$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft File: Psexptohoad1gV0cv-cjFLipXdk.mft (raw, json) Hash identifier: cDYKQK/lTulGy4UMGjbfD4yY8MtnVtEU3maWRv17N6w= Subject key identifier: AE:43:03:36:87:E3:C3:E5:92:84:36:23:61:8F:BE:D5:99:1B:DF:15 Authority key identifier: 3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 Certificate issuer: /CN=A9170DA5/serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft Manifest number: 1D Signing time: Sat 23 Aug 2025 08:07:37 +0000 Manifest this update: Sat 23 Aug 2025 08:07:36 +0000 Manifest next update: Sat 30 Aug 2025 08:07:36 +0000 Files and hashes: 1: Psexptohoad1gV0cv-cjFLipXdk.crl (hash: SMI8QIy6AilLL+m2z7Ck0WQb6u8ovlRz18RV8aDx/MU=) 2: F99E9E78571B11F093AD0C10C4F9AE02.roa (hash: Ntdzzur1e7UcFcIFXVyf4NefmktAA4cSP3KFPUhWals=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:07:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Validity Not Before: Aug 23 08:07:36 2025 GMT Not After : Aug 30 08:07:36 2025 GMT Subject: CN=68a976c8-1aec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:72:f2:82:94:b6:80:69:76:23:da:82:37:a2: f4:b0:ec:fe:56:ef:24:5c:a2:1d:75:18:57:c7:63: 33:b9:fe:2d:a0:e0:56:5c:26:9e:ad:78:72:3d:d2: d7:60:3e:be:d8:36:2c:7f:36:a6:75:55:49:c3:4f: 10:7a:91:c7:d1:98:11:52:2e:50:e2:b4:f1:23:90: ef:90:7b:57:63:69:cb:25:f2:64:c8:a3:03:47:a9: c3:aa:11:4e:e8:bc:c2:1c:c1:8a:ad:28:9d:bd:54: 9e:2e:8f:12:c5:11:48:34:8d:1e:ab:d4:d5:df:7f: 94:50:6f:84:8a:88:18:69:d7:6e:19:f2:5e:80:f0: 58:02:d1:04:2b:04:65:33:74:a0:7d:1e:aa:dc:f7: ad:13:d5:f2:3b:5f:4c:d6:92:b5:eb:9a:cf:4e:1e: ce:0f:d8:ed:8d:29:3a:2d:60:33:cb:63:44:f1:7e: 2a:da:2f:a4:7d:38:00:4f:c8:31:86:b7:af:ae:e8: 33:de:2c:a6:76:8d:f3:ba:cc:31:64:68:a0:ee:92: 61:b9:16:5c:8e:55:09:58:9b:ba:d8:b5:cf:d6:2f: 0e:59:72:1c:db:0e:dd:6c:c0:cf:74:94:35:ba:a0: 8e:c4:0c:b8:68:fb:c7:0f:a9:73:bf:3b:83:e3:5a: d3:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:43:03:36:87:E3:C3:E5:92:84:36:23:61:8F:BE:D5:99:1B:DF:15 X509v3 Authority Key Identifier: keyid:3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:48:e0:93:c9:2b:6b:a8:ed:72:2b:35:3b:bd:a9:80:91:5a: df:ab:6e:6f:7c:e4:06:72:bd:b9:d5:66:b3:19:3b:fb:50:2e: 25:15:87:05:e7:26:96:d7:3c:81:0e:ab:40:d2:68:a3:ae:80: e8:c2:1a:0f:b6:c3:29:ba:7a:36:2c:e0:94:66:b1:08:73:b0: 9f:f6:17:80:3b:26:0a:6e:30:b5:87:16:eb:3a:eb:5a:97:b1: b3:40:2d:64:b9:d2:c5:46:31:19:fc:dd:5d:24:e1:5b:d3:15: f3:12:4b:f6:08:6d:84:0f:6f:58:51:69:0e:34:e2:76:9d:22: cf:d0:b7:38:e9:77:d7:d6:c3:08:03:7c:42:0b:c7:cc:b4:4b: 56:e0:3d:b3:2a:45:15:d7:8c:c3:8c:f8:84:37:71:4f:ec:f3: 64:21:06:52:64:55:b8:70:fb:b3:b3:ac:7b:3f:ed:83:59:4b: 67:8e:e4:60:79:98:8a:95:a8:61:6a:0d:e5:3c:1a:63:95:2b: 33:3d:70:b6:1f:b7:b7:ca:01:10:5a:3a:da:e0:e0:ea:37:69: f8:0f:ef:1d:bd:f0:ab:a6:ef:1c:f2:5d:2e:3d:c7:67:93:4a: 47:73:a0:07:c6:13:33:55:81:60:b5:1f:41:de:a5:02:7a:5a: 12:fd:3e:ad -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoM0VDN0IxQTZEQTIxQTFBNzc1ODE1RDFDQkZFNzIzMTRC OEE5NUREOTAeFw0yNTA4MjMwODA3MzZaFw0yNTA4MzAwODA3MzZaMBgxFjAUBgNV BAMTDTY4YTk3NmM4LTFhZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCicvKClLaAaXYj2oI3ovSw7P5W7yRcoh11GFfHYzO5/i2g4FZcJp6teHI90tdg Pr7YNix/NqZ1VUnDTxB6kcfRmBFSLlDitPEjkO+Qe1djacsl8mTIowNHqcOqEU7o vMIcwYqtKJ29VJ4ujxLFEUg0jR6r1NXff5RQb4SKiBhp124Z8l6A8FgC0QQrBGUz dKB9Hqrc960T1fI7X0zWkrXrms9OHs4P2O2NKTotYDPLY0TxfiraL6R9OABPyDGG t6+u6DPeLKZ2jfO6zDFkaKDukmG5FlyOVQlYm7rYtc/WLw5ZchzbDt1swM90lDW6 oI7EDLho+8cPqXO/O4PjWtMTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrkMDNofj w+WShDYjYY++1Zkb3xUwHwYDVR0jBBgwFoAUPsexptohoad1gV0cv+cjFLipXdkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0NFMEVEQTI2NTcx QTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2FkMWdWMGN2LWNqRkxpcFhk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHNleHB0b2hvYWQxZ1YwY3YtY2pGTGlwWGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0NFMEVEQTI2NTcxQTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2Fk MWdWMGN2LWNqRkxpcFhkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC9I4JPJK2uo7XIrNTu9qYCRWt+rbm985AZyvbnVZrMZO/tQLiUVhwXn JpbXPIEOq0DSaKOugOjCGg+2wym6ejYs4JRmsQhzsJ/2F4A7JgpuMLWHFus661qX sbNALWS50sVGMRn83V0k4VvTFfMSS/YIbYQPb1hRaQ404nadIs/Qtzjpd9fWwwgD fEILx8y0S1bgPbMqRRXXjMOM+IQ3cU/s82QhBlJkVbhw+7OzrHs/7YNZS2eO5GB5 mIqVqGFqDeU8GmOVKzM9cLYft7fKARBaOtrg4Oo3afgP7x298Kum7xzyXS49x2eT SkdzoAfGEzNVgWC1H0HepQJ6WhL9Pq0= -----END CERTIFICATE-----Generated at Sat Aug 23 21:17:12 2025 by rpki-client