$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: 5duHdv5stRE8coqXZ3Sv/OQwGRtF4FKJWHLohYQ/1Bo= Subject key identifier: F7:2E:CC:6E:80:6F:9E:46:CA:A6:6C:92:06:27:41:1E:87:2B:EF:9E Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 07BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 07B5 Signing time: Fri 22 Aug 2025 21:24:01 +0000 Manifest this update: Fri 22 Aug 2025 21:24:00 +0000 Manifest next update: Fri 29 Aug 2025 21:24:00 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: mjezuoyvNJtEljJALqZx4A9ony4thaHlq3BXFAIEVlU=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 7u9lFldLGtHyxwH20hTfSxqKwvd+3v0Fn/UDNDaczHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:24:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1979 (0x7bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Aug 22 21:24:00 2025 GMT Not After : Aug 29 21:24:00 2025 GMT Subject: CN=68a8dff0-d065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:56:bd:37:be:c4:f0:d1:bd:07:7c:64:61:cf: e6:1b:9a:9a:39:db:af:ee:55:87:0a:d6:0a:0b:6b: 00:1c:01:22:24:d1:85:93:c7:71:a0:56:6b:1a:1d: 92:e2:3a:3b:7b:a8:32:f6:20:23:4c:da:0b:81:cf: 3f:8a:a3:da:ad:3c:19:b8:f6:b6:12:80:7f:5c:ef: 3e:4c:1f:09:67:cb:74:3e:6f:b3:eb:44:3f:39:e2: 91:4b:96:b5:85:a6:f2:53:7e:60:d3:22:2e:57:d4: 6f:a5:97:41:f3:e5:83:83:63:ae:17:bf:2c:e0:78: 09:39:fa:9c:b3:4a:7b:07:4f:8a:5a:39:ed:9c:f1: a7:18:da:f8:e6:2c:7c:21:ff:9d:81:ff:04:ea:00: e6:2b:eb:b4:4a:4f:5f:ba:ab:76:30:7a:e6:89:9e: c3:94:91:43:d4:94:81:08:90:e9:87:d3:33:c3:17: 5c:65:a9:a0:2f:ab:5c:a7:c7:8f:5d:70:b6:0f:77: 88:ae:6b:2e:59:c5:92:47:73:c8:19:6e:e6:c8:da: 86:24:3f:31:e8:92:fb:d4:a0:56:69:ca:51:f0:38: ff:37:9e:71:05:34:08:15:20:b8:f2:1e:e1:f8:7c: e6:0b:e1:18:79:a0:f5:4e:22:65:7f:0b:07:de:60: d6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:2E:CC:6E:80:6F:9E:46:CA:A6:6C:92:06:27:41:1E:87:2B:EF:9E X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:8b:fb:96:5b:fd:2d:3c:83:12:26:6a:6a:26:24:4d:b4:3c: 74:fc:a1:66:85:9c:69:69:13:c1:31:f5:db:17:5e:3e:81:5b: e7:45:0a:92:f7:fb:dc:89:98:a3:34:03:25:f3:b3:c4:9f:55: d3:06:73:c2:82:c4:de:ec:46:64:56:2c:90:8a:03:d3:ff:2f: 74:ba:aa:0e:50:ea:c3:b2:a7:f6:9c:63:55:94:a7:7a:10:5e: 38:4a:70:be:1c:6b:f2:7a:d8:2f:10:d0:a1:47:65:be:75:b5: ae:5a:8d:83:c9:fb:a3:0d:4a:9c:ee:11:95:51:35:61:5a:9b: da:66:39:85:f4:29:94:17:cf:c0:19:66:27:79:c7:a2:f2:cc: ea:e8:ff:40:29:ca:8e:34:a5:91:8f:16:b4:f4:88:47:16:c7: 96:c4:d2:5d:06:9b:3a:5e:a9:74:38:f3:74:47:0a:f8:29:6a: 4c:38:1a:d4:77:7d:29:34:14:5a:b1:ef:e2:6c:28:92:1a:d0: 49:f7:4d:92:86:90:6b:cd:e2:43:71:a0:75:cb:ce:f7:60:29: b5:22:41:23:e7:2d:aa:26:96:dd:ff:0c:ff:57:8f:51:e7:3b: 1c:7c:c7:fb:0c:c6:ea:9d:37:04:6a:db:de:ab:77:de:72:54: 31:99:c7:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUwODIyMjEyNDAwWhcNMjUwODI5MjEyNDAwWjAYMRYwFAYD VQQDEw02OGE4ZGZmMC1kMDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArVa9N77E8NG9B3xkYc/mG5qaOduv7lWHCtYKC2sAHAEiJNGFk8dxoFZrGh2S 4jo7e6gy9iAjTNoLgc8/iqParTwZuPa2EoB/XO8+TB8JZ8t0Pm+z60Q/OeKRS5a1 habyU35g0yIuV9RvpZdB8+WDg2OuF78s4HgJOfqcs0p7B0+KWjntnPGnGNr45ix8 If+dgf8E6gDmK+u0Sk9fuqt2MHrmiZ7DlJFD1JSBCJDph9MzwxdcZamgL6tcp8eP XXC2D3eIrmsuWcWSR3PIGW7myNqGJD8x6JL71KBWacpR8Dj/N55xBTQIFSC48h7h +HzmC+EYeaD1TiJlfwsH3mDWAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPcuzG6A b55GyqZskgYnQR6HK++eMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNi/uWW/0tPIMSJmpqJiRNtDx0/KFmhZxpaRPBMfXbF14+gVvnRQqS 9/vciZijNAMl87PEn1XTBnPCgsTe7EZkViyQigPT/y90uqoOUOrDsqf2nGNVlKd6 EF44SnC+HGvyetgvENChR2W+dbWuWo2DyfujDUqc7hGVUTVhWpvaZjmF9CmUF8/A GWYnecei8szq6P9AKcqONKWRjxa09IhHFseWxNJdBps6Xql0OPN0Rwr4KWpMOBrU d30pNBRase/ibCiSGtBJ902ShpBrzeJDcaB1y873YCm1IkEj5y2qJpbd/wz/V49R 5zscfMf7DMbqnTcEatveq3feclQxmcc5 -----END CERTIFICATE-----Generated at Sat Aug 23 14:37:47 2025 by rpki-client