$ rpki-client -vvf rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.mft File: pHTwjH8_SI1bkOEpmjSf8lHd4R8.mft (raw, json) Hash identifier: ftx2y3hTUFDZJKGv/0TpIgJBrhoQTwNWzIavtjsqlHU= Subject key identifier: 6D:D1:02:55:25:22:9B:E1:EA:35:29:EC:DC:12:6A:5E:70:A6:B8:9E Authority key identifier: A4:74:F0:8C:7F:3F:48:8D:5B:90:E1:29:9A:34:9F:F2:51:DD:E1:1F Certificate issuer: /CN=A913D0CA/serialNumber=A474F08C7F3F488D5B90E1299A349FF251DDE11F Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pHTwjH8_SI1bkOEpmjSf8lHd4R8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.mft Manifest number: 28 Signing time: Sat 23 Aug 2025 08:00:20 +0000 Manifest this update: Sat 23 Aug 2025 08:00:19 +0000 Manifest next update: Sat 30 Aug 2025 08:00:19 +0000 Files and hashes: 1: pHTwjH8_SI1bkOEpmjSf8lHd4R8.crl (hash: I+7leQ7Zp60NKi4Zb/p4GubxGTB4F2dfMYDxFIked0k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.crl rsync://rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pHTwjH8_SI1bkOEpmjSf8lHd4R8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913D0CA, serialNumber=A474F08C7F3F488D5B90E1299A349FF251DDE11F Validity Not Before: Aug 23 08:00:19 2025 GMT Not After : Aug 30 08:00:19 2025 GMT Subject: CN=68a97513-c9c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:49:32:36:e4:67:a2:03:35:3a:e7:58:a8:fa: 68:0a:d8:22:82:bc:22:cf:54:a7:b2:4f:5c:60:6a: e8:2e:0a:0c:8e:03:e0:31:01:95:d4:55:76:37:c3: e9:36:4e:d4:9e:db:f3:ff:ca:dd:cb:81:fd:0d:0e: 60:b3:00:d7:9f:20:15:ce:4b:dd:b8:f5:6e:91:d3: 7c:e7:db:1e:45:08:39:cf:30:fb:e9:e2:2f:cc:88: 7c:ba:3b:7b:e7:b3:d5:f7:68:62:06:42:6e:f4:12: cb:25:4f:cc:ea:6c:11:0b:6c:6d:eb:d4:79:6a:4b: b9:a4:1a:32:c4:b9:8a:84:46:e5:fe:74:b6:fd:eb: 49:2c:af:d7:89:15:f1:5f:b7:5c:a3:3c:5d:f2:ae: 1e:73:5a:53:f1:df:f1:d2:85:ce:a4:5e:cd:54:ce: 5c:c6:d2:72:45:2b:23:92:d0:31:da:e0:10:2e:32: 19:ce:a8:06:e2:a0:e5:44:ad:4f:e6:5c:26:85:e9: 07:5c:e9:7a:6f:32:59:d8:fc:a2:a8:d4:c7:67:f6: 69:dc:a7:fa:ad:f3:cd:b1:74:4d:85:c6:06:32:9e: 74:9b:80:d1:4b:49:c4:b1:77:48:37:1f:1c:fc:5d: b0:f0:b8:f9:d0:3e:0e:22:28:3d:f0:22:a3:87:7e: a2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:D1:02:55:25:22:9B:E1:EA:35:29:EC:DC:12:6A:5E:70:A6:B8:9E X509v3 Authority Key Identifier: keyid:A4:74:F0:8C:7F:3F:48:8D:5B:90:E1:29:9A:34:9F:F2:51:DD:E1:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pHTwjH8_SI1bkOEpmjSf8lHd4R8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D0CA/B78873A245B811F084F36C5FC4F9AE02/pHTwjH8_SI1bkOEpmjSf8lHd4R8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:a5:6f:0c:ba:68:aa:52:bc:c6:39:f3:d7:ac:21:32:82:b1: 1e:92:ed:ec:ff:5d:7d:d0:b2:88:44:e0:ff:45:6c:08:c5:33: f8:df:ea:cc:b4:70:b3:ed:27:6c:a9:c9:3a:7d:73:36:f6:80: f5:4a:9a:ab:57:5b:c9:9a:cf:5a:90:0d:4e:b4:3a:09:99:96: c8:73:2e:6d:fc:01:4b:af:80:28:17:6f:55:cb:a7:47:a5:11: 07:cc:35:51:bb:a8:d7:37:ad:b3:11:6b:0c:8d:1c:26:23:1e: 7a:8a:92:ea:4d:3a:3b:47:4a:c1:14:16:de:be:02:83:7a:4e: af:48:3e:c9:16:e2:01:10:c8:63:92:21:4d:27:8b:e8:64:58: ad:a5:20:4e:b6:88:9d:43:54:bd:75:ef:df:25:c6:b1:04:e8: 8b:ae:47:d2:41:45:5a:25:0c:b6:8b:8e:68:63:81:75:7d:f8: 88:df:ea:32:f7:12:f3:b1:a0:53:71:da:ef:60:6c:2a:a5:e7: a5:d0:f8:3c:36:d1:68:0e:11:32:54:16:2e:48:eb:3c:39:3f: e1:43:9f:84:e1:f3:ed:93:b1:44:9b:3b:a7:c0:eb:5a:33:f3: 2e:de:cd:58:ff:dd:40:17:d6:c6:b4:c6:c0:39:5d:fb:c0:0a: b3:b4:47:93 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz RDBDQTExMC8GA1UEBRMoQTQ3NEYwOEM3RjNGNDg4RDVCOTBFMTI5OUEzNDlGRjI1 MURERTExRjAeFw0yNTA4MjMwODAwMTlaFw0yNTA4MzAwODAwMTlaMBgxFjAUBgNV BAMTDTY4YTk3NTEzLWM5YzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgSTI25GeiAzU651io+mgK2CKCvCLPVKeyT1xgauguCgyOA+AxAZXUVXY3w+k2 TtSe2/P/yt3Lgf0NDmCzANefIBXOS9249W6R03zn2x5FCDnPMPvp4i/MiHy6O3vn s9X3aGIGQm70EsslT8zqbBELbG3r1HlqS7mkGjLEuYqERuX+dLb960ksr9eJFfFf t1yjPF3yrh5zWlPx3/HShc6kXs1UzlzG0nJFKyOS0DHa4BAuMhnOqAbioOVErU/m XCaF6Qdc6XpvMlnY/KKo1Mdn9mncp/qt882xdE2FxgYynnSbgNFLScSxd0g3Hxz8 XbDwuPnQPg4iKD3wIqOHfqKRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUbdECVSUi m+HqNSns3BJqXnCmuJ4wHwYDVR0jBBgwFoAUpHTwjH8/SI1bkOEpmjSf8lHd4R8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNEMENBL0I3ODg3M0EyNDVC ODExRjA4NEYzNkM1RkM0RjlBRTAyL3BIVHdqSDhfU0kxYmtPRXBtalNmOGxIZDRS OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcEhUd2pIOF9TSTFia09FcG1qU2Y4bEhkNFI4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNE MENBL0I3ODg3M0EyNDVCODExRjA4NEYzNkM1RkM0RjlBRTAyL3BIVHdqSDhfU0kx YmtPRXBtalNmOGxIZDRSOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIqlbwy6aKpSvMY589esITKCsR6S7ez/XX3QsohE4P9FbAjFM/jf6sy0 cLPtJ2ypyTp9czb2gPVKmqtXW8maz1qQDU60OgmZlshzLm38AUuvgCgXb1XLp0el EQfMNVG7qNc3rbMRawyNHCYjHnqKkupNOjtHSsEUFt6+AoN6Tq9IPskW4gEQyGOS IU0ni+hkWK2lIE62iJ1DVL11798lxrEE6IuuR9JBRVolDLaLjmhjgXV9+Ijf6jL3 EvOxoFNx2u9gbCql56XQ+Dw20WgOETJUFi5I6zw5P+FDn4Th8+2TsUSbO6fA61oz 8y7ezVj/3UAX1sa0xsA5XfvACrO0R5M= -----END CERTIFICATE-----Generated at Sun Aug 24 21:40:50 2025 by rpki-client