$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: rdANRcdf03VjxCLVEMVajUgnAs5ilNryp/7tmPeOz4M= Subject key identifier: 9A:09:37:E1:0E:E7:B5:3C:04:88:63:80:24:39:9A:45:0B:83:15:A3 Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 0171 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 016E Signing time: Mon 21 Jul 2025 03:54:46 +0000 Manifest this update: Mon 21 Jul 2025 03:54:46 +0000 Manifest next update: Mon 28 Jul 2025 03:54:46 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: VEX5s/usoXqzvDEf5H/H/MFWY7BLQv9I2gPNXKraxZ4=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: Zg2pOaZOOb5sHUdXJNoHkdhEmOD4YyAjMP6N4/VUVYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 03:54:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 369 (0x171) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: Jul 21 03:54:46 2025 GMT Not After : Jul 28 03:54:46 2025 GMT Subject: CN=687dba06-52b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:2b:50:66:e4:69:06:9a:03:58:26:40:2e:c3: bc:a8:35:8b:ac:ff:8a:a7:e0:e1:85:3a:57:33:26: 56:75:b0:b6:49:24:6a:2d:c2:f1:06:89:a9:97:b0: be:f7:4d:c9:fe:b9:40:f1:d7:b0:f8:7c:f3:c5:e4: e6:4e:e3:e3:1f:ac:19:6a:31:41:52:0e:cb:dd:86: 51:e9:70:4f:9c:49:bc:ee:c5:dd:aa:27:1c:bf:73: bd:c1:d1:a6:a0:fc:88:1a:b6:25:a7:74:1f:86:12: 09:ec:8e:01:fe:f6:95:62:33:73:82:9f:5f:96:10: a5:42:9a:43:86:4a:04:d3:ec:ba:39:2c:63:a2:c4: 94:d2:d2:9c:f4:1a:d9:b9:74:a7:58:df:bd:1e:9f: 53:ae:fe:7e:17:0d:21:4d:b9:51:6c:75:6e:27:5e: b6:91:56:8e:55:73:25:d5:dc:d1:75:ca:fa:ae:82: b2:b3:a1:1c:bd:6b:a5:2c:da:7d:d5:4e:c0:c8:b6: 94:4e:2b:99:17:bc:ca:24:d7:da:ac:33:b7:40:f1: 57:d3:62:31:2e:b2:dd:c0:f4:1c:82:df:fa:ad:f4: 5a:d7:fc:71:4c:12:29:78:12:c9:19:a4:14:f5:e1: a4:77:d1:95:19:5d:bf:48:81:f9:98:e2:f5:2b:c2: 91:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:09:37:E1:0E:E7:B5:3C:04:88:63:80:24:39:9A:45:0B:83:15:A3 X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:26:6c:b4:a9:0e:39:b0:55:a4:52:72:a1:ff:05:ba:ab:85: cd:ec:e7:96:c9:c1:8b:a8:a8:d5:08:54:78:7c:a6:07:2e:a1: 55:31:b5:5f:48:c9:41:d1:ff:8e:8f:15:76:89:cd:25:44:31: 39:9f:15:4e:53:75:b7:d2:9e:81:e9:64:51:39:2a:39:dd:9e: 50:d2:00:cd:06:b9:e4:39:54:d2:f3:80:69:fc:92:21:fd:c4: e4:a7:fe:cc:af:b0:97:a5:95:8e:ea:6d:30:c1:1b:c4:91:5c: 4c:2c:2b:a0:2c:e4:c7:ac:a5:85:56:f5:1f:dd:76:5c:10:da: 24:a9:3e:f2:f6:99:d8:33:42:90:b6:dc:42:58:db:d9:38:14: e3:67:9c:ac:3c:ec:81:c1:a6:3c:4b:e8:b8:b6:eb:fe:d6:0a: 55:9a:fe:c2:bc:b8:99:90:ba:4e:a7:cd:5b:87:b1:e8:b3:45: 8a:05:0a:31:33:f7:07:87:ce:0a:f8:26:16:9d:3e:f2:c0:0b: 3e:16:8b:05:50:bf:15:8a:f6:8b:47:80:88:0d:94:5f:e3:88: 7d:ab:e0:86:40:af:b0:21:d0:e6:7d:78:03:82:0a:5e:f3:e2: 40:0e:af:c3:ea:73:e6:c8:7b:33:3a:a5:2c:8c:22:48:e8:39: 19:d9:c6:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjUwNzIxMDM1NDQ2WhcNMjUwNzI4MDM1NDQ2WjAYMRYwFAYD VQQDEw02ODdkYmEwNi01MmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+CtQZuRpBpoDWCZALsO8qDWLrP+Kp+DhhTpXMyZWdbC2SSRqLcLxBompl7C+ 903J/rlA8dew+HzzxeTmTuPjH6wZajFBUg7L3YZR6XBPnEm87sXdqiccv3O9wdGm oPyIGrYlp3QfhhIJ7I4B/vaVYjNzgp9flhClQppDhkoE0+y6OSxjosSU0tKc9BrZ uXSnWN+9Hp9Trv5+Fw0hTblRbHVuJ162kVaOVXMl1dzRdcr6roKys6EcvWulLNp9 1U7AyLaUTiuZF7zKJNfarDO3QPFX02IxLrLdwPQcgt/6rfRa1/xxTBIpeBLJGaQU 9eGkd9GVGV2/SIH5mOL1K8KR8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJoJN+EO 57U8BIhjgCQ5mkULgxWjMB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/Jmy0qQ45sFWkUnKh/wW6q4XN7OeWycGLqKjVCFR4fKYHLqFVMbVf SMlB0f+OjxV2ic0lRDE5nxVOU3W30p6B6WRROSo53Z5Q0gDNBrnkOVTS84Bp/JIh /cTkp/7Mr7CXpZWO6m0wwRvEkVxMLCugLOTHrKWFVvUf3XZcENokqT7y9pnYM0KQ ttxCWNvZOBTjZ5ysPOyBwaY8S+i4tuv+1gpVmv7CvLiZkLpOp81bh7Hos0WKBQox M/cHh84K+CYWnT7ywAs+FosFUL8VivaLR4CIDZRf44h9q+CGQK+wIdDmfXgDggpe 8+JADq/D6nPmyHszOqUsjCJI6DkZ2cbX -----END CERTIFICATE-----Generated at Mon Jul 21 12:41:47 2025 by rpki-client