$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: oPtntg514Ue9ndvkSxae9nmtcU00tt/0L7ZnOnrcwLA= Subject key identifier: A2:13:63:79:C1:BB:52:69:72:6A:F1:58:D4:09:A7:2B:BB:C6:DF:87 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 0685 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 0681 Signing time: Fri 18 Jul 2025 22:36:52 +0000 Manifest this update: Fri 18 Jul 2025 22:36:51 +0000 Manifest next update: Fri 25 Jul 2025 22:36:51 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: K1Hdefi0g6tEUNKpfjMUxfFLELWkljF1qx0bFVMPZfY=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: DpNVsF8S1R1VahxgyAnkQsdhv9Y/GOwsBJQM35rMSJ0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:36:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1669 (0x685) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: Jul 18 22:36:51 2025 GMT Not After : Jul 25 22:36:51 2025 GMT Subject: CN=687acc84-8a2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6f:df:93:48:35:d9:71:71:44:cb:84:2b:8f: ec:fe:3a:b9:32:a8:b3:5a:0a:03:5e:52:45:f2:28: 33:d8:d6:49:e6:38:2b:cc:a0:8a:8d:1e:85:b0:eb: 10:e6:3e:f0:ea:96:34:69:0b:09:04:70:27:1e:67: 6d:c1:7b:45:d8:fc:0f:9a:1e:26:8f:7a:f7:80:fa: 49:f7:7b:fe:d3:6d:0b:75:6b:8f:22:10:9d:b7:f6: 8f:3a:6d:e1:c0:16:26:c7:63:ac:bd:30:a0:f9:16: c0:78:09:75:93:fc:2d:0e:df:58:16:41:7d:3d:bc: c3:cb:17:7b:35:14:01:eb:ef:80:4e:1f:4a:55:94: fb:fb:e7:0d:34:7e:f7:29:69:57:dd:5e:6a:9d:f6: 43:ff:e6:f5:63:50:72:c8:82:76:53:4a:11:e4:53: a3:68:75:b2:53:18:25:d7:7e:5d:24:e8:60:bf:6e: 56:55:ef:20:a2:ed:6e:e0:52:65:b7:53:79:f6:97: 13:1b:26:f3:af:05:cc:83:a2:50:42:ea:98:69:da: 2b:37:b4:0d:95:48:5d:18:c7:8c:ee:fd:82:9c:b1: 93:65:25:a2:6f:8e:75:5c:6e:ef:cf:df:08:c4:1a: 6f:64:65:18:00:ef:63:46:98:89:3c:ec:b0:5b:56: 96:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:13:63:79:C1:BB:52:69:72:6A:F1:58:D4:09:A7:2B:BB:C6:DF:87 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:c9:6d:1f:96:6e:eb:9d:8e:86:d2:16:0a:57:17:28:9f:79: 05:9f:c3:7e:e9:8d:27:7d:ac:75:ff:f0:d9:d7:47:eb:c4:e8: 6f:bf:eb:98:f0:f9:66:2a:70:f0:3c:83:4a:2a:e3:23:32:f5: 01:e6:5f:b9:ef:59:8a:60:f9:01:57:74:a0:c0:bb:03:f1:06: 04:aa:6f:66:8f:70:8b:b9:0e:58:3e:46:8d:ca:62:cf:bb:72: 17:be:75:9b:85:01:c3:0b:5e:06:5f:a6:42:ee:ae:af:fb:47: d9:e0:14:b3:f3:0c:2d:38:2b:76:12:b2:be:50:64:f2:75:5e: a9:a1:45:fd:b4:03:ea:42:64:48:08:34:e1:ff:4e:bd:08:3c: 9b:48:be:5d:94:fc:ec:4e:03:14:4b:bb:2b:df:d0:4a:62:b2: 56:5a:01:b2:57:e6:c3:27:c0:57:67:d2:ab:7a:f0:13:be:66: d8:bc:63:6c:93:c5:da:16:20:11:3d:e7:57:bf:c1:89:d5:24: 41:48:59:1f:53:6b:ce:54:27:75:57:0e:eb:52:2c:ea:bf:99: d6:f6:16:9a:04:b0:d8:26:73:ce:88:32:08:1c:40:24:19:17: 46:d8:93:a3:76:86:ac:32:09:1a:af:1f:af:3a:ff:e7:a9:b0: 29:be:a6:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUwNzE4MjIzNjUxWhcNMjUwNzI1MjIzNjUxWjAYMRYwFAYD VQQDEw02ODdhY2M4NC04YTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyG/fk0g12XFxRMuEK4/s/jq5MqizWgoDXlJF8igz2NZJ5jgrzKCKjR6FsOsQ 5j7w6pY0aQsJBHAnHmdtwXtF2PwPmh4mj3r3gPpJ93v+020LdWuPIhCdt/aPOm3h wBYmx2OsvTCg+RbAeAl1k/wtDt9YFkF9PbzDyxd7NRQB6++ATh9KVZT7++cNNH73 KWlX3V5qnfZD/+b1Y1ByyIJ2U0oR5FOjaHWyUxgl135dJOhgv25WVe8gou1u4FJl t1N59pcTGybzrwXMg6JQQuqYadorN7QNlUhdGMeM7v2CnLGTZSWib451XG7vz98I xBpvZGUYAO9jRpiJPOywW1aWIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKITY3nB u1JpcmrxWNQJpyu7xt+HMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhyW0flm7rnY6G0hYKVxcon3kFn8N+6Y0nfax1//DZ10frxOhvv+uY 8PlmKnDwPINKKuMjMvUB5l+571mKYPkBV3SgwLsD8QYEqm9mj3CLuQ5YPkaNymLP u3IXvnWbhQHDC14GX6ZC7q6v+0fZ4BSz8wwtOCt2ErK+UGTydV6poUX9tAPqQmRI CDTh/069CDybSL5dlPzsTgMUS7sr39BKYrJWWgGyV+bDJ8BXZ9KrevATvmbYvGNs k8XaFiARPedXv8GJ1SRBSFkfU2vOVCd1Vw7rUizqv5nW9haaBLDYJnPOiDIIHEAk GRdG2JOjdoasMgkarx+vOv/nqbApvqYC -----END CERTIFICATE-----Generated at Sun Jul 20 06:27:23 2025 by rpki-client