$ rpki-client -vvf rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft File: 2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft (raw, json) Hash identifier: znfhloUTb5DjctgNvuH+D26l9kt8IfnNd2lcc02Avrg= Subject key identifier: 6A:87:F7:C0:25:F6:A8:CC:B6:E8:31:E5:7F:45:79:CA:F3:A1:07:E3 Authority key identifier: D8:27:B6:84:3E:B7:F6:B9:F0:ED:5F:2F:F7:23:44:A5:2C:04:B4:9F Certificate issuer: /CN=A91758EC/serialNumber=D827B6843EB7F6B9F0ED5F2FF72344A52C04B49F Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft Manifest number: 18 Signing time: Sat 23 Aug 2025 08:16:52 +0000 Manifest this update: Sat 23 Aug 2025 08:16:52 +0000 Manifest next update: Sat 30 Aug 2025 08:16:52 +0000 Files and hashes: 1: 2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl (hash: FreD/vhIF8njoJ4o6NELzxv2S2W1T2UvXqaG+GdRHqw=) 2: 9DA6D1866E1C11F0B7ED1D84C4F9AE02.roa (hash: Ab7z11j/JWV2srLlnZVUsiX2l5YoRDQg2qGXrcUnimg=) 3: 312F0E7E6E1C11F0AB99F682C4F9AE02.roa (hash: TPTw4itouUrT3zWp67Qh/kFVGTIQgN0gjeYV7fEtXi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91758EC, serialNumber=D827B6843EB7F6B9F0ED5F2FF72344A52C04B49F Validity Not Before: Aug 23 08:16:52 2025 GMT Not After : Aug 30 08:16:52 2025 GMT Subject: CN=68a978f4-2d31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:00:2b:dd:7e:62:97:64:d1:9c:ed:b7:5d:06: 3d:6e:c4:d6:ff:56:8c:db:03:fe:71:61:1a:30:7a: 6d:21:7e:be:a6:33:71:36:8b:36:0c:dd:74:f5:2a: 80:4b:57:ca:e1:82:86:48:f9:29:b3:4a:45:b3:78: fe:01:dc:36:fd:af:8e:a5:0c:2d:0a:e1:e0:ce:fd: 00:18:a8:c1:da:15:1a:b6:51:ae:ec:b9:61:93:41: d7:82:68:e0:37:e0:2f:62:53:3e:0e:43:94:88:2c: 39:16:2d:9f:c4:ff:c8:92:b4:03:8e:dd:21:b7:e8: a4:88:32:24:e6:6d:38:53:69:7c:dd:d0:4e:6e:12: 36:cb:31:d9:ef:8e:72:55:c8:21:85:f8:7e:eb:03: e0:d6:51:d0:80:58:33:56:2b:73:e4:e9:c2:d0:14: b0:dd:af:46:8e:4d:98:fb:f5:ce:8b:cd:23:b5:eb: 4d:f8:d5:7f:a2:50:4f:c1:32:8e:db:e5:58:81:0b: 01:b5:d6:b1:e1:9e:49:c5:83:4a:48:67:93:6a:2d: ad:c2:07:9c:55:aa:be:af:08:21:33:d5:d2:9f:5c: 91:2c:81:a4:5f:84:1c:bf:62:a6:eb:18:f6:69:6e: f7:ef:a4:6b:5f:50:99:12:c4:ec:69:af:50:79:bf: 5d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:87:F7:C0:25:F6:A8:CC:B6:E8:31:E5:7F:45:79:CA:F3:A1:07:E3 X509v3 Authority Key Identifier: keyid:D8:27:B6:84:3E:B7:F6:B9:F0:ED:5F:2F:F7:23:44:A5:2C:04:B4:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2Ce2hD639rnw7V8v9yNEpSwEtJ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91758EC/6BF86B84663011F0B9DC4E64C4F9AE02/2Ce2hD639rnw7V8v9yNEpSwEtJ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:db:db:ae:a4:ec:03:e5:36:56:ff:8f:7a:4c:d5:27:16:1c: 00:80:a3:87:93:51:7b:80:d9:0f:fa:4b:c7:01:43:c0:61:5c: c3:97:80:76:1c:c8:a3:94:82:5c:b8:3f:76:a4:24:25:9c:8b: f9:98:00:fa:39:98:0b:93:c1:67:72:73:42:d3:a3:7a:79:1d: 3a:6c:4e:a9:87:bb:26:ce:57:4d:3d:dd:59:e4:66:25:19:c7: 3c:72:b8:e9:20:6a:e9:03:e0:74:ce:59:d4:4a:07:a9:bc:33: d6:4f:18:67:d7:a5:38:f0:70:c3:e4:a8:78:28:cb:76:74:ae: 07:1f:61:08:82:64:44:9a:75:ed:50:50:96:e2:b9:51:0f:18: c3:0b:be:3a:02:05:cf:05:96:c7:9c:50:2f:39:8a:28:c6:52: 18:8f:02:aa:e6:e2:9e:51:c0:71:12:af:d2:c0:3a:a9:cf:f8: 0e:b8:06:5b:46:bf:f6:a9:af:81:9e:70:cc:ab:4b:3d:58:c4: 03:59:86:1b:18:a4:11:cb:e0:bd:65:39:ec:90:b8:5f:b9:d0: 59:41:0a:fe:d0:74:c6:2b:e2:78:0b:c9:68:92:07:c9:1d:2a: 55:5c:95:55:35:41:c5:eb:ee:ee:6c:6f:d4:1d:d0:ea:7b:bb: 44:d6:4b:d3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NThFQzExMC8GA1UEBRMoRDgyN0I2ODQzRUI3RjZCOUYwRUQ1RjJGRjcyMzQ0QTUy QzA0QjQ5RjAeFw0yNTA4MjMwODE2NTJaFw0yNTA4MzAwODE2NTJaMBgxFjAUBgNV BAMTDTY4YTk3OGY0LTJkMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnACvdfmKXZNGc7bddBj1uxNb/VozbA/5xYRowem0hfr6mM3E2izYM3XT1KoBL V8rhgoZI+SmzSkWzeP4B3Db9r46lDC0K4eDO/QAYqMHaFRq2Ua7suWGTQdeCaOA3 4C9iUz4OQ5SILDkWLZ/E/8iStAOO3SG36KSIMiTmbThTaXzd0E5uEjbLMdnvjnJV yCGF+H7rA+DWUdCAWDNWK3Pk6cLQFLDdr0aOTZj79c6LzSO160341X+iUE/BMo7b 5ViBCwG11rHhnknFg0pIZ5NqLa3CB5xVqr6vCCEz1dKfXJEsgaRfhBy/YqbrGPZp bvfvpGtfUJkSxOxpr1B5v13ZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaof3wCX2 qMy26DHlf0V5yvOhB+MwHwYDVR0jBBgwFoAU2Ce2hD639rnw7V8v9yNEpSwEtJ8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1OEVDLzZCRjg2Qjg0NjYz MDExRjBCOURDNEU2NEM0RjlBRTAyLzJDZTJoRDYzOXJudzdWOHY5eU5FcFN3RXRK OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMkNlMmhENjM5cm53N1Y4djl5TkVwU3dFdEo4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1 OEVDLzZCRjg2Qjg0NjYzMDExRjBCOURDNEU2NEM0RjlBRTAyLzJDZTJoRDYzOXJu dzdWOHY5eU5FcFN3RXRKOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAfb266k7APlNlb/j3pM1ScWHACAo4eTUXuA2Q/6S8cBQ8BhXMOXgHYc yKOUgly4P3akJCWci/mYAPo5mAuTwWdyc0LTo3p5HTpsTqmHuybOV0093VnkZiUZ xzxyuOkgaukD4HTOWdRKB6m8M9ZPGGfXpTjwcMPkqHgoy3Z0rgcfYQiCZESade1Q UJbiuVEPGMMLvjoCBc8FlsecUC85iijGUhiPAqrm4p5RwHESr9LAOqnP+A64BltG v/apr4GecMyrSz1YxANZhhsYpBHL4L1lOeyQuF+50FlBCv7QdMYr4ngLyWiSB8kd KlVclVU1QcXr7u5sb9Qd0Op7u0TWS9M= -----END CERTIFICATE-----Generated at Sat Aug 23 10:59:16 2025 by rpki-client