$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: NHJdtLW36Vxcn+o4/PNhI84+0o1XWjbom2jgVroq15I= Subject key identifier: 23:F9:CC:7B:89:74:AD:95:D0:E0:A7:6A:42:FD:84:2D:34:AD:0C:80 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 023B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 022E Signing time: Thu 21 Aug 2025 02:06:38 +0000 Manifest this update: Thu 21 Aug 2025 02:06:38 +0000 Manifest next update: Thu 28 Aug 2025 02:06:38 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: Ik8l7kuacTyI+vKFEZdBSzUu6QAeZoU3cjdIWbMSqQs=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:06:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 571 (0x23b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Aug 21 02:06:38 2025 GMT Not After : Aug 28 02:06:38 2025 GMT Subject: CN=68a67f2e-897e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d1:86:0a:bc:fa:82:d1:dc:9f:bf:61:3d:83: 32:2b:51:f5:43:11:92:0d:8d:85:7d:df:16:6a:0e: 14:9e:32:de:d1:d5:53:fc:0c:ad:95:e0:fe:31:0b: 82:32:fa:b8:82:c0:a1:59:d6:a7:fb:ca:14:87:09: fe:9d:e3:19:69:96:ac:e8:70:8b:ee:8e:bc:11:38: f6:c5:ac:1c:85:12:1d:75:6d:08:b1:74:8c:17:9b: 79:d4:f8:fc:32:c5:a3:88:3e:92:d6:0c:e0:fe:e5: 0d:75:2e:b9:79:b7:92:8e:88:00:4d:14:19:2c:e6: c1:5d:7b:63:ea:84:31:88:63:34:b3:05:1c:6b:cf: f5:f1:cf:92:ff:6c:36:e3:cb:76:0c:f8:6c:25:0c: e7:a1:29:0d:8b:13:0a:62:ce:a2:56:4d:e4:1e:38: a9:fa:57:68:de:1d:af:1c:b0:74:3a:5b:b7:ac:e5: c2:68:60:7a:07:3f:f7:77:e2:51:0f:a6:bd:c9:c3: 59:29:21:a1:14:24:94:53:a1:64:2f:8a:9f:4c:d3: f6:93:2c:7b:06:e4:6c:90:5d:fd:af:11:bf:95:f7: f9:b2:08:36:c2:1e:7a:89:2c:66:a6:81:41:22:8f: d2:e0:b9:1b:00:e9:7b:eb:f2:a4:31:5d:06:07:4e: f6:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:F9:CC:7B:89:74:AD:95:D0:E0:A7:6A:42:FD:84:2D:34:AD:0C:80 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:c3:4d:7b:87:8f:fd:7b:90:70:ad:36:e3:79:47:2e:7c:e3: 4d:7c:0c:ff:5e:c9:3e:c5:0a:27:26:28:9e:0a:ac:4a:71:f1: 58:cd:59:f8:b0:93:09:88:fe:8a:2b:4f:07:79:0e:78:f1:d5: cc:40:cd:1d:95:bb:0c:6a:db:a7:b0:4d:12:7b:05:86:e8:49: 02:7c:04:2c:90:dc:cc:1a:3a:ba:18:12:0c:2f:05:15:7e:85: 67:4b:0c:c2:28:d7:0c:41:31:e9:15:81:92:dc:55:2f:82:c7: 5a:67:29:79:fc:b1:98:86:2b:21:17:2f:94:ae:e7:63:35:dd: 05:19:f8:39:e4:7f:a2:2d:97:43:2a:59:5a:6c:78:45:d4:98: fa:60:21:58:eb:b7:13:7b:19:7e:98:2e:4c:2d:ae:5e:04:87: f5:6c:c8:8e:94:2d:95:af:e6:f9:97:41:ca:fd:3f:e4:91:be: 0a:c6:4a:96:5a:3e:07:a6:f0:22:e5:8b:f3:25:2a:2a:65:6e: 04:bc:e5:7b:9d:97:9e:88:5e:3c:e7:7d:cb:c3:e7:0a:9c:5c: 1f:b7:3d:12:53:84:12:62:48:bf:e1:1e:dd:ce:85:26:42:32: a5:61:7c:96:65:08:95:ea:18:12:b6:25:26:34:0a:d0:4b:ce: 1c:82:77:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUwODIxMDIwNjM4WhcNMjUwODI4MDIwNjM4WjAYMRYwFAYD VQQDEw02OGE2N2YyZS04OTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwdGGCrz6gtHcn79hPYMyK1H1QxGSDY2Ffd8Wag4UnjLe0dVT/AytleD+MQuC Mvq4gsChWdan+8oUhwn+neMZaZas6HCL7o68ETj2xawchRIddW0IsXSMF5t51Pj8 MsWjiD6S1gzg/uUNdS65ebeSjogATRQZLObBXXtj6oQxiGM0swUca8/18c+S/2w2 48t2DPhsJQznoSkNixMKYs6iVk3kHjip+ldo3h2vHLB0Olu3rOXCaGB6Bz/3d+JR D6a9ycNZKSGhFCSUU6FkL4qfTNP2kyx7BuRskF39rxG/lff5sgg2wh56iSxmpoFB Io/S4LkbAOl76/KkMV0GB0724wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCP5zHuJ dK2V0OCnakL9hC00rQyAMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCw017h4/9e5BwrTbjeUcufONNfAz/Xsk+xQonJiieCqxKcfFYzVn4 sJMJiP6KK08HeQ548dXMQM0dlbsMatunsE0SewWG6EkCfAQskNzMGjq6GBIMLwUV foVnSwzCKNcMQTHpFYGS3FUvgsdaZyl5/LGYhishFy+UrudjNd0FGfg55H+iLZdD KllabHhF1Jj6YCFY67cTexl+mC5MLa5eBIf1bMiOlC2Vr+b5l0HK/T/kkb4KxkqW Wj4HpvAi5YvzJSoqZW4EvOV7nZeeiF48533Lw+cKnFwftz0SU4QSYki/4R7dzoUm QjKlYXyWZQiV6hgStiUmNArQS84cgnd5 -----END CERTIFICATE-----Generated at Fri Aug 22 16:29:49 2025 by rpki-client