$ rpki-client -vvf rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.mft File: mgZOprZttN4gyTzAQbhaFwbIBnI.mft (raw, json) Hash identifier: MopIEBq5htwCXbEIvsChMH8AOUjho6xS3SJhmBT4gOA= Subject key identifier: 4B:37:8E:9E:43:76:AA:26:5E:EA:9B:C0:74:6C:B4:7F:92:6C:6F:4A Authority key identifier: 9A:06:4E:A6:B6:6D:B4:DE:20:C9:3C:C0:41:B8:5A:17:06:C8:06:72 Certificate issuer: /CN=A913A5BD/serialNumber=9A064EA6B66DB4DE20C93CC041B85A1706C80672 Certificate serial: 028A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mgZOprZttN4gyTzAQbhaFwbIBnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.mft Manifest number: 0285 Signing time: Tue 09 Sep 2025 01:46:24 +0000 Manifest this update: Tue 09 Sep 2025 01:46:24 +0000 Manifest next update: Tue 16 Sep 2025 01:46:24 +0000 Files and hashes: 1: mgZOprZttN4gyTzAQbhaFwbIBnI.crl (hash: UA8DksXuv0Z4G82UpCC4vvZ9Ksc9HiI9cUScZjgMd3M=) 2: C6B3DBFE1CF911EDBAE62F45C4F9AE02.roa (hash: omp1fXUs+vDBv/MaKIuGTrmCJ5TEGYnfoKG3I8GKsAA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.crl rsync://rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mgZOprZttN4gyTzAQbhaFwbIBnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 01:46:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 650 (0x28a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913A5BD, serialNumber=9A064EA6B66DB4DE20C93CC041B85A1706C80672 Validity Not Before: Sep 9 01:46:24 2025 GMT Not After : Sep 16 01:46:24 2025 GMT Subject: CN=68bf86f0-2800 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fe:65:21:a9:af:de:29:91:ce:00:06:bb:9a: 9a:0e:93:f7:33:3f:c5:f5:62:43:4f:0e:aa:35:6d: 2a:23:c3:ff:4a:24:20:0f:3f:f0:f3:46:aa:f4:3b: 86:36:1e:9a:8d:a0:2c:5f:bf:b5:33:9d:f5:f3:7c: bb:1f:6b:15:6d:68:f4:b9:6a:66:88:ab:e7:c0:ae: 5e:a7:c9:03:d7:b8:1c:27:a5:6b:ad:ea:d4:4f:06: 6f:bf:da:9a:ca:e1:b7:b5:76:7c:d2:56:0f:49:8d: 32:b3:67:24:f3:a8:0d:a0:bb:47:73:f3:90:33:3c: ae:a4:aa:71:04:54:93:21:6a:53:7b:09:c9:cb:36: 0e:45:1e:fe:26:dd:6f:1d:7b:e6:ca:09:3b:30:f0: f6:d3:53:9c:cc:ca:5b:72:07:f0:03:6d:81:95:43: 7e:9b:15:f4:49:87:89:9a:af:3e:68:ed:04:2c:f9: a2:73:02:e7:c2:be:cd:9b:87:df:21:90:f9:bf:32: c6:74:b2:06:47:b6:34:f1:4a:ec:61:27:a5:c8:e3: 37:40:84:e9:c5:44:10:c0:9e:d0:51:58:a3:3c:c6: e4:c1:4d:98:87:3d:f3:93:54:6d:51:78:d9:a8:ed: 38:85:7c:64:77:02:7a:ba:87:90:f3:bc:9f:fe:f2: a9:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:37:8E:9E:43:76:AA:26:5E:EA:9B:C0:74:6C:B4:7F:92:6C:6F:4A X509v3 Authority Key Identifier: keyid:9A:06:4E:A6:B6:6D:B4:DE:20:C9:3C:C0:41:B8:5A:17:06:C8:06:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mgZOprZttN4gyTzAQbhaFwbIBnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A5BD/54EEF5141CF711EDA00FD343C4F9AE02/mgZOprZttN4gyTzAQbhaFwbIBnI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:d4:b1:9a:46:1b:14:e3:5a:0f:e5:35:16:58:f3:1e:f8:fb: 0b:ee:b9:67:62:83:da:1c:1b:91:c9:f8:6d:38:eb:ca:29:24: 44:6a:c4:a8:81:2a:24:1b:c9:a4:fe:bb:01:a2:9c:ac:80:36: fe:0c:29:ec:02:bd:af:d5:83:0d:9f:53:2e:a4:96:62:8d:54: 19:ef:22:66:31:ca:b5:37:d0:b9:82:07:8c:b5:f0:88:6c:49: a4:8a:66:35:f9:4a:ac:ac:33:14:2e:0c:6f:03:1f:90:16:2e: 9d:f8:5d:55:37:23:91:51:8a:ba:36:52:d4:c3:b4:fd:4f:bc: 64:f5:7e:25:3b:12:2b:e6:b1:8a:ca:16:ba:d6:4e:ce:d4:c9: 17:62:93:a5:9c:e6:3d:47:4d:f2:3d:74:99:93:00:7a:87:d7: 18:7e:51:52:14:fd:a0:46:b9:92:cd:f5:ff:9b:dc:45:2a:60: 84:82:58:8b:52:65:eb:8d:dd:42:ef:35:9c:a5:ff:1c:8c:33: a0:0c:c1:46:73:5a:c9:8e:f0:aa:ca:8f:45:6d:33:c6:01:b7: 44:e7:60:83:7c:22:d3:bf:f3:b7:80:07:9b:52:8c:58:7e:a1: 6e:12:34:c2:84:f8:d0:fb:1f:16:7d:00:67:03:77:57:19:87: ca:bd:76:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0E1QkQxMTAvBgNVBAUTKDlBMDY0RUE2QjY2REI0REUyMEM5M0NDMDQxQjg1QTE3 MDZDODA2NzIwHhcNMjUwOTA5MDE0NjI0WhcNMjUwOTE2MDE0NjI0WjAYMRYwFAYD VQQDEw02OGJmODZmMC0yODAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7f5lIamv3imRzgAGu5qaDpP3Mz/F9WJDTw6qNW0qI8P/SiQgDz/w80aq9DuG Nh6ajaAsX7+1M53183y7H2sVbWj0uWpmiKvnwK5ep8kD17gcJ6VrrerUTwZvv9qa yuG3tXZ80lYPSY0ys2ck86gNoLtHc/OQMzyupKpxBFSTIWpTewnJyzYORR7+Jt1v HXvmygk7MPD201OczMpbcgfwA22BlUN+mxX0SYeJmq8+aO0ELPmicwLnwr7Nm4ff IZD5vzLGdLIGR7Y08UrsYSelyOM3QITpxUQQwJ7QUVijPMbkwU2Yhz3zk1RtUXjZ qO04hXxkdwJ6uoeQ87yf/vKpVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEs3jp5D dqomXuqbwHRstH+SbG9KMB8GA1UdIwQYMBaAFJoGTqa2bbTeIMk8wEG4WhcGyAZy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTVCRC81NEVFRjUxNDFD RjcxMUVEQTAwRkQzNDNDNEY5QUUwMi9tZ1pPcHJadHRONGd5VHpBUWJoYUZ3YklC bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21nWk9wclp0dE40Z3lUekFRYmhhRndiSUJuSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QTVCRC81NEVFRjUxNDFDRjcxMUVEQTAwRkQzNDNDNEY5QUUwMi9tZ1pPcHJadHRO NGd5VHpBUWJoYUZ3YklCbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCY1LGaRhsU41oP5TUWWPMe+PsL7rlnYoPaHBuRyfhtOOvKKSREasSo gSokG8mk/rsBopysgDb+DCnsAr2v1YMNn1MupJZijVQZ7yJmMcq1N9C5ggeMtfCI bEmkimY1+UqsrDMULgxvAx+QFi6d+F1VNyORUYq6NlLUw7T9T7xk9X4lOxIr5rGK yha61k7O1MkXYpOlnOY9R03yPXSZkwB6h9cYflFSFP2gRrmSzfX/m9xFKmCEgliL UmXrjd1C7zWcpf8cjDOgDMFGc1rJjvCqyo9FbTPGAbdE52CDfCLTv/O3gAebUoxY fqFuEjTChPjQ+x8WfQBnA3dXGYfKvXZb -----END CERTIFICATE-----Generated at Tue Sep 9 17:44:56 2025 by rpki-client