$ rpki-client -vvf rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.mft File: 2RBlAbU10PfK1XyOenR8oGnQTVk.mft (raw, json) Hash identifier: /2y5J9m3cXVkhPOsWC5bj3y54XhOzY05M9pQ3az5LXQ= Subject key identifier: C3:85:D7:44:B0:48:38:97:1A:27:90:F8:D4:30:77:9E:6D:EC:6B:2B Authority key identifier: D9:10:65:01:B5:35:D0:F7:CA:D5:7C:8E:7A:74:7C:A0:69:D0:4D:59 Certificate issuer: /CN=A916FACB/serialNumber=D9106501B535D0F7CAD57C8E7A747CA069D04D59 Certificate serial: 03E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2RBlAbU10PfK1XyOenR8oGnQTVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.mft Manifest number: 03DD Signing time: Sat 23 Aug 2025 00:48:11 +0000 Manifest this update: Sat 23 Aug 2025 00:48:10 +0000 Manifest next update: Sat 30 Aug 2025 00:48:10 +0000 Files and hashes: 1: 2RBlAbU10PfK1XyOenR8oGnQTVk.crl (hash: ljK5rozvrC7yYC9Wpf6wxN9Lpr/lCucFhT6+XaT872w=) 2: 97D35382924311EC927C972FC4F9AE02.roa (hash: F5cT4m4LGvhZopgIl7MS1o33/eaQaKX2bSwBB1GnJYA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.crl rsync://rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2RBlAbU10PfK1XyOenR8oGnQTVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:48:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 993 (0x3e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916FACB, serialNumber=D9106501B535D0F7CAD57C8E7A747CA069D04D59 Validity Not Before: Aug 23 00:48:10 2025 GMT Not After : Aug 30 00:48:10 2025 GMT Subject: CN=68a90fcb-b649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:de:6b:cb:e8:88:a4:3d:4a:d7:e9:15:b2:a1: 93:15:0e:aa:32:76:95:5a:02:90:62:e4:95:95:51: 42:fe:a2:6c:93:c1:c9:f2:75:2a:ed:15:19:9e:6d: 9e:19:70:5d:bd:29:ab:8a:5c:84:dc:43:9b:e5:a0: 0c:dd:41:0e:7a:d5:32:32:8f:29:0e:44:2b:b3:36: f5:b3:59:b3:c9:8d:4a:77:d9:7e:9a:5d:26:43:b9: 1e:45:b0:a8:0c:f4:75:9e:1b:bd:81:17:02:bf:a2: 0f:d6:8a:b7:9b:f6:18:48:e7:1e:52:1b:9a:b4:ab: e4:a0:19:b5:78:b1:2f:1b:b5:e4:a5:d8:0a:aa:5f: 91:85:d9:8b:81:b9:81:23:82:aa:96:1a:03:7b:bd: 08:55:b3:2a:2d:75:0e:bd:c7:2a:dd:f6:d5:6b:d5: e0:26:f2:ce:fe:8b:a9:b9:9d:42:cd:d6:e0:db:75: f2:33:25:23:1c:e1:05:15:86:23:7b:7f:62:6c:c5: d3:ca:f8:09:01:af:fe:9f:c8:63:67:f6:f9:7f:94: fa:e8:7a:a7:fa:39:4a:9c:7d:5a:27:83:6b:fb:a8: ae:51:96:fc:a3:81:49:bc:e1:19:97:64:4b:93:1b: eb:72:dd:23:0e:10:da:f3:9d:4e:9f:72:6b:8e:c5: ab:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:85:D7:44:B0:48:38:97:1A:27:90:F8:D4:30:77:9E:6D:EC:6B:2B X509v3 Authority Key Identifier: keyid:D9:10:65:01:B5:35:D0:F7:CA:D5:7C:8E:7A:74:7C:A0:69:D0:4D:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2RBlAbU10PfK1XyOenR8oGnQTVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916FACB/F5598D08924011ECBED4DA2CC4F9AE02/2RBlAbU10PfK1XyOenR8oGnQTVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:fb:80:b6:d9:9a:ee:d7:0f:51:61:c9:00:6f:d3:03:7c:6f: d2:eb:c2:c6:10:84:84:7f:99:ca:3d:f2:b5:9b:ee:50:56:3f: 19:66:b1:1d:3e:fe:7f:e1:ae:da:bb:03:c7:1b:c4:02:a4:79: 9e:77:44:f9:5c:3f:17:51:ef:f0:b4:7b:e2:75:d3:bd:48:ad: 78:ca:87:51:b6:d1:85:68:2c:e4:c8:6c:cf:08:ac:58:47:85: a3:61:f3:a7:39:b6:9c:73:de:86:af:4a:b0:e3:ce:95:d2:11: 94:68:c9:18:3e:6c:35:87:98:33:25:4b:df:16:85:d8:f0:d5: ba:66:15:7d:79:14:6f:59:6e:bb:1b:39:76:e0:d4:80:1a:88: 67:5d:1d:4d:41:9e:1d:78:05:4d:07:74:57:a8:2f:e8:ea:2b: 25:e1:3f:5f:ac:2a:9d:d1:f1:c4:e1:96:b1:1c:75:b4:aa:ce: 86:ee:8f:2f:a0:64:27:c4:7b:e7:f8:8d:00:20:95:96:9a:dd: 58:2e:b0:35:b7:ae:94:c4:d4:87:eb:a8:c4:24:66:29:2f:39: d5:a2:d2:ad:6c:27:3d:54:02:ea:a6:f9:c9:29:b0:7b:11:6b: 30:4f:ed:00:b0:71:d9:9d:ce:a5:20:60:12:a1:ee:ad:dc:6d: 83:ce:f8:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkZBQ0IxMTAvBgNVBAUTKEQ5MTA2NTAxQjUzNUQwRjdDQUQ1N0M4RTdBNzQ3Q0Ew NjlEMDRENTkwHhcNMjUwODIzMDA0ODEwWhcNMjUwODMwMDA0ODEwWjAYMRYwFAYD VQQDEw02OGE5MGZjYi1iNjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvN5ry+iIpD1K1+kVsqGTFQ6qMnaVWgKQYuSVlVFC/qJsk8HJ8nUq7RUZnm2e GXBdvSmrilyE3EOb5aAM3UEOetUyMo8pDkQrszb1s1mzyY1Kd9l+ml0mQ7keRbCo DPR1nhu9gRcCv6IP1oq3m/YYSOceUhuatKvkoBm1eLEvG7XkpdgKql+RhdmLgbmB I4KqlhoDe70IVbMqLXUOvccq3fbVa9XgJvLO/oupuZ1Czdbg23XyMyUjHOEFFYYj e39ibMXTyvgJAa/+n8hjZ/b5f5T66Hqn+jlKnH1aJ4Nr+6iuUZb8o4FJvOEZl2RL kxvrct0jDhDa851On3JrjsWrTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOF10Sw SDiXGieQ+NQwd55t7GsrMB8GA1UdIwQYMBaAFNkQZQG1NdD3ytV8jnp0fKBp0E1Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RkFDQi9GNTU5OEQwODky NDAxMUVDQkVENERBMkNDNEY5QUUwMi8yUkJsQWJVMTBQZksxWHlPZW5SOG9HblFU VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJSQmxBYlUxMFBmSzFYeU9lblI4b0duUVRWay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RkFDQi9GNTU5OEQwODkyNDAxMUVDQkVENERBMkNDNEY5QUUwMi8yUkJsQWJVMTBQ ZksxWHlPZW5SOG9HblFUVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCc+4C22Zru1w9RYckAb9MDfG/S68LGEISEf5nKPfK1m+5QVj8ZZrEd Pv5/4a7auwPHG8QCpHmed0T5XD8XUe/wtHviddO9SK14yodRttGFaCzkyGzPCKxY R4WjYfOnObacc96Gr0qw486V0hGUaMkYPmw1h5gzJUvfFoXY8NW6ZhV9eRRvWW67 Gzl24NSAGohnXR1NQZ4deAVNB3RXqC/o6isl4T9frCqd0fHE4ZaxHHW0qs6G7o8v oGQnxHvn+I0AIJWWmt1YLrA1t66UxNSH66jEJGYpLznVotKtbCc9VALqpvnJKbB7 EWswT+0AsHHZnc6lIGASoe6t3G2DzviT -----END CERTIFICATE-----Generated at Sat Aug 23 19:04:08 2025 by rpki-client