$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft File: XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json) Hash identifier: IRhyl6sbUUqIRxyoeZF2ITe8BDXpFovvT4kAdniYyfg= Subject key identifier: F3:47:AF:1A:C3:04:85:6F:78:1D:41:08:6C:F1:D9:59:43:0D:DC:8C Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Certificate serial: 09AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft Manifest number: 0998 Signing time: Fri 22 Aug 2025 20:13:57 +0000 Manifest this update: Fri 22 Aug 2025 20:13:56 +0000 Manifest next update: Fri 29 Aug 2025 20:13:56 +0000 Files and hashes: 1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: +phiBeRsZ9zqkmp1vkFfPt50JIVRfrVnD44vqUFAG9Q=) 2: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 1xpqucRPj2sGGfUlw/hjqGcWw2RAvQEPEvj1/o7DLww=) 3: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: Qe2k4Rmt8cYvrQ25NjhCj6HgTDQ2LTBczeZdX5NMi1Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:13:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2479 (0x9af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Validity Not Before: Aug 22 20:13:56 2025 GMT Not After : Aug 29 20:13:56 2025 GMT Subject: CN=68a8cf85-4240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e4:79:05:4e:ac:c2:bc:2e:ed:e9:02:49:fc: b9:fa:8b:03:90:c1:62:7a:0e:3f:cb:ec:31:19:3f: f4:63:b5:5d:31:35:bb:3a:62:c3:0d:6a:13:55:11: ab:5b:04:df:a6:c5:c7:bc:7c:60:98:98:5b:d0:3f: 31:5e:74:9f:7e:21:21:ff:99:50:a2:93:5e:44:67: 5d:6b:e0:21:81:0c:4b:a7:82:bd:82:16:1a:47:ea: d2:b7:b6:63:0e:9b:e0:cf:cc:d7:ba:5d:29:53:a5: 91:65:3a:cb:35:da:a9:82:f6:c0:f3:a4:8b:25:27: 1f:50:aa:0c:c9:68:df:e5:05:9f:60:b2:9f:a3:8f: 3d:8c:03:1e:1c:ea:50:9e:73:4b:5d:27:0a:08:0f: 16:c0:4a:97:f3:40:4a:88:74:5f:b9:18:d0:d2:9e: cb:79:d7:dd:72:0f:be:1f:1c:43:55:2a:12:85:91: 54:ab:91:0f:8b:22:b5:73:66:ce:7a:64:d5:ff:58: 0a:04:b2:d9:66:91:d6:e3:ee:29:fb:63:bd:d1:3d: 75:6b:8d:fc:e3:9b:6b:26:e2:2b:55:b1:c2:01:a9: cc:a4:e7:57:e1:d6:df:3f:90:2d:f5:a4:15:f6:fc: c6:78:54:9a:a9:b7:fc:6f:b7:1b:f2:82:57:36:db: 4b:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:47:AF:1A:C3:04:85:6F:78:1D:41:08:6C:F1:D9:59:43:0D:DC:8C X509v3 Authority Key Identifier: keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:90:4c:a1:d5:a6:ed:2c:08:ff:1d:89:8c:cb:48:fe:74:6e: 18:88:17:6d:e8:a5:91:e6:86:1d:bc:ad:9f:b9:f4:96:ce:19: 44:bc:63:22:f3:c7:a6:75:50:72:d8:61:0b:87:5d:80:55:d3: 70:f6:30:7d:fd:a6:8c:80:9b:d7:1d:a9:7d:d3:56:0d:f3:c5: 65:39:01:8e:49:d9:bf:22:2b:4b:eb:18:e8:bf:4f:17:8c:df: 38:a3:f9:6a:37:31:c1:00:1a:de:51:83:42:a3:6a:3b:ae:ff: 01:c0:3d:9a:61:da:25:20:fd:49:57:26:03:2b:42:92:c1:87: 9e:8c:e1:1a:f3:f9:a7:21:e0:cf:5d:8c:36:5b:27:4c:1a:e0: 44:c4:5d:e2:84:ee:34:ce:28:bd:69:ca:46:f3:a9:fa:52:1a: f0:74:3b:23:f9:d8:16:3f:8f:d6:6e:0c:67:e5:d3:a2:9f:dc: af:79:ad:fa:39:b3:7f:2f:e1:e4:6b:e7:67:56:16:f2:7e:52: 5e:7f:bd:b3:11:cd:2a:33:ae:d6:f3:d3:e7:4c:f5:e5:2d:1e: 25:98:2f:8e:b6:03:b1:87:9a:8d:a6:98:49:9c:09:53:9e:25: f2:f1:87:43:02:25:a4:85:16:70:d5:d8:55:26:97:64:2f:b0: f2:fa:2f:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC N0I4MEI3MjcwHhcNMjUwODIyMjAxMzU2WhcNMjUwODI5MjAxMzU2WjAYMRYwFAYD VQQDEw02OGE4Y2Y4NS00MjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsuR5BU6swrwu7ekCSfy5+osDkMFieg4/y+wxGT/0Y7VdMTW7OmLDDWoTVRGr WwTfpsXHvHxgmJhb0D8xXnSffiEh/5lQopNeRGdda+AhgQxLp4K9ghYaR+rSt7Zj Dpvgz8zXul0pU6WRZTrLNdqpgvbA86SLJScfUKoMyWjf5QWfYLKfo489jAMeHOpQ nnNLXScKCA8WwEqX80BKiHRfuRjQ0p7Ledfdcg++HxxDVSoShZFUq5EPiyK1c2bO emTV/1gKBLLZZpHW4+4p+2O90T11a43845trJuIrVbHCAanMpOdX4dbfP5At9aQV 9vzGeFSaqbf8b7cb8oJXNttLSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNHrxrD BIVveB1BCGzx2VlDDdyMMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0 RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx NGNnVmFEdld5T2kzdUF0eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDLkEyh1abtLAj/HYmMy0j+dG4YiBdt6KWR5oYdvK2fufSWzhlEvGMi 88emdVBy2GELh12AVdNw9jB9/aaMgJvXHal901YN88VlOQGOSdm/IitL6xjov08X jN84o/lqNzHBABreUYNCo2o7rv8BwD2aYdolIP1JVyYDK0KSwYeejOEa8/mnIeDP XYw2WydMGuBExF3ihO40zii9acpG86n6UhrwdDsj+dgWP4/Wbgxn5dOin9yvea36 ObN/L+Hka+dnVhbyflJef72zEc0qM67W89PnTPXlLR4lmC+OtgOxh5qNpphJnAlT niXy8YdDAiWkhRZw1dhVJpdkL7Dy+i/0 -----END CERTIFICATE-----Generated at Sun Aug 24 07:02:24 2025 by rpki-client