$ rpki-client -vvf rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft File: nr2hI9nugwlDBaEYDCoIBX_lQGo.mft (raw, json) Hash identifier: eHcZD7FKh1M8BxzzJq5Hal9SrW6cJWF3S+VFeXyzH5A= Subject key identifier: BB:E3:3E:9A:59:54:E6:1E:A2:9B:66:C8:DE:C1:64:0D:5F:DA:A9:93 Authority key identifier: 9E:BD:A1:23:D9:EE:83:09:43:05:A1:18:0C:2A:08:05:7F:E5:40:6A Certificate issuer: /CN=A91425C3/serialNumber=9EBDA123D9EE83094305A1180C2A08057FE5406A Certificate serial: 1A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft Manifest number: 17 Signing time: Mon 25 Aug 2025 08:36:11 +0000 Manifest this update: Mon 25 Aug 2025 08:36:10 +0000 Manifest next update: Mon 01 Sep 2025 08:36:10 +0000 Files and hashes: 1: nr2hI9nugwlDBaEYDCoIBX_lQGo.crl (hash: /JrEL3xO1B+KaBIcCNxWaY9GzxRCuNN8WMZCnfbLwlU=) 2: CD603AAA6B2B11F0B21D7F0EC4F9AE02.roa (hash: I4V72owrg5qiCod5LgKXA3su1gxxiAdnYcB+BZWhJ8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.crl rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 08:36:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26 (0x1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91425C3, serialNumber=9EBDA123D9EE83094305A1180C2A08057FE5406A Validity Not Before: Aug 25 08:36:10 2025 GMT Not After : Sep 1 08:36:10 2025 GMT Subject: CN=68ac207a-dd4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:10:f0:77:83:1c:8f:5b:79:f6:08:8a:36:d4: 05:f1:e8:82:91:92:0e:a0:bd:37:84:d5:5d:c9:83: bc:78:0c:0d:42:7f:ef:a9:66:39:1f:12:4b:45:59: 70:16:38:42:63:dd:7f:c5:0e:49:1e:98:d4:47:4a: b2:f0:c5:59:cc:5f:c6:86:5f:a4:7d:63:1d:25:a9: 77:58:01:ca:d5:d3:1d:43:be:bf:e4:19:fb:2d:ce: 55:f0:3c:b7:29:be:bc:17:c8:b1:c1:75:99:ab:44: 91:b1:5f:06:12:07:26:c2:e1:b4:17:5c:46:a8:54: 28:6b:2b:14:64:18:21:0f:d3:17:8e:a9:92:dd:24: d8:17:00:a3:4d:a7:0c:53:31:9e:1d:6a:3f:21:94: 20:13:e8:0d:28:e9:d1:10:7c:b9:3d:fa:11:74:6e: 86:f3:2b:17:75:aa:2e:d9:9a:9a:ed:44:b4:74:47: 54:22:5f:c8:fb:0f:4b:d0:34:01:9d:56:87:6f:47: fa:0a:b7:40:a0:ff:e5:c1:99:f3:b1:62:72:a9:b7: af:3d:e3:48:97:85:d3:7a:72:55:91:8f:ad:64:92: 24:14:4d:7b:dc:68:16:19:e1:82:d6:a9:70:11:ce: 15:a0:ed:48:0a:85:cf:d3:0f:2c:1f:19:3e:ae:45: de:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:E3:3E:9A:59:54:E6:1E:A2:9B:66:C8:DE:C1:64:0D:5F:DA:A9:93 X509v3 Authority Key Identifier: keyid:9E:BD:A1:23:D9:EE:83:09:43:05:A1:18:0C:2A:08:05:7F:E5:40:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:6e:cd:79:6e:27:85:51:e8:75:79:15:db:1a:ed:d6:5a:e8: f9:67:f7:11:d6:ab:c2:25:72:eb:b2:f8:a8:17:f5:f1:8a:66: 98:7b:11:fe:5b:7e:1a:26:fa:ad:fa:4c:57:75:bd:94:11:5d: 8b:01:59:b4:82:cc:ff:be:61:e8:70:58:45:eb:7a:a1:c1:95: 0f:5d:0a:68:2e:e3:eb:90:18:7d:a7:68:32:c7:2f:f2:3d:05: 8e:04:a9:09:f5:9c:58:86:00:1d:b7:07:3c:83:00:ff:51:75: d4:b9:50:75:a3:b4:30:14:88:25:df:4b:9a:92:6f:e5:6a:71: 2f:72:69:52:2f:8c:5c:92:a8:21:ca:23:60:6d:d4:37:22:b6: 51:34:40:19:6f:d3:c0:a4:47:1a:18:76:50:62:36:c8:c0:34: b6:91:95:5f:d0:da:f7:89:51:b9:1d:02:58:a8:57:5f:64:24: 00:cd:88:4d:8e:8d:24:4c:a8:ff:de:d7:a9:e9:9d:f8:29:45: 87:1a:9b:1f:42:45:b4:82:e2:a4:84:24:ee:47:30:ba:9c:15: 79:ac:f8:77:d3:3d:f1:df:52:03:81:ae:6d:c8:2b:9a:bd:62: 47:98:3f:aa:84:7f:c3:87:b3:cd:27:5c:f5:1a:c8:d9:d5:90: 29:1a:f4:e9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjVDMzExMC8GA1UEBRMoOUVCREExMjNEOUVFODMwOTQzMDVBMTE4MEMyQTA4MDU3 RkU1NDA2QTAeFw0yNTA4MjUwODM2MTBaFw0yNTA5MDEwODM2MTBaMBgxFjAUBgNV BAMTDTY4YWMyMDdhLWRkNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqEPB3gxyPW3n2CIo21AXx6IKRkg6gvTeE1V3Jg7x4DA1Cf++pZjkfEktFWXAW OEJj3X/FDkkemNRHSrLwxVnMX8aGX6R9Yx0lqXdYAcrV0x1Dvr/kGfstzlXwPLcp vrwXyLHBdZmrRJGxXwYSBybC4bQXXEaoVChrKxRkGCEP0xeOqZLdJNgXAKNNpwxT MZ4daj8hlCAT6A0o6dEQfLk9+hF0bobzKxd1qi7ZmprtRLR0R1QiX8j7D0vQNAGd VodvR/oKt0Cg/+XBmfOxYnKpt68940iXhdN6clWRj61kkiQUTXvcaBYZ4YLWqXAR zhWg7UgKhc/TDywfGT6uRd6TAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUu+M+mllU 5h6im2bI3sFkDV/aqZMwHwYDVR0jBBgwFoAUnr2hI9nugwlDBaEYDCoIBX/lQGow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyNUMzLzIzMjZDNjNFNjYw NDExRjBBNEM1MTkyQkM0RjlBRTAyL25yMmhJOW51Z3dsREJhRVlEQ29JQlhfbFFH by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbnIyaEk5bnVnd2xEQmFFWURDb0lCWF9sUUdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy NUMzLzIzMjZDNjNFNjYwNDExRjBBNEM1MTkyQkM0RjlBRTAyL25yMmhJOW51Z3ds REJhRVlEQ29JQlhfbFFHby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAANuzXluJ4VR6HV5Fdsa7dZa6Pln9xHWq8Ilcuuy+KgX9fGKZph7Ef5b fhom+q36TFd1vZQRXYsBWbSCzP++YehwWEXreqHBlQ9dCmgu4+uQGH2naDLHL/I9 BY4EqQn1nFiGAB23BzyDAP9RddS5UHWjtDAUiCXfS5qSb+VqcS9yaVIvjFySqCHK I2Bt1DcitlE0QBlv08CkRxoYdlBiNsjANLaRlV/Q2veJUbkdAlioV19kJADNiE2O jSRMqP/e16npnfgpRYcamx9CRbSC4qSEJO5HMLqcFXms+HfTPfHfUgOBrm3IK5q9 YkeYP6qEf8OHs80nXPUayNnVkCka9Ok= -----END CERTIFICATE-----Generated at Mon Aug 25 23:30:12 2025 by rpki-client