$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: rjEVNdCt9YwQDLy3S2va73NINMMpgdxmkLYG9VF+UZE= Subject key identifier: 74:2A:3F:58:F8:1E:9E:6C:96:D8:3F:D7:8E:71:07:4A:D8:25:90:51 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 067A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 066D Signing time: Fri 22 Aug 2025 19:42:29 +0000 Manifest this update: Fri 22 Aug 2025 19:42:28 +0000 Manifest next update: Fri 29 Aug 2025 19:42:28 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: DPwYkOhtKEkQ8NYZ7pEKpXYTRC8FryXdcau24WUCITY=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:42:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1658 (0x67a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: Aug 22 19:42:28 2025 GMT Not After : Aug 29 19:42:28 2025 GMT Subject: CN=68a8c825-7894 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:e2:89:f4:f9:1c:05:49:b4:66:dd:86:38:5d: 4f:2c:17:17:b0:0c:d5:17:c5:30:4d:09:7e:7c:74: c8:c7:5b:e9:70:6b:21:b5:b5:d0:7f:05:e3:7b:89: 71:96:33:78:ed:2d:d5:e7:2b:9f:4a:79:6c:47:c9: 25:e6:45:cd:45:cf:eb:6c:6a:b9:a1:cf:96:3c:13: 77:d7:fc:53:35:e4:07:fd:a2:79:b1:a0:75:00:a3: 38:4a:3d:3c:f7:1a:59:c0:31:da:88:66:95:83:12: a8:4d:dd:57:0c:56:fd:98:ea:ba:e7:ce:e1:c7:24: c7:0c:5f:d4:e8:e3:f9:95:b4:19:0b:55:09:49:c9: 08:01:b1:ad:2e:af:de:4b:0d:23:c4:02:82:c7:11: 6c:eb:42:44:5f:be:73:07:ca:5b:b2:38:d0:27:80: 14:e7:2c:17:c1:53:6d:38:20:6c:55:28:57:6f:c1: 21:f0:3b:c4:6f:95:37:c0:82:29:1e:a0:a2:92:3e: 2c:85:c5:4b:a6:c1:69:b7:2b:53:5e:1b:82:90:d1: 3a:a9:80:15:27:ef:3b:6b:5d:ea:0a:f7:e1:09:08: d3:5e:53:ee:96:06:44:b2:2a:19:c8:96:eb:de:47: d5:5b:63:ae:61:e0:45:5b:4e:e2:82:6c:a1:8b:5f: 5e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:2A:3F:58:F8:1E:9E:6C:96:D8:3F:D7:8E:71:07:4A:D8:25:90:51 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:73:c4:cf:b7:7e:35:8f:d0:db:d0:a9:ea:ad:73:e9:fa:52: ce:65:18:59:ba:ad:8f:9b:e9:c1:86:d2:f2:a2:10:9d:7e:a3: 5e:10:44:7e:ce:0c:b1:1c:94:ec:31:61:bc:3f:73:3a:2e:3b: e4:15:36:1f:f5:88:91:00:d4:3f:6d:e2:f6:88:13:10:72:d8: 78:9c:32:e1:5a:83:6c:48:dc:75:e2:fe:54:f3:16:5e:88:8d: 55:2f:92:c8:cf:d7:7a:fa:2a:36:d0:82:0e:1e:16:5c:66:c2: 0c:e6:dc:26:b5:a3:77:9e:4d:06:95:3b:85:7b:d4:34:9f:e7: 4f:a2:00:92:6d:92:2e:f5:d8:d9:60:66:8a:22:54:d3:9d:2a: d6:ae:51:65:06:05:77:ae:03:ea:24:25:c8:08:8d:3f:40:d9: f4:0c:d3:da:be:2d:a7:77:47:06:79:c6:09:3a:3f:b6:93:b0: d3:ec:32:b0:a6:41:35:5a:02:d4:04:1a:7c:47:3a:28:f6:c4: 41:77:95:cb:06:61:a4:05:f0:16:d8:16:74:69:19:a2:26:70: 0b:58:f0:a5:d5:a4:fb:33:02:f3:15:e9:72:26:e8:12:ba:ed: 84:b3:e7:07:bc:a0:91:e2:f7:21:c0:68:ba:34:86:23:ea:9d: 51:9c:e7:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUwODIyMTk0MjI4WhcNMjUwODI5MTk0MjI4WjAYMRYwFAYD VQQDEw02OGE4YzgyNS03ODk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0+KJ9PkcBUm0Zt2GOF1PLBcXsAzVF8UwTQl+fHTIx1vpcGshtbXQfwXje4lx ljN47S3V5yufSnlsR8kl5kXNRc/rbGq5oc+WPBN31/xTNeQH/aJ5saB1AKM4Sj08 9xpZwDHaiGaVgxKoTd1XDFb9mOq6587hxyTHDF/U6OP5lbQZC1UJSckIAbGtLq/e Sw0jxAKCxxFs60JEX75zB8pbsjjQJ4AU5ywXwVNtOCBsVShXb8Eh8DvEb5U3wIIp HqCikj4shcVLpsFptytTXhuCkNE6qYAVJ+87a13qCvfhCQjTXlPulgZEsioZyJbr 3kfVW2OuYeBFW07igmyhi19e7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHQqP1j4 Hp5sltg/145xB0rYJZBRMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCyc8TPt341j9Db0KnqrXPp+lLOZRhZuq2Pm+nBhtLyohCdfqNeEER+ zgyxHJTsMWG8P3M6LjvkFTYf9YiRANQ/beL2iBMQcth4nDLhWoNsSNx14v5U8xZe iI1VL5LIz9d6+io20IIOHhZcZsIM5twmtaN3nk0GlTuFe9Q0n+dPogCSbZIu9djZ YGaKIlTTnSrWrlFlBgV3rgPqJCXICI0/QNn0DNPavi2nd0cGecYJOj+2k7DT7DKw pkE1WgLUBBp8Rzoo9sRBd5XLBmGkBfAW2BZ0aRmiJnALWPCl1aT7MwLzFelyJugS uu2Es+cHvKCR4vchwGi6NIYj6p1RnOcB -----END CERTIFICATE-----Generated at Sat Aug 23 10:44:17 2025 by rpki-client