$ rpki-client -vvf rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft File: AQtAe3X24zjzr7WajWJxXDwC7PQ.mft (raw, json) Hash identifier: DYK2+zZoO6ockECkYb4AJBvh+etoiMWyxPduhtw6vOo= Subject key identifier: B8:42:5C:9C:81:9F:F3:28:36:41:F4:1D:8E:E5:8C:27:6F:52:97:2C Authority key identifier: 01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4 Certificate issuer: /CN=A9132EC7/serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4 Certificate serial: 16FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft Manifest number: 16EC Signing time: Sun 24 Aug 2025 16:38:19 +0000 Manifest this update: Sun 24 Aug 2025 16:38:18 +0000 Manifest next update: Sun 31 Aug 2025 16:38:18 +0000 Files and hashes: 1: AQtAe3X24zjzr7WajWJxXDwC7PQ.crl (hash: gkPGCU3QTTwL79e57/cpTjoJ5WvuKfyKZ1a8okOjySY=) 2: 0D4F5906FA7911E7B85F4E7EC4F9AE02.roa (hash: 822Cv07i81nzITiBp8oPidqObRAFnQ5Dsa+D8sFZUvo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 16:38:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5887 (0x16ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132EC7, serialNumber=010B407B75F6E338F3AFB59A8D62715C3C02ECF4 Validity Not Before: Aug 24 16:38:18 2025 GMT Not After : Aug 31 16:38:18 2025 GMT Subject: CN=68ab3ffa-0400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:38:0c:a4:2c:3a:43:62:6d:2c:01:93:26:a0: 78:0a:a8:70:40:63:a5:02:06:03:b9:af:66:9e:82: ea:fa:1e:6b:f7:79:19:4c:23:34:c9:b3:2e:c9:0a: 5b:66:a2:2e:93:e3:b3:d4:d2:e7:73:f6:46:de:72: ff:98:bc:c3:e4:54:f2:d6:c4:e9:f3:39:aa:ba:0b: 96:7a:d6:78:79:75:29:1d:63:ea:a3:7d:ce:4e:87: 43:15:26:8c:0e:87:f3:57:89:21:6a:18:8d:a7:22: c8:54:81:53:1a:45:50:85:1f:e3:3e:0b:c4:d2:23: 7b:33:af:9d:df:f1:a5:27:6b:5e:dd:92:0f:fc:f2: 92:49:1e:a1:ee:58:31:e0:8f:46:e6:50:7c:12:47: 12:0f:8b:4c:0d:c7:a0:6a:96:ef:f8:3c:65:ce:a2: 12:da:60:1e:3c:06:df:cf:39:ac:39:17:fa:b4:60: 48:c9:c0:69:2b:0f:44:a6:d9:5a:7a:fe:00:ed:be: 40:18:4f:46:82:e5:9e:2c:43:2e:79:86:d8:2b:2e: d1:5e:95:3a:98:a6:c1:ba:21:ba:bf:27:0d:0b:c8: 5f:64:10:d5:18:5e:5e:49:ec:04:bb:e7:d1:90:2d: 41:0b:32:0e:64:3f:5d:22:2c:40:5d:71:73:ae:b7: 17:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:42:5C:9C:81:9F:F3:28:36:41:F4:1D:8E:E5:8C:27:6F:52:97:2C X509v3 Authority Key Identifier: keyid:01:0B:40:7B:75:F6:E3:38:F3:AF:B5:9A:8D:62:71:5C:3C:02:EC:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQtAe3X24zjzr7WajWJxXDwC7PQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132EC7/2934726AFA7811E79CB6087DC4F9AE02/AQtAe3X24zjzr7WajWJxXDwC7PQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:2a:2a:99:39:5e:62:19:96:ff:23:e5:2f:c4:71:a7:97:f7: 70:fa:99:ee:db:e5:7e:c7:f5:61:8d:6e:e9:9f:a1:1a:2f:4b: a9:57:6e:ee:3e:a7:c4:b7:40:a3:7c:b0:a9:f1:bd:88:df:dd: b2:63:96:ea:be:ab:d8:c3:df:e3:fc:81:35:71:f4:17:05:c4: f9:c5:31:23:79:25:18:11:e2:5a:81:50:37:5f:5e:77:a5:bd: f6:13:52:e8:9a:dc:e9:73:53:99:20:29:38:2c:d4:b9:66:50: 04:f1:1a:2c:49:31:ae:34:52:08:eb:28:28:a1:81:20:0c:85: 16:e9:39:b0:44:12:22:7c:0c:e9:11:1f:9a:b7:19:a4:37:41: 07:0e:8c:67:5a:fb:3c:5c:2f:f7:78:4f:3f:8f:57:ca:d6:f5: 32:02:10:59:6b:95:84:c0:6c:e4:7c:0b:5f:50:2c:7c:f3:6d: 21:7c:03:6b:09:50:50:cf:4d:f5:64:ac:cf:e3:26:b7:51:31: a2:22:2e:f0:6f:b6:88:8f:53:35:2f:72:cf:98:7a:86:f3:76: 3c:0e:d5:71:75:45:c0:d3:e3:40:25:5a:92:35:4e:0b:32:1a: f9:f6:fc:44:91:a5:2f:92:04:7a:0b:d9:96:0b:8f:d4:3b:cb: fc:0a:ec:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJFQzcxMTAvBgNVBAUTKDAxMEI0MDdCNzVGNkUzMzhGM0FGQjU5QThENjI3MTVD M0MwMkVDRjQwHhcNMjUwODI0MTYzODE4WhcNMjUwODMxMTYzODE4WjAYMRYwFAYD VQQDEw02OGFiM2ZmYS0wNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TgMpCw6Q2JtLAGTJqB4CqhwQGOlAgYDua9mnoLq+h5r93kZTCM0ybMuyQpb ZqIuk+Oz1NLnc/ZG3nL/mLzD5FTy1sTp8zmquguWetZ4eXUpHWPqo33OTodDFSaM DofzV4khahiNpyLIVIFTGkVQhR/jPgvE0iN7M6+d3/GlJ2te3ZIP/PKSSR6h7lgx 4I9G5lB8EkcSD4tMDcegapbv+DxlzqIS2mAePAbfzzmsORf6tGBIycBpKw9Eptla ev4A7b5AGE9GguWeLEMueYbYKy7RXpU6mKbBuiG6vycNC8hfZBDVGF5eSewEu+fR kC1BCzIOZD9dIixAXXFzrrcXnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLhCXJyB n/MoNkH0HY7ljCdvUpcsMB8GA1UdIwQYMBaAFAELQHt19uM486+1mo1icVw8Auz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkVDNy8yOTM0NzI2QUZB NzgxMUU3OUNCNjA4N0RDNEY5QUUwMi9BUXRBZTNYMjR6anpyN1dhaldKeFhEd0M3 UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FRdEFlM1gyNHpqenI3V2FqV0p4WER3QzdQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkVDNy8yOTM0NzI2QUZBNzgxMUU3OUNCNjA4N0RDNEY5QUUwMi9BUXRBZTNYMjR6 anpyN1dhaldKeFhEd0M3UFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTKiqZOV5iGZb/I+UvxHGnl/dw+pnu2+V+x/VhjW7pn6EaL0upV27u PqfEt0CjfLCp8b2I392yY5bqvqvYw9/j/IE1cfQXBcT5xTEjeSUYEeJagVA3X153 pb32E1Lomtzpc1OZICk4LNS5ZlAE8RosSTGuNFII6ygooYEgDIUW6TmwRBIifAzp ER+atxmkN0EHDoxnWvs8XC/3eE8/j1fK1vUyAhBZa5WEwGzkfAtfUCx8820hfANr CVBQz031ZKzP4ya3UTGiIi7wb7aIj1M1L3LPmHqG83Y8DtVxdUXA0+NAJVqSNU4L Mhr59vxEkaUvkgR6C9mWC4/UO8v8Cuzb -----END CERTIFICATE-----Generated at Sun Aug 24 22:11:23 2025 by rpki-client