$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: trvYeOUPRS8jIkbrGxPoDZ/37UQ3QLFS4sdlHFvpFOY= Subject key identifier: F1:71:7E:42:94:1E:FE:1E:90:F6:D7:BD:C1:90:06:F7:F8:E7:B0:7C Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 0291 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 028C Signing time: Sat 23 Aug 2025 01:54:22 +0000 Manifest this update: Sat 23 Aug 2025 01:54:22 +0000 Manifest next update: Sat 30 Aug 2025 01:54:22 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: wKlS+xWJIhwbZUe/yhSUQdiBuqXNmLPBh8RUFIlX9rs=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: z4fSX+HgysFgztcLVSgzgNzcCLSP4fk+TSQS6+LuYQI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:54:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 657 (0x291) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D, serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: Aug 23 01:54:22 2025 GMT Not After : Aug 30 01:54:22 2025 GMT Subject: CN=68a91f4e-14f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b1:b5:00:4f:00:20:30:bf:45:6a:c0:ce:67: ad:fc:f2:4a:91:46:71:ee:6e:2a:0f:82:38:62:d1: 6b:e9:09:96:59:b7:f5:27:66:ae:61:39:11:fb:6e: 58:4e:0e:69:a3:61:be:f9:50:f8:be:cd:0b:f0:ce: d0:52:60:07:f6:90:5f:da:f5:7d:e2:fd:8c:d8:24: ac:bf:3d:ea:b0:2a:e1:a6:59:69:95:6a:4d:ad:ab: 45:44:2f:00:7b:8b:88:86:81:7d:d6:2b:a6:d5:39: 84:19:21:ee:76:c4:de:ad:ff:04:03:57:49:2f:f6: 08:9d:50:50:23:ea:cb:ec:b4:76:2b:0d:87:f4:6e: 25:ca:04:41:98:8f:2a:e6:96:2b:13:07:02:fd:72: 09:c5:c7:59:7a:1c:81:eb:47:65:8a:e7:2a:b9:dc: 75:19:f9:df:18:97:fc:f1:a6:ce:bd:61:12:3c:9d: 62:21:e4:b6:38:1f:fe:5a:1e:31:5c:c5:bc:9b:68: 83:42:5a:a4:91:d7:21:a0:08:02:e4:8d:55:84:36: 6c:03:ad:d8:5b:bd:0b:ab:4d:96:fd:72:97:14:33: 96:0d:b9:e0:ee:b3:2a:33:18:ce:48:ca:5e:ec:10: 2a:f1:19:99:8a:41:ec:41:52:d6:e1:4a:62:dc:4f: ad:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:71:7E:42:94:1E:FE:1E:90:F6:D7:BD:C1:90:06:F7:F8:E7:B0:7C X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:c4:58:95:c9:80:10:dd:47:2b:f9:5d:88:a9:8c:f4:50:da: 27:79:f0:4d:6f:88:4a:2b:f0:45:07:98:94:74:10:83:56:3b: 63:fb:65:42:81:17:9f:90:4c:a2:1e:0a:23:ce:51:75:24:0c: 29:8f:ae:c1:c8:0d:28:4a:f4:4c:6b:29:e3:39:5a:ca:61:84: c1:23:9c:22:b2:46:d9:ab:19:a0:3b:ad:48:92:21:4f:96:eb: ba:44:fb:77:43:e3:a5:6c:fd:6c:44:b6:78:8b:3d:69:ee:ff: 94:20:1c:15:6a:d2:9a:a3:8b:84:8e:69:9f:19:0c:6f:48:e2: 69:93:19:23:0d:7e:c5:dc:85:c6:ea:2b:34:34:29:fb:2b:b8: 65:99:58:cf:22:fd:ac:54:2c:73:9e:db:7e:65:b2:3e:ed:c5: 46:f7:94:a3:5f:ac:c7:78:2d:13:e4:19:46:94:4b:25:c5:92: 2f:c6:42:1e:be:c1:f7:9a:5b:cc:e9:37:98:05:fb:3c:b6:37: b9:03:39:7a:ef:df:ef:2b:41:f0:4c:93:ed:d6:ef:01:68:19: 0c:2c:59:7c:df:9d:4c:2a:13:a6:53:b5:31:d3:b3:b7:d7:91: ba:ba:b3:30:af:13:f4:99:92:aa:ae:eb:d2:fb:fb:d7:64:2b: 6d:7f:38:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjUwODIzMDE1NDIyWhcNMjUwODMwMDE1NDIyWjAYMRYwFAYD VQQDEw02OGE5MWY0ZS0xNGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6rG1AE8AIDC/RWrAzmet/PJKkUZx7m4qD4I4YtFr6QmWWbf1J2auYTkR+25Y Tg5po2G++VD4vs0L8M7QUmAH9pBf2vV94v2M2CSsvz3qsCrhpllplWpNratFRC8A e4uIhoF91ium1TmEGSHudsTerf8EA1dJL/YInVBQI+rL7LR2Kw2H9G4lygRBmI8q 5pYrEwcC/XIJxcdZehyB60dliucqudx1GfnfGJf88abOvWESPJ1iIeS2OB/+Wh4x XMW8m2iDQlqkkdchoAgC5I1VhDZsA63YW70Lq02W/XKXFDOWDbng7rMqMxjOSMpe 7BAq8RmZikHsQVLW4Upi3E+tnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPFxfkKU Hv4ekPbXvcGQBvf457B8MB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBixFiVyYAQ3Ucr+V2IqYz0UNonefBNb4hKK/BFB5iUdBCDVjtj+2VC gRefkEyiHgojzlF1JAwpj67ByA0oSvRMaynjOVrKYYTBI5wiskbZqxmgO61IkiFP luu6RPt3Q+OlbP1sRLZ4iz1p7v+UIBwVatKao4uEjmmfGQxvSOJpkxkjDX7F3IXG 6is0NCn7K7hlmVjPIv2sVCxzntt+ZbI+7cVG95SjX6zHeC0T5BlGlEslxZIvxkIe vsH3mlvM6TeYBfs8tje5Azl679/vK0HwTJPt1u8BaBkMLFl8351MKhOmU7Ux07O3 15G6urMwrxP0mZKqruvS+/vXZCttfzj5 -----END CERTIFICATE-----Generated at Sun Aug 24 21:54:15 2025 by rpki-client