$ rpki-client -vvf rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft File: U3pyvmM5N4xMTSlwK-12dczMFGo.mft (raw, json) Hash identifier: 7w5G8gkgUKUxHul/j/lz4ATtfqKs1uBN2AfGL1wJ9fk= Subject key identifier: D1:11:94:9D:F3:00:36:0C:8E:9F:E6:DB:49:16:80:DB:E4:CF:BA:0C Authority key identifier: 53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A Certificate issuer: /CN=A916EB98/serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Certificate serial: 0BB1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft Manifest number: 0BAA Signing time: Fri 22 Aug 2025 19:05:34 +0000 Manifest this update: Fri 22 Aug 2025 19:05:34 +0000 Manifest next update: Fri 29 Aug 2025 19:05:34 +0000 Files and hashes: 1: U3pyvmM5N4xMTSlwK-12dczMFGo.crl (hash: PsScPcAuvnHHbpCVI4J2BYtx0Jk76Z27Nf+pVL3FhZ0=) 2: DD716A222ACC11EAAB36B444C4F9AE02.roa (hash: 9YLAXbZ28k13vNilzcTMcnMd0WVPI4XdwJeol/Aq30I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:05:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2993 (0xbb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EB98, serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Validity Not Before: Aug 22 19:05:34 2025 GMT Not After : Aug 29 19:05:34 2025 GMT Subject: CN=68a8bf7e-f574 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f6:01:16:66:76:14:53:ce:07:e1:2d:62:78: ed:a3:a3:ee:91:9b:be:9a:f3:a2:6a:b1:73:0c:11: b1:2a:56:24:08:e8:c9:07:45:10:db:be:85:e8:cb: b2:ea:2e:f8:f0:72:62:c4:93:4e:de:cf:98:e6:04: d5:2e:1a:5f:6d:6c:3c:fb:db:cb:31:ee:33:6b:63: 6f:f2:84:5c:4e:7f:21:f8:fe:3b:99:ab:c9:df:ee: 03:a3:5b:b2:bc:b3:ae:ed:d7:f6:99:9b:af:14:65: 01:6f:63:e2:ca:2f:b6:8d:77:7a:17:95:e4:08:b8: b2:d9:ef:cd:46:3b:fc:4b:2a:2f:c1:16:1f:09:d1: 77:f3:b4:64:1b:5c:9d:65:dc:d9:6c:b3:c8:49:75: 53:f6:ab:33:cd:bd:bc:a1:10:af:54:aa:bb:61:e4: b6:dc:6c:11:5d:07:99:cf:2d:f8:f0:7e:58:dc:a2: e7:01:04:95:2e:85:21:ad:4a:ab:da:76:5b:cc:b2: ee:27:a7:79:55:b5:69:20:46:96:6e:b8:8c:68:fa: e9:03:11:07:cf:fa:c7:80:a6:ef:ee:30:48:fb:db: 2f:61:a2:a1:9b:6b:5a:21:2f:52:14:a2:06:4c:e0: 1f:78:be:a6:df:06:13:47:4b:12:78:ba:75:45:e8: 8b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:11:94:9D:F3:00:36:0C:8E:9F:E6:DB:49:16:80:DB:E4:CF:BA:0C X509v3 Authority Key Identifier: keyid:53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:88:b4:69:30:28:90:b4:e9:33:f1:a9:9b:f7:8a:c6:4a:1d: 71:0d:a7:dd:77:4a:c1:f8:06:df:7d:00:09:dd:f7:ee:74:d7: 25:38:bb:6b:08:fe:1e:4c:d8:a5:1d:c8:6c:e0:ca:cc:e7:fc: 77:6d:f5:3e:72:e9:cf:6b:ef:41:4d:13:7a:16:f2:a7:ba:41: 9e:96:d8:36:90:61:3b:73:07:06:d4:37:81:4a:8d:1a:ec:4e: 63:20:ef:c9:49:08:dc:00:1c:51:8a:f9:48:5b:f1:6e:2a:6c: eb:77:c7:07:36:1d:7b:dd:b2:a6:2a:4b:32:bb:2a:77:af:32: 6d:9f:2c:04:36:5b:7c:a0:15:f3:45:a2:5d:a0:17:f5:b0:ce: 40:4f:69:a5:8d:f5:18:9e:3d:bc:f3:98:19:5e:1a:f5:03:e6: 19:a7:ad:fd:64:c1:35:e6:76:3c:6c:af:c0:3c:58:a2:c7:69: cf:16:5e:a4:26:c9:69:97:53:f9:72:4c:19:8e:c5:cd:b2:1d: de:a5:74:be:61:c8:83:05:bd:d0:89:76:35:97:be:5a:7f:1a: d7:af:33:d7:ba:4b:25:29:d5:b7:e4:65:51:b7:2a:b8:5a:26: 39:57:aa:8b:88:6a:ec:f4:97:eb:a4:03:7f:1a:ef:e8:c7:ac: 4a:3b:43:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVCOTgxMTAvBgNVBAUTKDUzN0E3MkJFNjMzOTM3OEM0QzREMjk3MDJCRUQ3Njc1 Q0NDQzE0NkEwHhcNMjUwODIyMTkwNTM0WhcNMjUwODI5MTkwNTM0WjAYMRYwFAYD VQQDEw02OGE4YmY3ZS1mNTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy/YBFmZ2FFPOB+EtYnjto6PukZu+mvOiarFzDBGxKlYkCOjJB0UQ276F6Muy 6i748HJixJNO3s+Y5gTVLhpfbWw8+9vLMe4za2Nv8oRcTn8h+P47mavJ3+4Do1uy vLOu7df2mZuvFGUBb2Piyi+2jXd6F5XkCLiy2e/NRjv8SyovwRYfCdF387RkG1yd ZdzZbLPISXVT9qszzb28oRCvVKq7YeS23GwRXQeZzy348H5Y3KLnAQSVLoUhrUqr 2nZbzLLuJ6d5VbVpIEaWbriMaPrpAxEHz/rHgKbv7jBI+9svYaKhm2taIS9SFKIG TOAfeL6m3wYTR0sSeLp1ReiLPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNERlJ3z ADYMjp/m20kWgNvkz7oMMB8GA1UdIwQYMBaAFFN6cr5jOTeMTE0pcCvtdnXMzBRq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUI5OC9CMEZDMzVEQzJB Q0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40eE1UU2x3Sy0xMmRjek1G R28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzcHl2bU01TjR4TVRTbHdLLTEyZGN6TUZHby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RUI5OC9CMEZDMzVEQzJBQ0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40 eE1UU2x3Sy0xMmRjek1GR28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYiLRpMCiQtOkz8amb94rGSh1xDafdd0rB+AbffQAJ3ffudNclOLtr CP4eTNilHchs4MrM5/x3bfU+cunPa+9BTRN6FvKnukGeltg2kGE7cwcG1DeBSo0a 7E5jIO/JSQjcABxRivlIW/FuKmzrd8cHNh173bKmKksyuyp3rzJtnywENlt8oBXz RaJdoBf1sM5AT2mljfUYnj2885gZXhr1A+YZp639ZME15nY8bK/APFiix2nPFl6k Jslpl1P5ckwZjsXNsh3epXS+YciDBb3QiXY1l75afxrXrzPXukslKdW35GVRtyq4 WiY5V6qLiGrs9JfrpAN/Gu/ox6xKO0OW -----END CERTIFICATE-----Generated at Sat Aug 23 17:28:47 2025 by rpki-client