$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: NsZX6ONopu13HtqNNZCZK5fyJmmtAHFHN+wjUpWy5Fg= Subject key identifier: 3B:A4:BD:4D:4B:9B:26:06:3F:6C:BE:82:3D:22:C0:1F:2E:DF:64:32 Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0C3D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0C37 Signing time: Sat 06 Sep 2025 18:05:10 +0000 Manifest this update: Sat 06 Sep 2025 18:05:10 +0000 Manifest next update: Sat 13 Sep 2025 18:05:10 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: mBsmqECeXTQDM3r3HEEqSyE1ltKnj7ffWLcWG6i70Rc=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: fJj5V7B0tj2U/amxOYn7MfT1h8cR0RvRgHTxKdHbOM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 18:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3133 (0xc3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624, serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: Sep 6 18:05:10 2025 GMT Not After : Sep 13 18:05:10 2025 GMT Subject: CN=68bc77d6-671b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:dc:d5:2a:4b:a5:bb:4c:33:eb:a0:85:2e:5c: 1d:77:1e:5e:7b:f3:4e:b7:61:08:93:df:03:ed:db: a5:10:4e:3d:8d:43:68:e4:ce:69:d4:6a:4a:2f:df: 18:cd:e5:6c:cd:22:2d:0b:37:f5:fb:78:5b:4d:92: 91:7a:1f:9c:60:cb:eb:64:04:ad:eb:7c:be:3d:af: 70:7b:6e:a8:9b:5b:d6:a3:70:96:2a:70:8a:d9:1e: 57:37:d0:e9:a1:36:93:5a:fb:ff:51:6c:54:f8:60: 2d:fe:d5:6b:6e:3e:ed:d8:d5:44:5f:9b:5b:e3:af: 69:fe:fe:f3:92:9c:d4:df:3d:7e:02:74:d3:2c:b1: d0:49:ba:57:f9:61:d0:5b:c3:74:43:82:93:60:e6: 10:c5:9c:76:d1:16:9e:85:80:2c:6c:1f:25:c7:d2: 69:5b:30:1b:7b:8e:3f:35:e4:12:7b:97:18:f3:75: 2e:3b:2f:01:c1:4f:e3:80:17:b2:d2:76:cd:ac:47: 2b:67:ee:7b:24:22:61:a4:c2:47:ac:89:fd:f8:2f: c6:77:f5:ba:42:cb:75:fd:a8:82:13:08:9a:aa:9c: 9f:e9:1f:de:65:12:a2:1a:3a:88:7d:ab:25:0e:54: ae:f5:c8:08:b3:35:04:d0:80:d0:9a:06:bb:98:2a: 54:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:A4:BD:4D:4B:9B:26:06:3F:6C:BE:82:3D:22:C0:1F:2E:DF:64:32 X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:35:25:6a:2b:ba:87:0b:36:03:6a:d0:b9:f0:94:25:c6:87: d7:69:05:7f:50:a0:05:47:ed:2d:f8:8e:28:9c:11:8a:cf:a2: 38:47:ba:21:c2:47:4d:14:67:63:78:42:fe:d8:a9:7d:92:c2: c4:04:3b:68:6b:4a:c6:9c:ab:5d:08:5d:09:33:d3:84:0b:f7: 6f:bd:f3:cd:cd:f4:8d:48:99:0c:9e:4a:09:d2:fd:29:27:10: 5a:cf:57:b4:5f:57:02:f2:76:e7:d8:e1:b5:09:bc:d8:49:eb: 23:23:dd:aa:3c:65:0d:e9:4c:47:47:92:46:22:a7:d1:84:52: 7e:de:34:86:02:8c:13:4a:60:d8:0b:05:df:61:2a:c9:4c:d7: bc:49:0a:81:92:e5:78:a1:c1:3e:d5:f5:f3:6f:d9:88:81:04: c7:25:b1:f8:b8:ca:6a:0b:0d:72:ee:28:4c:2b:90:8e:93:98: b9:5c:c7:ff:65:5a:89:20:61:48:0e:db:67:85:a4:b1:d0:da: 03:f6:74:21:6a:ca:f3:53:14:ca:44:ed:af:98:20:61:16:c4: 3b:88:30:92:a6:6d:99:84:c5:13:aa:cc:c8:27:51:0e:f8:21: 63:38:64:0c:9e:5e:0c:98:18:a7:1f:46:5b:ea:ef:cb:98:46: 5f:f5:e6:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjUwOTA2MTgwNTEwWhcNMjUwOTEzMTgwNTEwWjAYMRYwFAYD VQQDEw02OGJjNzdkNi02NzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAttzVKkulu0wz66CFLlwddx5ee/NOt2EIk98D7dulEE49jUNo5M5p1GpKL98Y zeVszSItCzf1+3hbTZKReh+cYMvrZASt63y+Pa9we26om1vWo3CWKnCK2R5XN9Dp oTaTWvv/UWxU+GAt/tVrbj7t2NVEX5tb469p/v7zkpzU3z1+AnTTLLHQSbpX+WHQ W8N0Q4KTYOYQxZx20RaehYAsbB8lx9JpWzAbe44/NeQSe5cY83UuOy8BwU/jgBey 0nbNrEcrZ+57JCJhpMJHrIn9+C/Gd/W6Qst1/aiCEwiaqpyf6R/eZRKiGjqIfasl DlSu9cgIszUE0IDQmga7mCpUgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDukvU1L myYGP2y+gj0iwB8u32QyMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJNSVqK7qHCzYDatC58JQlxofXaQV/UKAFR+0t+I4onBGKz6I4R7oh wkdNFGdjeEL+2Kl9ksLEBDtoa0rGnKtdCF0JM9OEC/dvvfPNzfSNSJkMnkoJ0v0p JxBaz1e0X1cC8nbn2OG1CbzYSesjI92qPGUN6UxHR5JGIqfRhFJ+3jSGAowTSmDY CwXfYSrJTNe8SQqBkuV4ocE+1fXzb9mIgQTHJbH4uMpqCw1y7ihMK5COk5i5XMf/ ZVqJIGFIDttnhaSx0NoD9nQhasrzUxTKRO2vmCBhFsQ7iDCSpm2ZhMUTqszIJ1EO +CFjOGQMnl4MmBinH0Zb6u/LmEZf9eZZ -----END CERTIFICATE-----Generated at Sat Sep 6 21:05:09 2025 by rpki-client