$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft File: lATO33S5SXRR7zK7ehK-1x0sI-U.mft (raw, json) Hash identifier: svmY8m64/Xn5ztkeA42jlMYdZsJPX9jWmGUw7eQa5Ws= Subject key identifier: BF:88:40:25:FD:B0:E8:8D:E6:11:64:D1:83:AE:64:C2:90:A5:B3:38 Authority key identifier: 94:04:CE:DF:74:B9:49:74:51:EF:32:BB:7A:12:BE:D7:1D:2C:23:E5 Certificate issuer: /CN=A912CB7D/serialNumber=9404CEDF74B9497451EF32BB7A12BED71D2C23E5 Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft Manifest number: 01A2 Signing time: Wed 17 Sep 2025 03:51:00 +0000 Manifest this update: Wed 17 Sep 2025 03:50:59 +0000 Manifest next update: Wed 24 Sep 2025 03:50:59 +0000 Files and hashes: 1: lATO33S5SXRR7zK7ehK-1x0sI-U.crl (hash: f080mGhBh4mhx6941WuNTlnXwNVUbPGBa30yizNHmXY=) 2: AFF53F96556211EE9C34E435C4F9AE02.roa (hash: ijNrrBGI0GOmOlPTEUC+Lp/ifnao/tWMMVdpLAGba4c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.crl rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 03:50:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CB7D, serialNumber=9404CEDF74B9497451EF32BB7A12BED71D2C23E5 Validity Not Before: Sep 17 03:50:59 2025 GMT Not After : Sep 24 03:50:59 2025 GMT Subject: CN=68ca3023-9a85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:1f:f7:c9:52:94:60:15:af:d3:a7:ca:18:d7: 62:94:19:c8:a6:fe:39:25:ab:c5:58:e7:b5:95:91: e5:aa:f3:dc:97:7e:db:6a:97:db:1c:f4:16:39:f5: 87:18:c1:12:f3:59:5b:e5:1d:d7:21:4b:e5:fc:7f: 81:c3:1e:b8:ec:da:42:c4:3e:4a:dd:ae:1a:bd:4c: 20:10:18:e7:af:76:39:4d:a4:8d:2a:df:51:a0:9a: b2:b5:c1:fb:6a:fc:59:54:55:57:c9:b6:4e:fd:77: c0:6c:0e:35:b1:d5:fb:6e:5a:b0:02:5c:d5:29:e6: 9d:00:a2:61:24:f6:15:e0:88:9d:ff:2a:28:a1:b5: d3:4b:a3:42:9f:9e:d7:a5:82:89:84:67:e8:de:96: 75:cb:7a:c4:1f:44:00:d1:7d:36:98:6a:e6:9e:b8: d1:00:e9:de:37:a8:5d:de:46:89:5d:7a:ba:f2:a1: 26:23:cd:55:75:f5:c6:9d:95:9f:0d:3b:81:aa:b8: 37:6e:ab:06:d0:cf:fd:71:28:03:1c:b1:9d:dd:2c: 79:a8:32:fa:ed:df:d3:3a:c8:96:13:33:ef:66:94: 4b:57:14:02:9d:fa:0e:ce:ea:dd:bf:06:43:44:01: 81:83:12:c6:db:1c:96:70:71:79:65:2a:d9:08:8f: 68:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:88:40:25:FD:B0:E8:8D:E6:11:64:D1:83:AE:64:C2:90:A5:B3:38 X509v3 Authority Key Identifier: keyid:94:04:CE:DF:74:B9:49:74:51:EF:32:BB:7A:12:BE:D7:1D:2C:23:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:4f:4c:89:af:22:4e:89:c6:7b:36:a9:5d:d6:75:8d:21:20: a9:b8:19:90:69:1f:c9:19:c1:fa:c5:79:89:71:1d:b6:c0:87: c3:ec:9c:79:84:9f:3c:06:ff:c0:63:38:34:69:88:db:68:c9: 97:50:ab:e2:9e:83:64:59:65:2a:a5:69:88:33:c8:61:c2:ba: 5a:34:a3:57:ce:20:23:d7:5d:76:ac:a8:0e:dc:7e:25:ca:6b: 08:19:bb:6f:0e:34:16:8e:4b:34:61:6b:87:79:88:46:91:06: 4e:7c:85:e1:cb:28:fd:6e:a2:15:a8:4d:7d:b1:b6:1a:cc:f0: ec:5d:55:8f:cc:52:d5:da:fa:97:d1:e5:26:2c:e0:22:dc:21: 38:95:60:99:ca:6c:83:9c:97:77:fb:35:8e:15:8e:95:06:f2: 24:45:b2:ed:8a:13:7a:82:12:ac:56:07:80:4d:ff:9d:70:ef: da:85:7e:1d:77:69:63:30:02:85:e3:ab:8b:29:29:a4:b8:34: 21:52:8b:e6:47:9b:fa:c2:60:4d:dc:16:13:9e:eb:cc:00:73: 4e:29:96:51:3c:cd:cb:3b:de:3b:4a:ee:1e:4c:b1:5f:b4:d3: bb:9f:cb:12:dc:99:64:4b:1a:53:66:7f:12:da:ec:57:d5:0f: 51:f4:2e:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNCN0QxMTAvBgNVBAUTKDk0MDRDRURGNzRCOTQ5NzQ1MUVGMzJCQjdBMTJCRUQ3 MUQyQzIzRTUwHhcNMjUwOTE3MDM1MDU5WhcNMjUwOTI0MDM1MDU5WjAYMRYwFAYD VQQDEw02OGNhMzAyMy05YTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2B/3yVKUYBWv06fKGNdilBnIpv45JavFWOe1lZHlqvPcl37bapfbHPQWOfWH GMES81lb5R3XIUvl/H+Bwx647NpCxD5K3a4avUwgEBjnr3Y5TaSNKt9RoJqytcH7 avxZVFVXybZO/XfAbA41sdX7blqwAlzVKeadAKJhJPYV4Iid/yooobXTS6NCn57X pYKJhGfo3pZ1y3rEH0QA0X02mGrmnrjRAOneN6hd3kaJXXq68qEmI81VdfXGnZWf DTuBqrg3bqsG0M/9cSgDHLGd3Sx5qDL67d/TOsiWEzPvZpRLVxQCnfoOzurdvwZD RAGBgxLG2xyWcHF5ZSrZCI9obQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL+IQCX9 sOiN5hFk0YOuZMKQpbM4MB8GA1UdIwQYMBaAFJQEzt90uUl0Ue8yu3oSvtcdLCPl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0I3RC9CMkIzRDc3QzFC NDQxMUVFQTM1NzhFMjlDNEY5QUUwMi9sQVRPMzNTNVNYUlI3eks3ZWhLLTF4MHNJ LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xBVE8zM1M1U1hSUjd6SzdlaEstMXgwc0ktVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0I3RC9CMkIzRDc3QzFCNDQxMUVFQTM1NzhFMjlDNEY5QUUwMi9sQVRPMzNTNVNY UlI3eks3ZWhLLTF4MHNJLVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrT0yJryJOicZ7Nqld1nWNISCpuBmQaR/JGcH6xXmJcR22wIfD7Jx5 hJ88Bv/AYzg0aYjbaMmXUKvinoNkWWUqpWmIM8hhwrpaNKNXziAj1112rKgO3H4l ymsIGbtvDjQWjks0YWuHeYhGkQZOfIXhyyj9bqIVqE19sbYazPDsXVWPzFLV2vqX 0eUmLOAi3CE4lWCZymyDnJd3+zWOFY6VBvIkRbLtihN6ghKsVgeATf+dcO/ahX4d d2ljMAKF46uLKSmkuDQhUovmR5v6wmBN3BYTnuvMAHNOKZZRPM3LO947Su4eTLFf tNO7n8sS3JlkSxpTZn8S2uxX1Q9R9C5V -----END CERTIFICATE-----Generated at Thu Sep 18 23:26:59 2025 by rpki-client