$ rpki-client -vvf rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.mft File: sItZ5dEHBcXLLTzbhWWzKNUC9VA.mft (raw, json) Hash identifier: 4X+H5C5WMuqu3cbisR8ty1fYIeUZTk/xj2fuC2ZpGEE= Subject key identifier: 6A:B7:C7:F6:77:0E:9E:61:8C:F8:03:F7:F3:9C:FF:9C:45:AF:32:FF Authority key identifier: B0:8B:59:E5:D1:07:05:C5:CB:2D:3C:DB:85:65:B3:28:D5:02:F5:50 Certificate issuer: /CN=A911C53A/serialNumber=B08B59E5D10705C5CB2D3CDB8565B328D502F550 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sItZ5dEHBcXLLTzbhWWzKNUC9VA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.mft Manifest number: 2A Signing time: Sat 23 Aug 2025 07:59:33 +0000 Manifest this update: Sat 23 Aug 2025 07:59:32 +0000 Manifest next update: Sat 30 Aug 2025 07:59:32 +0000 Files and hashes: 1: sItZ5dEHBcXLLTzbhWWzKNUC9VA.crl (hash: Ico5OMmCRA4RCzCdS7B2XPlCx0Y9h+RtlR7hnCOr2X0=) 2: BDF659C4445111F0945A7E49C4F9AE02.roa (hash: NrM1GT0GOIEPUd0x6/lOomv0lodf7Nxw+vo5Gb1q27Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.crl rsync://rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sItZ5dEHBcXLLTzbhWWzKNUC9VA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:59:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C53A, serialNumber=B08B59E5D10705C5CB2D3CDB8565B328D502F550 Validity Not Before: Aug 23 07:59:32 2025 GMT Not After : Aug 30 07:59:32 2025 GMT Subject: CN=68a974e5-3c5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ce:44:08:35:f7:d9:b5:8a:e4:4a:71:0c:a2: 7d:ce:10:e0:41:fe:30:36:78:93:89:71:e3:74:e7: 1d:34:e3:d6:6d:39:8e:54:8f:9e:a6:e8:aa:ee:21: 39:c7:1e:42:0c:c0:b5:a7:d1:cf:81:e0:11:b2:46: 42:2f:76:ec:a3:f3:c9:69:74:65:9b:16:44:1b:89: 87:95:6b:d8:b2:7b:76:cc:04:df:37:0c:f9:7d:4e: 3d:3f:fb:a5:65:b7:8e:be:cf:f0:47:b3:7b:f7:a7: 99:d6:23:7b:b5:e5:fb:13:6e:fb:0f:51:58:41:7e: fc:f3:ba:4c:56:6f:3e:33:e6:f6:0f:10:b0:c7:54: 8a:41:11:10:8e:a2:2a:91:64:a7:e4:48:a2:12:0d: ed:5e:54:cf:44:4d:28:dd:d7:44:51:c2:87:99:d1: 3f:07:77:68:3e:e0:6d:a0:32:89:4c:3e:22:16:f5: a1:2b:e7:41:1e:20:f3:d1:21:f2:50:5b:01:f9:3e: 2e:9e:c3:f2:fb:d8:f7:5e:60:33:db:4a:c7:ce:db: 1f:0a:4d:e2:06:e3:e9:13:f1:62:3c:15:4d:79:7c: cc:de:fa:68:77:bc:c0:ea:ad:61:27:fe:0e:38:57: cc:e3:dc:0f:b9:ce:3c:d3:69:a2:4b:67:d8:88:0c: b2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:B7:C7:F6:77:0E:9E:61:8C:F8:03:F7:F3:9C:FF:9C:45:AF:32:FF X509v3 Authority Key Identifier: keyid:B0:8B:59:E5:D1:07:05:C5:CB:2D:3C:DB:85:65:B3:28:D5:02:F5:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sItZ5dEHBcXLLTzbhWWzKNUC9VA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C53A/4745056E445111F0A09E8A24C4F9AE02/sItZ5dEHBcXLLTzbhWWzKNUC9VA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:ca:d1:74:17:d2:8e:79:df:0b:01:e3:8e:e8:06:d1:20:7d: ee:12:3a:23:39:80:5e:c4:48:fd:8c:b6:dd:d4:ae:eb:bc:29: ea:69:64:8f:43:e0:ff:23:8f:f1:09:a5:0e:fd:21:49:78:4c: 72:8a:99:03:a6:21:29:be:35:2d:e6:b4:89:b5:67:30:40:09: a4:a2:e4:d7:99:ff:e2:1e:4c:d2:01:e2:5e:3b:e4:13:95:71: bf:db:e5:6a:83:79:40:32:e8:4a:fa:ea:4c:aa:90:f2:30:d2: 6d:74:39:22:71:5b:24:81:93:35:34:ea:6b:2c:2a:32:cf:86: 90:d9:bb:23:d4:d9:41:0b:8b:f8:da:96:65:e1:9c:e3:81:5d: 31:a8:39:ae:02:0f:d9:45:76:4c:64:cc:28:e8:d7:fa:80:e2: 57:2c:81:ec:28:41:fe:d8:a5:1d:e3:53:d4:76:a6:96:64:14: 9a:82:2f:f2:30:b7:6f:39:38:42:b7:2b:37:bd:e4:89:bf:3a: d1:36:54:24:00:9d:e9:de:fd:4c:2d:27:59:5d:48:06:16:61: ed:5d:dd:01:84:3d:61:e7:0f:5e:f8:2e:fb:71:4c:52:17:18: 16:78:2d:cb:bc:96:74:1f:72:b2:11:e5:f2:55:e5:71:0b:ac: ce:69:a5:dd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx QzUzQTExMC8GA1UEBRMoQjA4QjU5RTVEMTA3MDVDNUNCMkQzQ0RCODU2NUIzMjhE NTAyRjU1MDAeFw0yNTA4MjMwNzU5MzJaFw0yNTA4MzAwNzU5MzJaMBgxFjAUBgNV BAMTDTY4YTk3NGU1LTNjNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8zkQINffZtYrkSnEMon3OEOBB/jA2eJOJceN05x0049ZtOY5Uj56m6KruITnH HkIMwLWn0c+B4BGyRkIvduyj88lpdGWbFkQbiYeVa9iye3bMBN83DPl9Tj0/+6Vl t46+z/BHs3v3p5nWI3u15fsTbvsPUVhBfvzzukxWbz4z5vYPELDHVIpBERCOoiqR ZKfkSKISDe1eVM9ETSjd10RRwoeZ0T8Hd2g+4G2gMolMPiIW9aEr50EeIPPRIfJQ WwH5Pi6ew/L72PdeYDPbSsfO2x8KTeIG4+kT8WI8FU15fMze+mh3vMDqrWEn/g44 V8zj3A+5zjzTaaJLZ9iIDLJ9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUarfH9ncO nmGM+AP385z/nEWvMv8wHwYDVR0jBBgwFoAUsItZ5dEHBcXLLTzbhWWzKNUC9VAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDNTNBLzQ3NDUwNTZFNDQ1 MTExRjBBMDlFOEEyNEM0RjlBRTAyL3NJdFo1ZEVIQmNYTExUemJoV1d6S05VQzlW QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc0l0WjVkRUhCY1hMTFR6YmhXV3pLTlVDOVZBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFD NTNBLzQ3NDUwNTZFNDQ1MTExRjBBMDlFOEEyNEM0RjlBRTAyL3NJdFo1ZEVIQmNY TExUemJoV1d6S05VQzlWQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH3K0XQX0o553wsB447oBtEgfe4SOiM5gF7ESP2Mtt3Uruu8KeppZI9D 4P8jj/EJpQ79IUl4THKKmQOmISm+NS3mtIm1ZzBACaSi5NeZ/+IeTNIB4l475BOV cb/b5WqDeUAy6Er66kyqkPIw0m10OSJxWySBkzU06mssKjLPhpDZuyPU2UELi/ja lmXhnOOBXTGoOa4CD9lFdkxkzCjo1/qA4lcsgewoQf7YpR3jU9R2ppZkFJqCL/Iw t285OEK3Kze95Im/OtE2VCQAnene/UwtJ1ldSAYWYe1d3QGEPWHnD174LvtxTFIX GBZ4Lcu8lnQfcrIR5fJV5XELrM5ppd0= -----END CERTIFICATE-----Generated at Sun Aug 24 22:21:01 2025 by rpki-client