNJuAUl l6gxhWazb5eJurJgiZiPwxysSrmnPDZGNvl2FtojKLlfWz4TKzd+vtmNa4eTUQNq DiVQ77OInTKL6c2PJauhFYkl+Ri0kGIQ+5u5dSvfBYJqyCQW4Q+/tJmML1HPOIJV hrgbBWgCw7PVWxYFtoJepOF+aFWDhy5W93q3N7mm52by5Eo/Y5XEoS8vuIw/BQUS sB6Rq04VXINPpLyPSX+UHSVhhTMLhNEqdyZMXanNDW+rKzPB8U1XBiH/G9qJNsvJ 4hlah8y2QpRQvbdHkpr0zTiA9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJyOaJ1m Y9U5pi8cycQOWhCGe3MIMB8GA1UdIwQYMBaAFPJMRDIQ90HL5Z0BTrpu6XK1zdrn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjk1QS81MTJDNzA1RTM3 QUUxMUVGOEE0NThFMzdDNEY5QUUwMi84a3hFTWhEM1FjdmxuUUZPdW03cGNyWE4y dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzhreEVNaEQzUWN2bG5RRk91bTdwY3JYTjJ1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Qjk1QS81MTJDNzA1RTM3QUUxMUVGOEE0NThFMzdDNEY5QUUwMi84a3hFTWhEM1Fj dmxuUUZPdW03cGNyWE4ydWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjJJu1iWQdmlSJiNZ8wSHCCMgonHbCIqZIIWPOJ2yDyCSwdlnvcv7i MyCzaFYwVScIsboCxcBOuVuePqqTuNYsC+iV/ZsTtcGEQATCfnWmW/3IHmU68iow lXd/T0hPwjxsl3fdwezejZ5Zr0dO7857dvYd3n0UbHFVkwbKEufviI+EP4m+A+CZ oLtQQ2jWJZ07zkp+75aLgCkAlJtxFAUC4NtqZnHeeMJZiHVsw/PDxVfB4Sj/f7G/ /jq6XyEWatIJwJUjal7EUswpeKKGqL3hA03lkUSucfvjxr4Mp+/AQIljFTmkmP9f eyrEOQWUMDN1hpMY8Uz3SREkGTziXyrQ -----END CERTIFICATE-----Generated at Fri Jul 4 08:43:59 2025 by rpki-client