$ rpki-client -vvf rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft File: lSpNx8TWEJWYvu5awKIG0nuFxWo.mft (raw, json) Hash identifier: gjP1HQa3+7tfZWjvx7EL0mqVFmGqZTJg5Hw4+mfguTY= Subject key identifier: 19:27:ED:40:39:A4:18:CF:E2:85:54:A1:66:C2:5C:B1:B1:C6:E4:98 Authority key identifier: 95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A Certificate issuer: /CN=A912D71D/serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft Manifest number: 39 Signing time: Fri 05 Sep 2025 08:04:58 +0000 Manifest this update: Fri 05 Sep 2025 08:04:57 +0000 Manifest next update: Fri 12 Sep 2025 08:04:57 +0000 Files and hashes: 1: lSpNx8TWEJWYvu5awKIG0nuFxWo.crl (hash: 7ACopARll8ricU9ONWmyVz7blVBo+SynHIxMUf30DEs=) 2: 4002AE6236CF11F0AA705D26C4F9AE02.roa (hash: BjUqiPeyqOJL7zi1VC/yuEDToWrbr9Hg82ANTKNIKSc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 08:04:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D71D, serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Validity Not Before: Sep 5 08:04:57 2025 GMT Not After : Sep 12 08:04:57 2025 GMT Subject: CN=68ba99aa-9940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d9:40:2a:1e:98:66:10:b5:4c:5f:df:d2:02: eb:16:d0:86:34:76:10:0d:d7:35:e1:60:ab:8e:b0: f4:b9:b4:b9:29:03:7d:33:c0:a1:29:fb:c8:85:c4: d2:4a:6e:65:ea:ae:da:a9:11:30:42:22:01:98:5c: 33:a6:79:50:b0:ee:7c:59:8d:76:97:27:2a:8d:f5: c4:04:33:63:cc:6a:85:4a:e2:02:bc:25:85:87:7c: 1f:c8:ae:aa:8a:f5:b9:fb:ec:84:34:2e:5f:6c:d1: 76:aa:ee:2b:89:a8:e1:58:71:b3:01:c2:6b:26:72: 7b:6c:ca:be:39:8f:ac:52:8a:3f:65:7c:9c:e6:d0: 2c:a4:25:80:2f:45:14:ea:60:9f:53:36:f1:ab:f3: 5f:8c:2c:d9:d9:5f:c1:41:26:25:7b:5a:c9:17:cf: cc:d7:07:2a:94:42:51:e9:90:70:82:21:1c:af:a8: 8e:06:39:39:fc:99:f3:02:da:e4:98:8c:a1:4e:7c: 86:30:c1:4c:66:a3:fa:db:c7:bd:8f:ae:ec:82:74: 45:37:cc:15:70:17:1e:63:77:86:6a:e0:cd:1f:54: f2:e1:cb:d1:ee:60:3e:9c:b8:ef:3e:85:d0:be:13: fa:0e:1b:d3:a1:9e:1d:89:b1:09:53:e5:dd:05:01: b8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:27:ED:40:39:A4:18:CF:E2:85:54:A1:66:C2:5C:B1:B1:C6:E4:98 X509v3 Authority Key Identifier: keyid:95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:a7:c3:ce:31:ce:3e:93:20:d3:b9:b6:ab:bb:81:c7:4d:18: 48:5b:f0:e7:c5:2f:0f:13:05:6e:ce:93:cf:04:cd:12:88:3e: 26:e6:c6:fa:c6:42:ae:13:f8:cd:0e:6f:87:a3:bc:ec:9e:4e: b0:84:bc:a4:1f:3a:84:9d:99:53:f8:9f:0c:f3:48:c0:ae:42: 3c:a1:fd:e8:c1:fa:b2:3a:62:53:9d:ed:52:7c:d1:c8:02:94: c7:73:e8:55:ce:1b:f7:db:91:e8:bb:57:34:1c:c8:2d:29:14: 51:3a:d9:bd:69:09:45:c3:d2:05:1b:26:1a:e3:ec:f9:c6:b5: 06:37:7c:39:7c:c2:f4:9e:1c:57:49:29:f8:88:37:da:fa:1e: 62:e5:39:65:1c:fd:b1:16:32:38:ac:9f:28:fc:a4:5f:bd:14: fd:f8:11:3f:a1:31:3d:08:3c:b4:81:ad:3d:ef:67:cc:92:78: 40:19:53:5e:15:c0:5c:6a:e4:b9:2c:98:38:00:0b:2e:6a:fb: 05:37:8f:a5:ae:ae:32:0d:db:2b:6c:3e:15:6c:47:2d:58:97: 8b:03:41:39:b2:3a:d4:d8:1a:c5:21:fd:6c:80:15:d0:58:11: 65:88:36:13:c4:bc:6b:30:01:bd:7f:ff:7d:35:69:9b:eb:99: 46:10:6a:57 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RDcxRDExMC8GA1UEBRMoOTUyQTREQzdDNEQ2MTA5NTk4QkVFRTVBQzBBMjA2RDI3 Qjg1QzU2QTAeFw0yNTA5MDUwODA0NTdaFw0yNTA5MTIwODA0NTdaMBgxFjAUBgNV BAMTDTY4YmE5OWFhLTk5NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDO2UAqHphmELVMX9/SAusW0IY0dhAN1zXhYKuOsPS5tLkpA30zwKEp+8iFxNJK bmXqrtqpETBCIgGYXDOmeVCw7nxZjXaXJyqN9cQEM2PMaoVK4gK8JYWHfB/IrqqK 9bn77IQ0Ll9s0Xaq7iuJqOFYcbMBwmsmcntsyr45j6xSij9lfJzm0CykJYAvRRTq YJ9TNvGr81+MLNnZX8FBJiV7WskXz8zXByqUQlHpkHCCIRyvqI4GOTn8mfMC2uSY jKFOfIYwwUxmo/rbx72PruyCdEU3zBVwFx5jd4Zq4M0fVPLhy9HuYD6cuO8+hdC+ E/oOG9Ohnh2JsQlT5d0FAbjHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGSftQDmk GM/ihVShZsJcsbHG5JgwHwYDVR0jBBgwFoAUlSpNx8TWEJWYvu5awKIG0nuFxWow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJENzFELzFFMEY5OTJFMzZD RTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpXWXZ1NWF3S0lHMG51RnhX by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbFNwTng4VFdFSldZdnU1YXdLSUcwbnVGeFdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJE NzFELzFFMEY5OTJFMzZDRTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpX WXZ1NWF3S0lHMG51RnhXby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALOnw84xzj6TINO5tqu7gcdNGEhb8OfFLw8TBW7Ok88EzRKIPibmxvrG Qq4T+M0Ob4ejvOyeTrCEvKQfOoSdmVP4nwzzSMCuQjyh/ejB+rI6YlOd7VJ80cgC lMdz6FXOG/fbkei7VzQcyC0pFFE62b1pCUXD0gUbJhrj7PnGtQY3fDl8wvSeHFdJ KfiIN9r6HmLlOWUc/bEWMjisnyj8pF+9FP34ET+hMT0IPLSBrT3vZ8ySeEAZU14V wFxq5LksmDgACy5q+wU3j6WurjIN2ytsPhVsRy1Yl4sDQTmyOtTYGsUh/WyAFdBY EWWINhPEvGswAb1//301aZvrmUYQalc= -----END CERTIFICATE-----Generated at Sat Sep 6 21:37:06 2025 by rpki-client