$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft File: cI8eBxM4VcgHTu1fjIO0RmpgesI.mft (raw, json) Hash identifier: e9bFaPsce31XNGVeqVRg/y3FdkT9/fdCIG4OlYu+e1A= Subject key identifier: 28:A3:12:E1:4C:03:13:43:D4:29:96:60:AC:67:ED:3F:D2:05:71:2C Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft Manifest number: 0134 Signing time: Sat 23 Aug 2025 04:40:54 +0000 Manifest this update: Sat 23 Aug 2025 04:40:54 +0000 Manifest next update: Sat 30 Aug 2025 04:40:54 +0000 Files and hashes: 1: cI8eBxM4VcgHTu1fjIO0RmpgesI.crl (hash: O7f4/C1rf7dj4HJzuRqLtd+GVD1Su+hx0VT6+ySalYE=) 2: BFC0298670DC11EF8B65D95AC4F9AE02.roa (hash: UgEzMnFdPuD9AyKqWzCGknoXwkBXShyWFB2xX76uKRE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:40:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16, serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Aug 23 04:40:54 2025 GMT Not After : Aug 30 04:40:54 2025 GMT Subject: CN=68a94656-8c34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:84:73:30:3c:50:b8:67:ff:2d:59:cd:4e:e3: ef:85:75:dd:97:3a:77:76:b3:d8:23:d4:ce:30:93: 13:80:93:2a:3d:34:38:21:eb:06:6d:70:cb:38:1b: 6d:20:e8:56:8b:37:df:a8:81:9f:08:67:42:28:10: 43:03:08:6a:c8:42:c0:06:85:c4:75:5a:f8:a8:c9: 89:eb:02:57:29:c5:97:a5:d0:90:b3:3d:d1:ac:b2: 4d:c3:64:00:fd:13:09:42:59:e8:7a:ef:60:0f:99: 29:3c:c4:7a:7e:73:d9:b7:bc:79:54:ba:d7:ad:11: 81:00:6c:32:84:f3:9f:ae:ee:fb:fe:b9:00:d4:cc: 9b:2f:7d:20:7c:a1:88:26:49:9b:36:09:dc:29:79: 11:0e:71:93:32:c4:fe:6a:0c:5d:0d:45:14:33:4a: 57:3d:1f:39:13:8f:d8:1d:3d:df:2d:43:55:05:39: 58:aa:a5:20:0b:67:5f:aa:77:71:25:34:4b:c3:4e: 49:53:53:75:bc:8f:54:bf:66:0e:5d:5f:bc:c9:44: c2:17:82:cd:e2:dd:85:39:ea:5b:b4:d7:52:10:ba: a9:4e:33:24:71:41:a4:9a:b9:14:f7:33:20:93:d9: 33:bd:bb:b1:c5:df:c8:36:8c:f8:b6:ed:a8:fa:f0: 82:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:A3:12:E1:4C:03:13:43:D4:29:96:60:AC:67:ED:3F:D2:05:71:2C X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption f3:24:11:a0:72:d5:9d:ab:25:ab:2c:82:dd:cc:63:57:f1:85: cb:77:23:32:e4:98:2f:3f:27:b8:37:9d:d4:a8:d5:b3:a0:e8: 77:ee:c2:b6:85:66:3f:fe:08:be:92:2d:64:6d:2c:37:13:bf: ff:ab:b8:d8:d8:56:a1:86:53:d3:da:bf:d3:54:21:39:ab:22: fa:d2:ea:9d:19:e7:35:b0:4a:fa:24:98:67:53:63:51:a8:f8: 45:fc:0d:2d:16:a7:2d:65:14:4b:1a:fd:1c:91:ae:69:71:ce: 7e:a0:e9:40:82:46:70:41:7d:93:73:24:b6:2a:dc:49:67:91: 65:37:be:4f:0f:0b:0b:08:78:c2:ef:ed:3d:d6:b2:5d:35:41: 63:01:4d:05:e9:8d:9f:40:68:35:08:82:2a:ef:ea:c0:22:b6: 46:58:c3:49:7f:8b:34:3f:29:14:50:2d:a9:2e:4a:bf:7b:36: 47:48:44:f7:dd:6f:af:25:77:b9:03:dc:2c:e6:fc:0e:cc:50: 49:06:b8:c1:c2:44:03:c0:ee:46:9d:7a:4b:53:fc:38:c3:70: e9:c5:e0:73:25:35:df:c3:8b:c1:b2:06:72:35:2a:2b:9a:de: 37:21:10:50:32:d9:6b:d8:9d:bf:97:6f:3c:ff:5e:3b:39:c1: 50:eb:ad:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjUwODIzMDQ0MDU0WhcNMjUwODMwMDQ0MDU0WjAYMRYwFAYD VQQDEw02OGE5NDY1Ni04YzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1IRzMDxQuGf/LVnNTuPvhXXdlzp3drPYI9TOMJMTgJMqPTQ4IesGbXDLOBtt IOhWizffqIGfCGdCKBBDAwhqyELABoXEdVr4qMmJ6wJXKcWXpdCQsz3RrLJNw2QA /RMJQlnoeu9gD5kpPMR6fnPZt7x5VLrXrRGBAGwyhPOfru77/rkA1MybL30gfKGI JkmbNgncKXkRDnGTMsT+agxdDUUUM0pXPR85E4/YHT3fLUNVBTlYqqUgC2dfqndx JTRLw05JU1N1vI9Uv2YOXV+8yUTCF4LN4t2FOepbtNdSELqpTjMkcUGkmrkU9zMg k9kzvbuxxd/INoz4tu2o+vCC/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCijEuFM AxND1CmWYKxn7T/SBXEsMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZj Z0hUdTFmaklPMFJtcGdlc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDzJBGgctWdqyWrLILdzGNX8YXLdyMy5JgvPye4N53UqNWzoOh37sK2 hWY//gi+ki1kbSw3E7//q7jY2FahhlPT2r/TVCE5qyL60uqdGec1sEr6JJhnU2NR qPhF/A0tFqctZRRLGv0cka5pcc5+oOlAgkZwQX2TcyS2KtxJZ5FlN75PDwsLCHjC 7+091rJdNUFjAU0F6Y2fQGg1CIIq7+rAIrZGWMNJf4s0PykUUC2pLkq/ezZHSET3 3W+vJXe5A9ws5vwOzFBJBrjBwkQDwO5GnXpLU/w4w3DpxeBzJTXfw4vBsgZyNSor mt43IRBQMtlr2J2/l288/147OcFQ661g -----END CERTIFICATE-----Generated at Sat Aug 23 17:11:49 2025 by rpki-client