$ rpki-client -vvf rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft File: z7B65d0AqScU2zWnIQRdnS644xc.mft (raw, json) Hash identifier: pYz72b2WniQSCdUDvbL3nrw7vGbWa8gaLtkP4OE+xYs= Subject key identifier: A6:D8:6B:29:63:16:31:1F:DC:BF:AA:76:8C:20:5C:E5:0C:E1:FA:A8 Authority key identifier: CF:B0:7A:E5:DD:00:A9:27:14:DB:35:A7:21:04:5D:9D:2E:B8:E3:17 Certificate issuer: /CN=A9189A9F/serialNumber=CFB07AE5DD00A92714DB35A721045D9D2EB8E317 Certificate serial: 2F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft Manifest number: 0421 Signing time: Sat 23 Aug 2025 00:44:57 +0000 Manifest this update: Sat 23 Aug 2025 00:44:57 +0000 Manifest next update: Sat 30 Aug 2025 00:44:57 +0000 Files and hashes: 1: z7B65d0AqScU2zWnIQRdnS644xc.crl (hash: NFuPucihAlOTTLhM+AizUXRP3ayULua2apo3SLnKMfo=) 2: 42A92B3C3BAC11F0882B5B62C4F9AE02.roa (hash: 3kUfpfWFsRQio/I2rlN7rqdOffzKtu9waWZ7PwEcB0U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.crl rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:44:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189A9F, serialNumber=CFB07AE5DD00A92714DB35A721045D9D2EB8E317 Validity Not Before: Aug 23 00:44:57 2025 GMT Not After : Aug 30 00:44:57 2025 GMT Subject: CN=68a90f09-bed3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:da:5b:91:75:13:9b:3f:90:de:5a:b5:ad:6f: db:bb:34:74:26:4b:bc:9f:b6:40:f3:a2:71:ab:ce: bb:de:78:59:50:13:19:ca:ce:75:25:6d:15:48:09: 21:53:2c:f1:21:14:aa:17:bf:af:8d:9f:47:80:2e: 34:e2:20:37:03:69:93:74:74:a2:3f:67:29:0e:1b: 8c:e8:e2:7e:a0:bf:bb:19:77:ec:72:4e:a4:ec:55: 4b:eb:5e:f7:5e:63:96:44:2a:3b:c1:0a:73:4e:8e: 90:b6:0f:5e:99:a1:5f:64:fd:e7:d0:d7:13:ee:47: 96:b1:74:55:e2:7f:b1:7b:25:a1:92:35:e8:dc:e0: 60:5d:e9:08:79:d1:7b:fd:13:99:98:0a:ff:21:17: 78:4c:59:cb:8f:b6:b5:20:90:bc:ab:22:45:2c:ad: 61:58:81:81:f0:66:cd:46:8a:6d:c8:bb:c3:d2:67: d9:34:28:de:be:d2:2e:82:34:85:70:18:6a:ed:7a: 7d:1b:4d:d0:68:20:f9:21:ee:dd:68:30:d4:5a:66: b2:63:b7:6b:91:41:fc:38:c8:89:85:32:98:7c:79: 0d:3d:b2:07:e0:08:7b:5e:01:6f:80:f9:a2:8f:04: dc:dc:dd:7f:b7:23:c8:cb:e3:37:b4:a4:52:26:da: bd:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:D8:6B:29:63:16:31:1F:DC:BF:AA:76:8C:20:5C:E5:0C:E1:FA:A8 X509v3 Authority Key Identifier: keyid:CF:B0:7A:E5:DD:00:A9:27:14:DB:35:A7:21:04:5D:9D:2E:B8:E3:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:c0:b6:17:4a:a8:2f:1e:7c:1d:93:f7:62:91:1d:85:68:dd: 27:7c:e8:8c:b6:81:6d:88:7f:cd:39:89:3a:e9:66:43:e5:49: 1e:a9:81:fd:26:28:0e:c6:94:21:61:fc:18:3f:0f:50:16:b6: 01:86:10:5f:0b:d8:dd:ed:6d:6e:94:76:1c:66:87:2e:85:9e: 94:0e:20:a0:a1:c8:bd:a7:6a:45:24:91:f6:19:82:2e:f6:9f: 44:ed:d4:b9:24:1a:85:42:7d:81:39:14:15:54:a9:7e:01:d9: a1:ee:cc:05:ce:c5:2e:ff:b4:05:09:62:a3:90:d5:1b:1c:96: 7c:40:83:14:bb:67:0f:1f:9d:d7:d8:fc:6d:ab:66:b7:09:30: 61:98:6e:e6:6d:a4:e3:59:57:97:30:90:c7:df:4f:bd:e0:28: 83:fe:56:3d:37:b6:73:46:65:b2:2b:99:80:74:0a:1d:7f:f5: a0:9a:cc:19:e2:5c:fd:fd:42:a3:d7:37:57:33:c7:89:f9:fa: 9e:98:dd:b0:80:b7:eb:7f:ed:b1:b9:c6:30:9e:e2:a8:89:66: ea:e5:67:8c:ce:5b:57:e8:78:9b:db:43:e3:36:25:b1:ce:80: cc:11:4c:1e:b6:24:85:39:93:81:cb:9d:a1:4e:e2:87:16:d8: e9:9f:fb:d8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 OUE5RjExMC8GA1UEBRMoQ0ZCMDdBRTVERDAwQTkyNzE0REIzNUE3MjEwNDVEOUQy RUI4RTMxNzAeFw0yNTA4MjMwMDQ0NTdaFw0yNTA4MzAwMDQ0NTdaMBgxFjAUBgNV BAMTDTY4YTkwZjA5LWJlZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC02luRdRObP5DeWrWtb9u7NHQmS7yftkDzonGrzrveeFlQExnKznUlbRVICSFT LPEhFKoXv6+Nn0eALjTiIDcDaZN0dKI/ZykOG4zo4n6gv7sZd+xyTqTsVUvrXvde Y5ZEKjvBCnNOjpC2D16ZoV9k/efQ1xPuR5axdFXif7F7JaGSNejc4GBd6Qh50Xv9 E5mYCv8hF3hMWcuPtrUgkLyrIkUsrWFYgYHwZs1Gim3Iu8PSZ9k0KN6+0i6CNIVw GGrten0bTdBoIPkh7t1oMNRaZrJjt2uRQfw4yImFMph8eQ09sgfgCHteAW+A+aKP BNzc3X+3I8jL4ze0pFIm2r25AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUpthrKWMW MR/cv6p2jCBc5Qzh+qgwHwYDVR0jBBgwFoAUz7B65d0AqScU2zWnIQRdnS644xcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5QTlGLzgwNTZCQTU2OEE5 MDExRUM4QzFCMEQyMkM0RjlBRTAyL3o3QjY1ZDBBcVNjVTJ6V25JUVJkblM2NDR4 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvejdCNjVkMEFxU2NVMnpXbklRUmRuUzY0NHhjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5 QTlGLzgwNTZCQTU2OEE5MDExRUM4QzFCMEQyMkM0RjlBRTAyL3o3QjY1ZDBBcVNj VTJ6V25JUVJkblM2NDR4Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMXAthdKqC8efB2T92KRHYVo3Sd86Iy2gW2If805iTrpZkPlSR6pgf0m KA7GlCFh/Bg/D1AWtgGGEF8L2N3tbW6Udhxmhy6FnpQOIKChyL2nakUkkfYZgi72 n0Tt1LkkGoVCfYE5FBVUqX4B2aHuzAXOxS7/tAUJYqOQ1RsclnxAgxS7Zw8fndfY /G2rZrcJMGGYbuZtpONZV5cwkMffT73gKIP+Vj03tnNGZbIrmYB0Ch1/9aCazBni XP39QqPXN1czx4n5+p6Y3bCAt+t/7bG5xjCe4qiJZurlZ4zOW1foeJvbQ+M2JbHO gMwRTB62JIU5k4HLnaFO4ocW2Omf+9g= -----END CERTIFICATE-----Generated at Sun Aug 24 00:51:06 2025 by rpki-client