$ rpki-client -vvf rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft File: 433E2CR2A-hIwAZsRFuc2NpzUNY.mft (raw, json) Hash identifier: nGi4H4WMjqCxCHSwWalLjZPnuqFwdkV3TykU9lnS/b0= Subject key identifier: DD:CD:2B:CD:33:78:C5:03:ED:9E:EA:F9:B5:AF:99:BD:2E:8D:6B:40 Authority key identifier: E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 Certificate issuer: /CN=A916C8F2/serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft Manifest number: 1D Signing time: Sat 23 Aug 2025 08:07:05 +0000 Manifest this update: Sat 23 Aug 2025 08:07:05 +0000 Manifest next update: Sat 30 Aug 2025 08:07:05 +0000 Files and hashes: 1: 433E2CR2A-hIwAZsRFuc2NpzUNY.crl (hash: U/g+5AGd0FFppW6IACPMl5U+f6U7HC3RC+kZWPIwrXU=) 2: 730C503A56C611F096620043C4F9AE02.roa (hash: m+BAyP5CIYN6CIS7MvKKiKoAky/65ZLjF2ZjJHqu8U0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C8F2, serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Validity Not Before: Aug 23 08:07:05 2025 GMT Not After : Aug 30 08:07:05 2025 GMT Subject: CN=68a976a9-c4a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:78:2d:cc:85:11:58:69:5a:c9:fb:97:fb:fe: 96:11:d7:96:35:33:1a:00:dd:c2:90:be:e8:0b:66: 0d:9e:58:0b:4c:75:59:ce:65:4e:54:1d:c1:c9:5e: 55:c8:9e:ad:7e:75:dd:3b:cf:87:60:ad:38:00:a5: 75:fb:d0:a3:48:a4:1d:2d:b3:95:23:81:c8:c4:eb: f9:6d:66:1e:f9:06:c5:ec:31:79:bc:aa:2e:82:8c: dd:0e:a8:e6:65:f3:1c:cb:93:f4:d0:64:14:58:54: c7:a3:01:0f:62:5e:1a:d1:db:19:d7:68:45:be:88: 5b:86:7c:03:54:c7:13:28:9a:b3:be:d8:9f:cc:2f: 4a:b9:6c:84:b8:fb:b2:4c:66:47:84:e2:d0:5e:b7: 87:82:44:fd:76:d9:2f:ea:e0:42:8f:57:3c:c2:1d: 6e:2b:f2:e3:2c:3d:61:36:74:b3:28:a2:39:7c:4a: 3d:ba:d1:2a:e6:04:90:4a:3a:e7:95:0a:5e:01:ce: fc:73:76:6a:f1:9d:68:d8:82:b5:41:0e:06:2e:e6: 0c:52:0a:3a:97:58:fb:5c:49:85:ec:cc:1f:90:4d: ac:c9:87:0c:90:d4:38:17:a6:a5:3e:c0:03:88:6e: 09:71:a6:b9:41:45:63:a7:9d:2e:43:fa:75:64:74: 2a:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:CD:2B:CD:33:78:C5:03:ED:9E:EA:F9:B5:AF:99:BD:2E:8D:6B:40 X509v3 Authority Key Identifier: keyid:E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:c9:91:83:ca:56:ce:58:57:cb:fa:d8:35:9e:ad:ba:a6:4e: 1b:72:93:02:c9:9c:e0:0b:6e:d0:5d:3e:00:cd:ab:7c:a4:e5: 55:96:55:87:0b:c4:08:cd:dd:4d:74:ba:9a:f2:3b:20:73:4b: a9:a7:ab:07:7a:1e:5b:b9:2b:ea:29:6a:b5:69:f5:b2:1f:28: 5a:b5:b7:83:ba:d8:73:6b:d1:f9:bf:76:b4:44:d2:6c:4a:8b: 25:af:b9:64:75:e4:c8:53:d3:9b:7e:17:4b:17:85:fb:02:25: 53:c6:3f:32:83:b0:74:08:9a:f1:e8:40:07:de:e0:7a:5e:b1: 3a:19:7f:28:50:29:68:a8:56:3d:c3:77:fb:e6:d9:f5:90:39: ac:b9:8c:b3:e5:d0:76:ed:85:76:de:70:81:d3:e6:bc:fb:3a: 65:b0:85:4c:87:55:9e:d5:84:83:32:8d:e4:c3:e3:ae:61:f4: b5:b3:f1:d8:a2:23:ac:33:c6:f7:0f:9f:1d:ba:b8:65:c2:57: 64:12:97:7a:3f:6a:70:0b:76:f9:ed:b1:18:bd:52:9c:39:ad: b1:26:fc:3b:dc:14:9d:25:3f:18:a4:6b:40:31:a1:8f:39:36: d1:43:7a:0e:60:92:d5:79:a7:95:02:a3:b8:86:f9:fb:e1:29: 80:6c:88:5f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzhGMjExMC8GA1UEBRMoRTM3REM0RDgyNDc2MDNFODQ4QzAwNjZDNDQ1QjlDRDhE QTczNTBENjAeFw0yNTA4MjMwODA3MDVaFw0yNTA4MzAwODA3MDVaMBgxFjAUBgNV BAMTDTY4YTk3NmE5LWM0YTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4eC3MhRFYaVrJ+5f7/pYR15Y1MxoA3cKQvugLZg2eWAtMdVnOZU5UHcHJXlXI nq1+dd07z4dgrTgApXX70KNIpB0ts5UjgcjE6/ltZh75BsXsMXm8qi6CjN0OqOZl 8xzLk/TQZBRYVMejAQ9iXhrR2xnXaEW+iFuGfANUxxMomrO+2J/ML0q5bIS4+7JM ZkeE4tBet4eCRP122S/q4EKPVzzCHW4r8uMsPWE2dLMoojl8Sj260SrmBJBKOueV Cl4BzvxzdmrxnWjYgrVBDgYu5gxSCjqXWPtcSYXszB+QTazJhwyQ1DgXpqU+wAOI bglxprlBRWOnnS5D+nVkdCrjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3c0rzTN4 xQPtnur5ta+ZvS6Na0AwHwYDVR0jBBgwFoAU433E2CR2A+hIwAZsRFuc2NpzUNYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDOEYyLzI4N0RFNzM2NTZD NjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1oSXdBWnNSRnVjMk5welVO WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNDMzRTJDUjJBLWhJd0Fac1JGdWMyTnB6VU5ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD OEYyLzI4N0RFNzM2NTZDNjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1o SXdBWnNSRnVjMk5welVOWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAvJkYPKVs5YV8v62DWerbqmThtykwLJnOALbtBdPgDNq3yk5VWWVYcL xAjN3U10upryOyBzS6mnqwd6Hlu5K+oparVp9bIfKFq1t4O62HNr0fm/drRE0mxK iyWvuWR15MhT05t+F0sXhfsCJVPGPzKDsHQImvHoQAfe4HpesToZfyhQKWioVj3D d/vm2fWQOay5jLPl0HbthXbecIHT5rz7OmWwhUyHVZ7VhIMyjeTD465h9LWz8dii I6wzxvcPnx26uGXCV2QSl3o/anALdvntsRi9Upw5rbEm/DvcFJ0lPxika0AxoY85 NtFDeg5gktV5p5UCo7iG+fvhKYBsiF8= -----END CERTIFICATE-----Generated at Sat Aug 23 19:00:03 2025 by rpki-client