$ rpki-client -vvf rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.mft File: _U2MY5rcFYR8e0kRFZ3nG9gTk64.mft (raw, json) Hash identifier: FXIe2g0/nXiEZMPyUB7cnR49RPrBf2vzmZisFIz/FCk= Subject key identifier: 07:3C:4C:36:34:46:58:C9:05:E3:5B:0D:DD:07:FF:2F:8A:9F:D4:5F Authority key identifier: FD:4D:8C:63:9A:DC:15:84:7C:7B:49:11:15:9D:E7:1B:D8:13:93:AE Certificate issuer: /CN=A9152462/serialNumber=FD4D8C639ADC15847C7B4911159DE71BD81393AE Certificate serial: 0829 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.mft Manifest number: 0823 Signing time: Fri 18 Jul 2025 21:03:25 +0000 Manifest this update: Fri 18 Jul 2025 21:03:25 +0000 Manifest next update: Fri 25 Jul 2025 21:03:24 +0000 Files and hashes: 1: _U2MY5rcFYR8e0kRFZ3nG9gTk64.crl (hash: ojmp6n1CeVNmLfAn142F5PVWxZzy/6cvJGwc8prdw30=) 2: 4149D206DC4711EA80D5D916C4F9AE02.roa (hash: fmTA3xXjU3MtioARHLhk0XmrYZWzaoGTX30tUFAbkPE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.crl rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 21:03:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2089 (0x829) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152462, serialNumber=FD4D8C639ADC15847C7B4911159DE71BD81393AE Validity Not Before: Jul 18 21:03:25 2025 GMT Not After : Jul 25 21:03:24 2025 GMT Subject: CN=687ab69d-1d83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a2:b7:e3:88:31:8c:17:f0:83:ef:ed:73:10: b5:26:24:a6:86:bd:41:18:44:71:1b:5f:88:1b:c6: 26:5c:48:30:b8:08:9c:1f:71:51:9a:42:2f:a6:b7: f5:ef:33:ff:90:3a:ac:b6:20:f3:dd:7d:b4:53:9a: 8d:58:44:30:ac:20:42:a1:5d:5c:67:e4:70:3a:67: d1:28:0d:a5:bd:92:a5:de:ac:77:1a:5d:e5:c1:fb: 9c:91:dd:b4:ea:d3:d1:5c:25:34:3f:62:7d:33:db: 2a:b6:c0:bb:aa:69:af:5d:df:c0:a8:ac:be:6e:cd: c4:5c:dd:4a:72:f7:c7:dd:cc:d0:03:c5:89:00:4c: 81:a7:5e:76:42:4d:a2:2c:46:31:1c:61:e1:97:60: d2:c0:be:01:ae:8a:0e:44:e7:a2:a8:d2:4b:92:34: 07:d0:d8:19:39:73:62:ef:2a:aa:0c:e8:a0:94:8a: e8:10:58:8c:18:e1:79:ec:35:40:63:43:13:35:d4: 56:03:37:59:eb:f0:2a:c9:24:05:8e:fe:f8:e8:21: 81:22:2d:7f:af:a7:1d:6c:ec:a7:f0:92:28:7c:b7: e3:f4:9d:88:e2:71:0e:a7:1f:c1:51:01:f5:3e:c5: 12:d7:5f:72:5a:c7:23:24:06:9d:71:23:d3:f0:0c: f5:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:3C:4C:36:34:46:58:C9:05:E3:5B:0D:DD:07:FF:2F:8A:9F:D4:5F X509v3 Authority Key Identifier: keyid:FD:4D:8C:63:9A:DC:15:84:7C:7B:49:11:15:9D:E7:1B:D8:13:93:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:0a:3d:36:a0:1d:c1:b5:97:3b:ee:25:97:f8:49:f4:98:90: 06:51:20:d5:c3:5a:8e:4e:c1:35:eb:28:45:73:8a:d0:1f:1f: 3d:7e:00:5e:bc:06:e6:55:48:87:4d:73:85:9d:16:11:16:e2: 40:90:4a:27:46:0b:1b:57:fa:42:76:7a:89:e8:75:a5:d3:2c: af:2b:e3:0c:2b:f4:34:f0:34:03:04:3f:b3:f7:94:df:9a:86: dc:43:05:67:13:1f:38:70:e2:8d:16:a1:ff:f9:f2:f6:88:1d: 5b:4f:5c:c6:be:d3:ca:80:81:24:ad:be:a4:62:41:76:fa:c2: 04:2a:84:a2:16:61:5a:a8:a9:de:10:c0:a7:49:fc:cf:aa:b5: d9:c0:eb:e6:db:7c:d5:1c:e0:24:f9:d2:c8:8e:e9:3b:b2:ef: f4:fc:ca:26:c1:63:65:bb:7e:e4:ea:48:29:3d:01:e6:38:fe: 57:93:30:da:b4:8c:4e:6b:b2:2e:b4:4d:02:c0:31:53:36:49: 4c:a8:69:74:da:30:04:d4:cf:18:05:99:e7:19:d6:11:f0:02: 9f:cb:d2:9d:67:33:ce:4b:82:67:cb:47:5f:e7:14:bb:54:95: c4:62:60:8c:57:70:64:3e:4c:5f:a9:39:ae:89:25:50:bb:5e: a7:f6:10:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI0NjIxMTAvBgNVBAUTKEZENEQ4QzYzOUFEQzE1ODQ3QzdCNDkxMTE1OURFNzFC RDgxMzkzQUUwHhcNMjUwNzE4MjEwMzI1WhcNMjUwNzI1MjEwMzI0WjAYMRYwFAYD VQQDEw02ODdhYjY5ZC0xZDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApaK344gxjBfwg+/tcxC1JiSmhr1BGERxG1+IG8YmXEgwuAicH3FRmkIvprf1 7zP/kDqstiDz3X20U5qNWEQwrCBCoV1cZ+RwOmfRKA2lvZKl3qx3Gl3lwfuckd20 6tPRXCU0P2J9M9sqtsC7qmmvXd/AqKy+bs3EXN1KcvfH3czQA8WJAEyBp152Qk2i LEYxHGHhl2DSwL4BrooOROeiqNJLkjQH0NgZOXNi7yqqDOiglIroEFiMGOF57DVA Y0MTNdRWAzdZ6/AqySQFjv746CGBIi1/r6cdbOyn8JIofLfj9J2I4nEOpx/BUQH1 PsUS119yWscjJAadcSPT8Az1nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAc8TDY0 RljJBeNbDd0H/y+Kn9RfMB8GA1UdIwQYMBaAFP1NjGOa3BWEfHtJERWd5xvYE5Ou MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjQ2Mi8zMkM3NTdFNkRD NDUxMUVBODZBNzM3MTNDNEY5QUUwMi9fVTJNWTVyY0ZZUjhlMGtSRlozbkc5Z1Rr NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19VMk1ZNXJjRllSOGUwa1JGWjNuRzlnVGs2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjQ2Mi8zMkM3NTdFNkRDNDUxMUVBODZBNzM3MTNDNEY5QUUwMi9fVTJNWTVyY0ZZ UjhlMGtSRlozbkc5Z1RrNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8Cj02oB3BtZc77iWX+En0mJAGUSDVw1qOTsE16yhFc4rQHx89fgBe vAbmVUiHTXOFnRYRFuJAkEonRgsbV/pCdnqJ6HWl0yyvK+MMK/Q08DQDBD+z95Tf mobcQwVnEx84cOKNFqH/+fL2iB1bT1zGvtPKgIEkrb6kYkF2+sIEKoSiFmFaqKne EMCnSfzPqrXZwOvm23zVHOAk+dLIjuk7su/0/MomwWNlu37k6kgpPQHmOP5XkzDa tIxOa7IutE0CwDFTNklMqGl02jAE1M8YBZnnGdYR8AKfy9KdZzPOS4Jny0df5xS7 VJXEYmCMV3BkPkxfqTmuiSVQu16n9hBu -----END CERTIFICATE-----Generated at Sun Jul 20 07:33:21 2025 by rpki-client