$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: 8R7hqQRvr5nk2KiX9KIILmLFxdGSUb/gJC/0jmkX/m8= Subject key identifier: 99:1D:37:9C:7A:3C:0E:15:A4:30:57:FA:6E:44:07:3C:8C:AB:44:65 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0E13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0E0B Signing time: Fri 22 Aug 2025 17:57:34 +0000 Manifest this update: Fri 22 Aug 2025 17:57:33 +0000 Manifest next update: Fri 29 Aug 2025 17:57:33 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: PpScxITvAFGDVtCmqTG2BYI2URsc4E8eGXZ/l55HQp0=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: aOcvKXW2OwUSyFzRq5Kiuga5ndEep1PmMp0UDb+8XIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:57:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3603 (0xe13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Aug 22 17:57:33 2025 GMT Not After : Aug 29 17:57:33 2025 GMT Subject: CN=68a8af8d-3f6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a9:93:7a:5f:fb:47:ac:34:20:b0:50:09:b2: 83:d2:e8:9b:37:f8:50:d6:27:61:42:b1:80:78:40: 8c:dc:6a:ce:9b:c2:aa:ea:28:14:43:d3:42:38:72: 22:f9:24:47:25:61:83:ed:d8:a6:7a:10:ce:9e:9a: f7:49:8b:bd:e3:dc:cb:ae:ce:0d:48:70:85:6e:c3: 2b:4b:2f:02:7d:91:38:0b:4f:79:ec:ef:95:16:fd: 6a:8d:b3:81:f7:57:80:36:e3:62:04:f7:8f:2c:0d: c9:37:02:6a:9c:ad:6b:f2:3e:75:c9:ff:34:9e:4d: d3:db:a5:e9:f9:a4:db:35:11:5c:c8:54:fc:87:06: 9a:9c:a0:cb:c5:29:b5:29:9e:da:a5:97:36:c0:fc: af:48:38:00:65:a7:1c:ca:1e:c8:e2:e1:93:5d:64: 7d:45:cb:1e:7f:2e:93:5b:10:b2:c1:07:ba:78:f8: e4:cc:63:74:2b:c4:9b:ad:44:72:6d:a1:13:4f:45: ac:27:1b:a7:b7:ca:d1:2e:8c:88:58:d6:96:ea:64: 33:2c:2f:c4:d5:d7:e5:45:d0:e4:89:ec:8f:b7:27: cb:8d:e6:b7:5f:87:93:98:4d:cb:2f:e3:c5:9c:bb: 59:c4:ca:4f:a4:a6:32:c7:ef:3d:02:b0:68:78:7c: 6a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:1D:37:9C:7A:3C:0E:15:A4:30:57:FA:6E:44:07:3C:8C:AB:44:65 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:09:39:4e:9c:39:bc:d8:cf:25:20:a8:43:b2:3b:b5:54:69: f4:0d:d0:ad:d4:ba:31:05:f7:7d:d6:22:54:3b:93:28:f5:1c: c6:71:b0:13:ad:0c:87:10:b8:71:f6:20:1a:99:d7:6b:28:1a: 0b:f8:e0:a8:cd:1c:63:21:5d:fe:69:41:cd:ef:5e:0d:a9:6b: 0f:82:ab:5d:53:3f:0b:35:22:b1:11:13:c7:42:09:05:76:76: 03:98:50:f6:a3:82:cd:67:e8:6d:24:f1:f0:a3:75:e1:c9:e7: b9:f7:18:c9:dd:44:5f:15:f9:23:18:08:ca:67:d4:b4:55:29: 92:4e:f6:8f:3f:44:f8:1b:91:0e:16:a2:7c:5c:dd:40:40:c7: 2f:28:e0:ef:32:6f:74:cd:34:f3:1b:a4:01:63:56:1c:26:75: 37:e0:5d:25:a1:26:85:b4:de:15:3c:47:74:bb:ef:a9:fb:e8: a0:ef:37:5a:6b:02:c8:1f:ed:87:80:79:f7:3d:83:ec:36:45: d5:8a:c5:03:cf:ed:0b:7a:e9:00:ff:38:81:3d:46:fa:61:ae: 2b:a4:8e:f0:e5:58:8e:f7:28:a7:73:71:79:49:4c:75:6d:f4: 4f:f0:e1:f7:68:fe:7f:1d:22:02:8b:86:d9:52:f9:b5:29:58: ac:33:38:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDhMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwODIyMTc1NzMzWhcNMjUwODI5MTc1NzMzWjAYMRYwFAYD VQQDEw02OGE4YWY4ZC0zZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu6mTel/7R6w0ILBQCbKD0uibN/hQ1idhQrGAeECM3GrOm8Kq6igUQ9NCOHIi +SRHJWGD7dimehDOnpr3SYu949zLrs4NSHCFbsMrSy8CfZE4C0957O+VFv1qjbOB 91eANuNiBPePLA3JNwJqnK1r8j51yf80nk3T26Xp+aTbNRFcyFT8hwaanKDLxSm1 KZ7apZc2wPyvSDgAZaccyh7I4uGTXWR9Rcsefy6TWxCywQe6ePjkzGN0K8SbrURy baETT0WsJxunt8rRLoyIWNaW6mQzLC/E1dflRdDkieyPtyfLjea3X4eTmE3LL+PF nLtZxMpPpKYyx+89ArBoeHxqHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJkdN5x6 PA4VpDBX+m5EBzyMq0RlMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaCTlOnDm82M8lIKhDsju1VGn0DdCt1LoxBfd91iJUO5Mo9RzGcbAT rQyHELhx9iAamddrKBoL+OCozRxjIV3+aUHN714NqWsPgqtdUz8LNSKxERPHQgkF dnYDmFD2o4LNZ+htJPHwo3Xhyee59xjJ3URfFfkjGAjKZ9S0VSmSTvaPP0T4G5EO FqJ8XN1AQMcvKODvMm90zTTzG6QBY1YcJnU34F0loSaFtN4VPEd0u++p++ig7zda awLIH+2HgHn3PYPsNkXVisUDz+0LeukA/ziBPUb6Ya4rpI7w5ViO9yinc3F5SUx1 bfRP8OH3aP5/HSICi4bZUvm1KVisMzhf -----END CERTIFICATE-----Generated at Sun Aug 24 00:09:42 2025 by rpki-client