$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft File: b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft (raw, json) Hash identifier: tMsUBXT1o2sCTitD/njxDaEENHHMb7yatEtCdCQfgJI= Subject key identifier: EE:1D:FA:76:70:31:8A:40:E2:46:00:33:FC:9A:A9:23:EE:2A:DD:21 Authority key identifier: 6F:D5:B7:43:1E:71:50:ED:65:0F:7F:27:A3:DC:F8:C5:CE:AC:77:64 Certificate issuer: /CN=A9173CCA/serialNumber=6FD5B7431E7150ED650F7F27A3DCF8C5CEAC7764 Certificate serial: AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft Manifest number: AB Signing time: Wed 23 Jul 2025 06:29:00 +0000 Manifest this update: Wed 23 Jul 2025 06:28:59 +0000 Manifest next update: Wed 30 Jul 2025 06:28:59 +0000 Files and hashes: 1: b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl (hash: 6mD7PXAI2Tw9ia1WpegB/D07Xjz5FAKYKL4MavbtGs0=) 2: 3866993C6A6711EF929E6773C4F9AE02.roa (hash: blrLiUR2o+nqfH3V7oxiwVZEehZHbPAqakKDEvu+zf4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 06:28:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173CCA, serialNumber=6FD5B7431E7150ED650F7F27A3DCF8C5CEAC7764 Validity Not Before: Jul 23 06:28:59 2025 GMT Not After : Jul 30 06:28:59 2025 GMT Subject: CN=6880812b-5a5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8e:34:b0:7f:46:20:1a:40:20:76:47:ff:0c: 62:14:bc:03:98:63:01:9f:2c:cc:92:25:0d:a0:e7: a1:97:14:c2:2f:85:c7:07:fe:ed:ed:bd:a2:eb:53: 82:6d:09:f9:db:cb:0e:de:2b:c2:ba:84:26:73:2a: 15:15:ba:39:d5:db:12:62:2e:b4:98:22:ef:c4:1f: 53:36:18:56:15:fe:af:3b:2a:14:3f:b2:b7:25:22: f1:ee:68:a0:5c:61:38:13:e8:50:6e:ae:a4:e7:e1: 9f:87:a9:41:0c:d5:c5:ba:76:c4:24:28:87:5b:63: 18:ee:56:cb:c0:bb:95:31:84:64:85:45:b5:24:c8: 89:fa:e5:5f:81:e9:6f:2c:07:99:ed:26:04:48:b5: 54:3f:7b:ae:5a:13:b5:77:63:6f:4c:ca:c5:64:ea: 28:03:db:39:a9:55:33:a5:32:fd:10:cb:99:56:b1: 4e:e7:5c:46:4f:65:a1:eb:6d:58:e9:06:e6:12:45: 9d:e7:f5:f7:61:f4:7b:5e:97:eb:68:07:65:77:cb: 5f:77:08:74:ca:b9:a6:b8:31:52:bb:73:b6:64:c9: 81:fd:48:36:2c:f3:1f:22:1f:36:11:e4:e4:a0:d7: e4:be:53:b7:ca:67:5a:ab:38:90:01:34:cf:de:58: a7:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:1D:FA:76:70:31:8A:40:E2:46:00:33:FC:9A:A9:23:EE:2A:DD:21 X509v3 Authority Key Identifier: keyid:6F:D5:B7:43:1E:71:50:ED:65:0F:7F:27:A3:DC:F8:C5:CE:AC:77:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9W3Qx5xUO1lD38no9z4xc6sd2Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CCA/1CA9B824654D11EFB44B7B58C4F9AE02/b9W3Qx5xUO1lD38no9z4xc6sd2Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:a9:6b:31:ec:a8:e3:ef:36:69:4f:82:51:30:0b:29:b6:a6: c7:2f:ae:11:b1:fd:24:a5:04:13:44:93:a4:ed:cb:13:4f:79: c6:a2:ee:83:08:39:bf:a1:ab:cd:40:22:7c:1f:dc:0a:0b:5c: 20:f1:ff:0d:fb:53:35:60:fa:b8:04:76:c9:3d:20:35:bb:0d: 41:c4:20:bb:5d:8c:0e:04:1a:76:39:ea:da:64:a6:07:40:9b: 66:d4:f4:bc:bc:05:e8:e7:d4:78:ed:98:8c:1f:70:15:d6:78: 1f:cb:a5:df:b1:74:2b:ca:84:58:88:b2:b9:35:23:e6:52:7f: 92:6f:7e:57:f5:ed:f5:e6:c3:00:88:71:11:63:4a:1b:d2:d5: dc:b9:f5:f2:0b:3a:73:03:bb:a5:5a:49:5f:26:fc:1a:24:a3: 4b:60:90:6a:d0:68:7c:54:17:be:47:bd:5a:90:a7:a5:0a:7d: 20:ab:68:ca:c3:68:f6:f4:88:e4:65:43:57:09:e0:6d:10:7c: db:37:d7:07:f2:b9:d7:ab:7f:bf:e9:f7:b5:af:44:c4:82:20: b5:53:8d:4f:ac:2e:de:3b:19:f5:68:f4:06:53:11:df:3b:05: 47:77:58:9a:4d:e8:bb:1a:5b:11:e6:fd:c4:15:e7:27:ad:93: c7:5c:14:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzNDQ0ExMTAvBgNVBAUTKDZGRDVCNzQzMUU3MTUwRUQ2NTBGN0YyN0EzRENGOEM1 Q0VBQzc3NjQwHhcNMjUwNzIzMDYyODU5WhcNMjUwNzMwMDYyODU5WjAYMRYwFAYD VQQDEw02ODgwODEyYi01YTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsI40sH9GIBpAIHZH/wxiFLwDmGMBnyzMkiUNoOehlxTCL4XHB/7t7b2i61OC bQn528sO3ivCuoQmcyoVFbo51dsSYi60mCLvxB9TNhhWFf6vOyoUP7K3JSLx7mig XGE4E+hQbq6k5+Gfh6lBDNXFunbEJCiHW2MY7lbLwLuVMYRkhUW1JMiJ+uVfgelv LAeZ7SYESLVUP3uuWhO1d2NvTMrFZOooA9s5qVUzpTL9EMuZVrFO51xGT2Wh621Y 6QbmEkWd5/X3YfR7XpfraAdld8tfdwh0yrmmuDFSu3O2ZMmB/Ug2LPMfIh82EeTk oNfkvlO3ymdaqziQATTP3linEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO4d+nZw MYpA4kYAM/yaqSPuKt0hMB8GA1UdIwQYMBaAFG/Vt0MecVDtZQ9/J6Pc+MXOrHdk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NDQS8xQ0E5QjgyNDY1 NEQxMUVGQjQ0QjdCNThDNEY5QUUwMi9iOVczUXg1eFVPMWxEMzhubzl6NHhjNnNk MlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5VzNReDV4VU8xbEQzOG5vOXo0eGM2c2QyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 M0NDQS8xQ0E5QjgyNDY1NEQxMUVGQjQ0QjdCNThDNEY5QUUwMi9iOVczUXg1eFVP MWxEMzhubzl6NHhjNnNkMlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCqWsx7Kjj7zZpT4JRMAsptqbHL64Rsf0kpQQTRJOk7csTT3nGou6D CDm/oavNQCJ8H9wKC1wg8f8N+1M1YPq4BHbJPSA1uw1BxCC7XYwOBBp2OeraZKYH QJtm1PS8vAXo59R47ZiMH3AV1ngfy6XfsXQryoRYiLK5NSPmUn+Sb35X9e315sMA iHERY0ob0tXcufXyCzpzA7ulWklfJvwaJKNLYJBq0Gh8VBe+R71akKelCn0gq2jK w2j29IjkZUNXCeBtEHzbN9cH8rnXq3+/6fe1r0TEgiC1U41PrC7eOxn1aPQGUxHf OwVHd1iaTei7GlsR5v3EFecnrZPHXBSL -----END CERTIFICATE-----Generated at Wed Jul 23 15:26:29 2025 by rpki-client