$ rpki-client -vvf rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft File: 2zfNKCxsfbw6kLEDt6I53NFY_2A.mft (raw, json) Hash identifier: rMK24WeH4UEvit88+XnKPEW5V5VQ+LiODe/QNwwLPYw= Subject key identifier: 35:53:85:AD:90:2A:AC:0D:7D:F1:36:BA:B3:7B:77:A3:64:A1:B5:E5 Authority key identifier: DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 Certificate issuer: /CN=A913E652/serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Certificate serial: 08FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft Manifest number: 08F3 Signing time: Wed 20 Aug 2025 20:25:59 +0000 Manifest this update: Wed 20 Aug 2025 20:25:59 +0000 Manifest next update: Wed 27 Aug 2025 20:25:59 +0000 Files and hashes: 1: 2zfNKCxsfbw6kLEDt6I53NFY_2A.crl (hash: etlgpRfkvNToDf/rtHv/o4JwSFZ9VNIYUYsiMeGdT2A=) 2: 6154A3B0B2B611EAA5884016C4F9AE02.roa (hash: m3vZJbIZBtxTaQynxqIVLeVn+IvoTb+bYR9Z6G9kdLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 20:25:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2298 (0x8fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E652, serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Validity Not Before: Aug 20 20:25:59 2025 GMT Not After : Aug 27 20:25:59 2025 GMT Subject: CN=68a62f57-5cc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:31:0b:f4:b7:30:74:70:e4:64:e8:12:e4:19: 13:54:3a:18:0f:03:77:2f:fc:df:20:cf:d5:bc:f7: 8d:de:e4:6f:9b:8d:5f:dc:8b:fe:29:31:c6:17:a1: 4a:f4:dd:fd:ef:20:4a:8c:88:19:bd:65:61:9f:fe: ce:78:a2:9d:8e:7a:14:28:86:cc:7f:3c:0e:25:81: f3:ca:26:36:44:b3:ea:3c:e2:2a:56:55:4e:ee:cf: 62:a3:f3:3e:fd:56:70:0b:ce:7e:a0:55:8f:17:32: 42:6b:d0:8e:59:c4:f6:ee:26:ae:5d:88:02:1f:22: 5a:97:38:82:f1:f8:76:57:80:8d:19:cc:b4:56:00: b2:be:e8:8e:4f:4a:ea:af:b8:6b:85:6e:57:79:ef: 92:b4:cd:27:be:1b:61:5e:d1:ec:13:00:1a:03:8a: 48:37:4a:78:ff:05:96:b8:90:6a:fb:c3:25:87:fc: be:72:a1:03:5d:9c:12:e3:86:a6:35:8a:bc:b8:d7: fb:63:dd:e1:88:76:be:f8:42:8f:10:56:c1:32:48: 44:47:3b:ba:d8:3a:00:3d:79:47:0f:73:b1:48:82: 80:fc:0f:4d:aa:c9:16:2b:a1:b9:66:68:48:53:c4: 53:68:00:05:3e:0b:8b:19:ae:df:80:da:ed:7c:da: 09:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:53:85:AD:90:2A:AC:0D:7D:F1:36:BA:B3:7B:77:A3:64:A1:B5:E5 X509v3 Authority Key Identifier: keyid:DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:e3:e5:cd:b5:6c:f7:fb:43:a8:5a:5a:98:5f:59:56:d6:ee: cb:e9:b3:a2:95:39:d4:aa:e6:75:2b:06:60:87:71:93:1c:03: e6:61:4e:aa:42:ca:83:2a:21:4a:ce:4f:25:b5:bc:c1:b2:88: 71:16:07:e5:53:86:1d:0e:99:59:56:3b:2b:a1:5a:f6:09:3c: a5:81:82:ea:2f:36:e1:9d:3e:35:d2:45:b5:29:e0:9d:a3:f9: 2d:24:7b:f4:35:f9:5c:3c:d2:3d:ef:97:23:69:22:a7:95:a5: 6d:2c:c5:e3:17:ed:24:de:d2:b9:d2:99:08:53:4d:46:77:53: 20:b8:a7:c0:ad:5f:3e:5a:58:ee:b3:d1:6a:04:05:8b:b4:c7: 7f:91:cf:81:df:44:11:27:69:fe:ab:a7:28:90:f5:f1:5d:3d: c0:b1:66:0c:e9:e3:d9:53:46:fd:5c:10:a0:7f:06:0e:e1:dd: 66:20:fa:b5:b6:01:e4:c9:e1:d4:4a:77:fb:e9:cc:de:3d:8d: 62:db:f8:2f:82:60:c4:97:92:90:99:cf:c3:df:e0:a0:f6:b3: f3:90:36:d9:9c:2b:28:31:68:18:3f:02:96:c6:13:9b:cc:0e: 8b:59:18:ff:44:d3:ab:78:bd:cd:a7:14:2c:5b:32:13:04:07: b5:17:7f:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U2NTIxMTAvBgNVBAUTKERCMzdDRDI4MkM2QzdEQkMzQTkwQjEwM0I3QTIzOURD RDE1OEZGNjAwHhcNMjUwODIwMjAyNTU5WhcNMjUwODI3MjAyNTU5WjAYMRYwFAYD VQQDEw02OGE2MmY1Ny01Y2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzEL9LcwdHDkZOgS5BkTVDoYDwN3L/zfIM/VvPeN3uRvm41f3Iv+KTHGF6FK 9N397yBKjIgZvWVhn/7OeKKdjnoUKIbMfzwOJYHzyiY2RLPqPOIqVlVO7s9io/M+ /VZwC85+oFWPFzJCa9COWcT27iauXYgCHyJalziC8fh2V4CNGcy0VgCyvuiOT0rq r7hrhW5Xee+StM0nvhthXtHsEwAaA4pIN0p4/wWWuJBq+8Mlh/y+cqEDXZwS44am NYq8uNf7Y93hiHa++EKPEFbBMkhERzu62DoAPXlHD3OxSIKA/A9NqskWK6G5ZmhI U8RTaAAFPguLGa7fgNrtfNoJkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDVTha2Q KqwNffE2urN7d6NkobXlMB8GA1UdIwQYMBaAFNs3zSgsbH28OpCxA7eiOdzRWP9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTY1Mi82MDBBQjQ2NEIy QjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2ZidzZrTEVEdDZJNTNORllf MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ6Zk5LQ3hzZmJ3NmtMRUR0Nkk1M05GWV8yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTY1Mi82MDBBQjQ2NEIyQjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2Zi dzZrTEVEdDZJNTNORllfMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZ4+XNtWz3+0OoWlqYX1lW1u7L6bOilTnUquZ1KwZgh3GTHAPmYU6q QsqDKiFKzk8ltbzBsohxFgflU4YdDplZVjsroVr2CTylgYLqLzbhnT410kW1KeCd o/ktJHv0NflcPNI975cjaSKnlaVtLMXjF+0k3tK50pkIU01Gd1MguKfArV8+Wlju s9FqBAWLtMd/kc+B30QRJ2n+q6cokPXxXT3AsWYM6ePZU0b9XBCgfwYO4d1mIPq1 tgHkyeHUSnf76czePY1i2/gvgmDEl5KQmc/D3+Cg9rPzkDbZnCsoMWgYPwKWxhOb zA6LWRj/RNOreL3NpxQsWzITBAe1F3+E -----END CERTIFICATE-----Generated at Fri Aug 22 16:35:11 2025 by rpki-client