$ rpki-client -vvf rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft File: XZRtT0edN7zhcAywut1RosPfYg8.mft (raw, json) Hash identifier: TFfyC4fzFlDslrx+hZiJkw5zDTUnWhGsoNZakwubkb4= Subject key identifier: 94:A3:5F:81:62:E8:30:B3:58:8C:70:C8:7B:83:40:13:0F:A7:E1:79 Authority key identifier: 5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F Certificate issuer: /CN=A9152787/serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F Certificate serial: 8F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft Manifest number: 8D Signing time: Sat 19 Jul 2025 06:44:47 +0000 Manifest this update: Sat 19 Jul 2025 06:44:47 +0000 Manifest next update: Sat 26 Jul 2025 06:44:47 +0000 Files and hashes: 1: XZRtT0edN7zhcAywut1RosPfYg8.crl (hash: NRKGW4YY8NU7djNTvPQo/YZce/uCVy0tR/i5KSCYwDc=) 2: CB24F37C033711F0B76A8520C4F9AE02.roa (hash: 086QtTZ7qGEzYPBYkqpmBPb1qovlHlBpqUB0MoAAlkQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.crl rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:44:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152787, serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F Validity Not Before: Jul 19 06:44:47 2025 GMT Not After : Jul 26 06:44:47 2025 GMT Subject: CN=687b3edf-87d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e3:eb:87:f9:f8:f5:f7:de:42:ea:4b:38:50: 01:6e:98:58:9f:6f:85:42:d8:2e:47:5e:37:27:b7: 75:dd:c3:bb:ca:b5:38:6c:be:ff:bc:3d:b5:af:86: 72:ec:2d:26:39:2f:7d:e2:38:1c:44:20:f7:1f:0c: 43:ef:a7:21:9f:98:52:dd:f0:2a:47:fa:ae:7a:f2: f2:03:7e:e4:de:20:8c:f9:70:44:03:9f:73:ae:8d: 05:88:6a:e7:6d:61:72:f1:0e:2c:7f:a2:fa:c2:4f: e1:b3:27:f8:4b:35:4d:59:f0:bb:11:15:6f:0f:39: 22:5d:83:2c:b4:2a:4a:61:8b:93:d5:58:ef:30:e1: b7:d4:0c:23:af:eb:df:f4:77:23:04:c8:b8:a3:8b: b8:b3:68:23:14:6b:7c:30:81:c2:ed:1e:f7:11:67: 21:d5:3a:54:4d:36:9e:66:4e:21:c9:10:69:ad:cb: c2:4a:c8:01:a0:92:21:db:8a:90:27:9d:8e:02:95: 3e:da:49:9d:10:a3:4d:8c:93:e4:11:01:e6:09:19: 58:7f:ec:f4:1b:ee:8b:fd:a0:72:3a:79:f6:8f:1b: e7:01:64:87:52:83:77:79:73:28:41:bc:53:6d:98: 25:21:ad:d3:a3:cf:8e:12:a7:0f:79:cc:58:b4:76: c0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:A3:5F:81:62:E8:30:B3:58:8C:70:C8:7B:83:40:13:0F:A7:E1:79 X509v3 Authority Key Identifier: keyid:5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:af:66:2a:2b:30:c5:08:e1:5e:c3:92:af:41:db:5e:27:ba: 5d:f8:61:ee:ec:64:0a:43:42:9c:b4:55:44:9c:7d:db:af:14: 3d:ae:6b:bf:a6:c1:be:0c:4d:65:66:30:61:69:64:12:c3:57: fc:1a:d4:85:58:04:5f:59:55:ec:84:55:8a:6c:99:6c:ea:80: 5c:d2:ed:55:36:1d:b1:72:42:9c:bc:7e:74:b8:c2:77:96:a7: d3:81:f4:47:42:6b:41:51:c5:d4:1b:a0:c9:97:f8:b0:0c:2f: 6b:16:01:12:70:b1:d2:ab:ef:fd:3d:ab:8e:1b:a5:51:3c:2a: d1:20:ae:3e:d0:14:53:f0:3e:81:82:3e:7c:e3:a3:ee:d4:93: b8:17:e7:66:38:75:7f:71:f4:43:b7:55:f4:14:21:8b:b3:c7: 33:25:32:c1:89:da:2e:e1:5b:7a:92:37:cf:69:fc:03:26:b9: 2c:6c:e5:91:d2:8e:46:12:35:0c:62:de:65:72:f6:dd:09:a0: c8:fc:c1:7a:37:dc:01:d2:f7:c3:7c:48:9b:c3:9a:c4:51:b1: ae:60:52:e2:1b:11:72:99:2e:5f:1a:5c:5b:a2:95:32:4f:56: e0:ce:08:ab:a6:4b:99:48:a9:ba:86:5f:dd:82:c4:99:ce:8d: f1:8b:d8:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI3ODcxMTAvBgNVBAUTKDVEOTQ2RDRGNDc5RDM3QkNFMTcwMENCMEJBREQ1MUEy QzNERjYyMEYwHhcNMjUwNzE5MDY0NDQ3WhcNMjUwNzI2MDY0NDQ3WjAYMRYwFAYD VQQDEw02ODdiM2VkZi04N2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+Prh/n49ffeQupLOFABbphYn2+FQtguR143J7d13cO7yrU4bL7/vD21r4Zy 7C0mOS994jgcRCD3HwxD76chn5hS3fAqR/quevLyA37k3iCM+XBEA59zro0FiGrn bWFy8Q4sf6L6wk/hsyf4SzVNWfC7ERVvDzkiXYMstCpKYYuT1VjvMOG31Awjr+vf 9HcjBMi4o4u4s2gjFGt8MIHC7R73EWch1TpUTTaeZk4hyRBprcvCSsgBoJIh24qQ J52OApU+2kmdEKNNjJPkEQHmCRlYf+z0G+6L/aByOnn2jxvnAWSHUoN3eXMoQbxT bZglIa3To8+OEqcPecxYtHbABQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJSjX4Fi 6DCzWIxwyHuDQBMPp+F5MB8GA1UdIwQYMBaAFF2UbU9HnTe84XAMsLrdUaLD32IP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Mjc4Ny8yMjg2NTYyQThG NzkxMUVGOTJBQzc4MUVDNEY5QUUwMi9YWlJ0VDBlZE43emhjQXl3dXQxUm9zUGZZ ZzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1haUnRUMGVkTjd6aGNBeXd1dDFSb3NQZllnOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Mjc4Ny8yMjg2NTYyQThGNzkxMUVGOTJBQzc4MUVDNEY5QUUwMi9YWlJ0VDBlZE43 emhjQXl3dXQxUm9zUGZZZzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2r2YqKzDFCOFew5KvQdteJ7pd+GHu7GQKQ0KctFVEnH3brxQ9rmu/ psG+DE1lZjBhaWQSw1f8GtSFWARfWVXshFWKbJls6oBc0u1VNh2xckKcvH50uMJ3 lqfTgfRHQmtBUcXUG6DJl/iwDC9rFgEScLHSq+/9PauOG6VRPCrRIK4+0BRT8D6B gj5846Pu1JO4F+dmOHV/cfRDt1X0FCGLs8czJTLBidou4Vt6kjfPafwDJrksbOWR 0o5GEjUMYt5lcvbdCaDI/MF6N9wB0vfDfEibw5rEUbGuYFLiGxFymS5fGlxbopUy T1bgzgirpkuZSKm6hl/dgsSZzo3xi9gz -----END CERTIFICATE-----Generated at Sun Jul 20 07:09:42 2025 by rpki-client