$ rpki-client -vvf rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.mft File: 2szbgPh19VKJMaiCXRqvoYCpsXk.mft (raw, json) Hash identifier: mOSkVuiPIr0vt25wxZzmLBXYZGLfEUkmmhMsNff+/6I= Subject key identifier: 86:15:53:25:81:B8:0F:29:79:C6:B1:CA:E0:CB:5C:7C:25:4C:5F:5F Authority key identifier: DA:CC:DB:80:F8:75:F5:52:89:31:A8:82:5D:1A:AF:A1:80:A9:B1:79 Certificate issuer: /CN=A918D701/serialNumber=DACCDB80F875F5528931A8825D1AAFA180A9B179 Certificate serial: 01CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2szbgPh19VKJMaiCXRqvoYCpsXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.mft Manifest number: 01C8 Signing time: Sat 23 Aug 2025 03:02:27 +0000 Manifest this update: Sat 23 Aug 2025 03:02:27 +0000 Manifest next update: Sat 30 Aug 2025 03:02:27 +0000 Files and hashes: 1: 2szbgPh19VKJMaiCXRqvoYCpsXk.crl (hash: N9nhD6kNQMAAowwmUr+fpwULMs8aP2reorH0hLo9WHY=) 2: 98D5AE30C88C11ED907C1C0EC4F9AE02.roa (hash: /+RFC3ph8TBdVcE4Ho9sjOY2q50Lm+IUGN0ewBHECtI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.crl rsync://rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2szbgPh19VKJMaiCXRqvoYCpsXk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:02:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D701, serialNumber=DACCDB80F875F5528931A8825D1AAFA180A9B179 Validity Not Before: Aug 23 03:02:27 2025 GMT Not After : Aug 30 03:02:27 2025 GMT Subject: CN=68a92f43-8c09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:8f:be:3f:2e:20:ce:42:7b:1e:ba:64:75:28: 8b:8e:15:52:2a:a6:51:ec:10:1f:30:60:04:01:b1: 57:ef:64:5e:e2:b3:91:48:2c:d4:fa:24:64:5a:c1: 69:0d:29:3c:15:6b:5f:6a:8e:c9:42:ce:71:80:f3: 30:76:3f:5c:21:34:bb:39:30:ed:49:9f:d8:e8:fe: af:d5:ea:05:b4:f9:b0:45:8d:8c:87:b2:42:94:1a: e7:53:07:6c:c1:bf:19:41:df:09:88:9f:53:45:2b: 86:eb:49:75:dc:62:9e:44:ab:90:06:c6:4d:e7:40: c7:48:2f:0f:df:22:eb:00:d0:86:1a:43:01:d0:01: b5:ec:e2:81:ef:eb:56:6f:50:0e:f6:70:a4:a6:fa: df:be:75:73:7e:18:12:42:ef:5a:31:5b:42:a2:18: a6:71:1a:a0:c2:1f:de:14:79:cc:ed:1c:7d:cb:ed: 23:2b:d7:29:a0:9e:f8:02:d2:f6:9b:d6:7b:21:38: a2:e4:26:b9:cc:7f:57:bd:f1:be:95:19:ea:3f:42: ed:95:e0:bc:88:c8:ee:3f:45:6f:b6:41:a0:70:01: a6:ae:a7:3c:ed:a3:24:0e:07:ae:4d:db:69:49:b0: 1b:a2:24:fb:24:c7:66:4a:23:1f:b5:91:93:0b:af: 37:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:15:53:25:81:B8:0F:29:79:C6:B1:CA:E0:CB:5C:7C:25:4C:5F:5F X509v3 Authority Key Identifier: keyid:DA:CC:DB:80:F8:75:F5:52:89:31:A8:82:5D:1A:AF:A1:80:A9:B1:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2szbgPh19VKJMaiCXRqvoYCpsXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D701/D1878EF6C88711EDBBE6A32BC4F9AE02/2szbgPh19VKJMaiCXRqvoYCpsXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:5e:ad:89:da:d3:9d:9d:cb:69:d8:67:03:88:06:2a:c1:90: f9:4d:7b:79:ce:eb:d1:38:83:3e:c5:3b:b3:27:c4:71:c8:cd: 00:3d:b9:b6:d8:81:a8:1f:32:91:e9:fc:da:fa:d2:59:29:a4: b1:36:98:de:e6:70:d8:05:13:f1:90:70:4c:6b:e1:66:fc:88: 66:bc:c9:ad:c5:5c:2f:2e:2c:1f:cb:2d:66:fa:6a:67:a5:02: b0:af:5a:83:b2:df:ae:7e:00:05:6d:b1:a8:b4:62:08:0d:92: 16:fc:0d:46:a4:16:f5:33:3b:35:e3:02:b6:88:30:32:86:f0: 7c:d5:4a:c3:51:d1:1c:e7:b2:05:b1:90:7c:aa:b1:bc:a0:aa: 0f:40:5e:cb:5c:13:19:a0:b2:7b:7c:3d:7f:61:06:de:2a:ff: 13:06:cd:2d:8a:c7:4e:c8:d8:5b:31:af:e8:49:c5:0d:a7:31: 54:29:5e:b0:70:0e:ac:79:79:18:26:6c:e1:69:2d:a2:49:e3: 34:7f:a1:bf:19:7b:7e:83:53:9e:1d:c5:ab:b8:68:27:22:14: 5a:08:76:b8:25:c7:23:f7:e0:4d:3b:2a:9a:8d:c3:aa:ab:99: e1:18:3e:e4:0e:b0:b5:86:fd:91:fe:dd:65:a4:fd:f2:6e:23: 16:cc:56:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQ3MDExMTAvBgNVBAUTKERBQ0NEQjgwRjg3NUY1NTI4OTMxQTg4MjVEMUFBRkEx ODBBOUIxNzkwHhcNMjUwODIzMDMwMjI3WhcNMjUwODMwMDMwMjI3WjAYMRYwFAYD VQQDEw02OGE5MmY0My04YzA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwI++Py4gzkJ7HrpkdSiLjhVSKqZR7BAfMGAEAbFX72Re4rORSCzU+iRkWsFp DSk8FWtfao7JQs5xgPMwdj9cITS7OTDtSZ/Y6P6v1eoFtPmwRY2Mh7JClBrnUwds wb8ZQd8JiJ9TRSuG60l13GKeRKuQBsZN50DHSC8P3yLrANCGGkMB0AG17OKB7+tW b1AO9nCkpvrfvnVzfhgSQu9aMVtCohimcRqgwh/eFHnM7Rx9y+0jK9cpoJ74AtL2 m9Z7ITii5Ca5zH9XvfG+lRnqP0LtleC8iMjuP0VvtkGgcAGmrqc87aMkDgeuTdtp SbAboiT7JMdmSiMftZGTC683uQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIYVUyWB uA8pecaxyuDLXHwlTF9fMB8GA1UdIwQYMBaAFNrM24D4dfVSiTGogl0ar6GAqbF5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDcwMS9EMTg3OEVGNkM4 ODcxMUVEQkJFNkEzMkJDNEY5QUUwMi8yc3piZ1BoMTlWS0pNYWlDWFJxdm9ZQ3Bz WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJzemJnUGgxOVZLSk1haUNYUnF2b1lDcHNYay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDcwMS9EMTg3OEVGNkM4ODcxMUVEQkJFNkEzMkJDNEY5QUUwMi8yc3piZ1BoMTlW S0pNYWlDWFJxdm9ZQ3BzWGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6Xq2J2tOdnctp2GcDiAYqwZD5TXt5zuvROIM+xTuzJ8RxyM0APbm2 2IGoHzKR6fza+tJZKaSxNpje5nDYBRPxkHBMa+Fm/IhmvMmtxVwvLiwfyy1m+mpn pQKwr1qDst+ufgAFbbGotGIIDZIW/A1GpBb1Mzs14wK2iDAyhvB81UrDUdEc57IF sZB8qrG8oKoPQF7LXBMZoLJ7fD1/YQbeKv8TBs0tisdOyNhbMa/oScUNpzFUKV6w cA6seXkYJmzhaS2iSeM0f6G/GXt+g1OeHcWruGgnIhRaCHa4Jccj9+BNOyqajcOq q5nhGD7kDrC1hv2R/t1lpP3ybiMWzFY4 -----END CERTIFICATE-----Generated at Sat Aug 23 16:45:54 2025 by rpki-client