$ rpki-client -vvf rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft File: 9ES43awaKuycmNiYFhxzSCwu1Ig.mft (raw, json) Hash identifier: Aajl8RuwDHtzROfGFMSPNgh1iSPiARQa1OuPgnOc9nA= Subject key identifier: 08:72:50:07:BE:2E:B7:A2:6C:9F:69:18:7E:81:0D:81:1A:AA:54:DF Authority key identifier: F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 Certificate issuer: /CN=A91427E2/serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft Manifest number: 8A Signing time: Sat 19 Jul 2025 06:47:41 +0000 Manifest this update: Sat 19 Jul 2025 06:47:40 +0000 Manifest next update: Sat 26 Jul 2025 06:47:40 +0000 Files and hashes: 1: 9ES43awaKuycmNiYFhxzSCwu1Ig.crl (hash: FxyRCYjjgwZFYtDN/sQh5QnlNqzFE92z9gJ5ALai2F0=) 2: 52EADE54935111EF98AA8C86C4F9AE02.roa (hash: 0fdxeAEBe9WDBbNHH1E08sqfA2VEHdavddZ4/AMBK2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:47:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91427E2, serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Validity Not Before: Jul 19 06:47:40 2025 GMT Not After : Jul 26 06:47:40 2025 GMT Subject: CN=687b3f8d-32fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ab:9d:f8:99:a2:1c:e8:d8:c9:19:f3:a4:9a: 98:df:d9:9d:00:16:44:f0:5c:8c:d5:dd:1d:79:19: 48:f4:39:8f:4c:7c:42:eb:70:97:7d:11:9d:18:49: 6a:ee:b4:9b:bc:c9:b8:dd:9b:d5:25:a1:2b:d4:bb: 60:b0:80:24:8b:21:c7:b0:88:16:a2:57:bd:20:27: 28:65:2f:67:f0:d7:fa:20:a9:f6:e0:6c:4d:84:58: 7c:d9:fc:90:9a:b6:36:f0:08:e3:71:91:01:26:4b: e1:5c:a5:61:27:3e:62:24:de:2c:90:33:c6:bb:4a: b8:71:61:dd:f2:44:90:96:e8:33:aa:b5:a9:8a:2a: c4:fe:3a:07:67:89:86:47:23:56:51:98:2b:7a:49: 4f:05:5e:83:cd:27:96:15:93:7e:64:89:41:2e:53: bd:98:47:4f:2d:c9:e7:af:0f:40:6c:82:e5:10:49: 7b:73:16:a5:79:4c:5a:73:fe:6f:a4:c9:34:10:dc: e6:81:13:29:b3:81:83:8d:a2:a4:02:b1:81:ba:68: b6:62:81:a6:cc:b5:a9:91:9a:7c:c7:f5:f9:2d:d0: af:38:e2:46:fd:ae:3d:5f:df:f9:9c:cf:6d:72:11: 7d:62:aa:c6:c2:5e:86:85:90:e6:4a:40:48:25:34: 38:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:72:50:07:BE:2E:B7:A2:6C:9F:69:18:7E:81:0D:81:1A:AA:54:DF X509v3 Authority Key Identifier: keyid:F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:82:0d:cb:5c:83:c2:b3:67:59:ea:a3:74:46:a1:04:2b:83: 29:0c:e8:28:fb:a2:4b:9e:b3:6a:38:37:a8:55:74:bf:97:fe: 1c:a7:a4:55:c7:7d:7f:21:8e:c9:4c:9f:af:9b:0a:0a:be:dd: fd:8a:41:d7:be:8b:a8:d1:9d:d5:81:d0:45:e8:c9:82:cc:b3: f2:c5:29:94:78:30:64:eb:a5:41:23:76:fb:d7:86:1c:98:3f: 32:0b:ee:43:ff:eb:e8:bc:7c:67:8d:04:16:96:83:2d:0b:37: 90:63:13:2d:db:51:b2:b7:34:fb:c9:81:52:f1:8c:99:d7:73: 18:58:fa:15:bb:90:4f:87:35:5d:c5:16:09:61:4d:13:3f:04: 5d:cf:0a:83:2a:04:c0:ce:73:15:09:7c:fa:8d:54:3c:0b:82: e0:0e:f7:ce:5e:d2:ea:6a:25:61:7a:91:75:a8:9c:fd:d9:4c: e9:87:b6:61:9c:77:98:83:89:1b:c3:9b:c5:9f:cc:cd:72:01: da:cb:13:bd:c7:12:14:58:7d:0c:10:13:92:37:f2:9f:95:b4: 10:21:67:9a:f6:f0:0d:62:e9:73:d1:28:e5:d1:18:04:4c:75: 08:66:43:1d:91:01:5f:51:84:67:94:23:30:8a:d0:51:f0:c6: e4:f5:2a:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDI3RTIxMTAvBgNVBAUTKEY0NDRCOEREQUMxQTJBRUM5Qzk4RDg5ODE2MUM3MzQ4 MkMyRUQ0ODgwHhcNMjUwNzE5MDY0NzQwWhcNMjUwNzI2MDY0NzQwWjAYMRYwFAYD VQQDEw02ODdiM2Y4ZC0zMmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3aud+JmiHOjYyRnzpJqY39mdABZE8FyM1d0deRlI9DmPTHxC63CXfRGdGElq 7rSbvMm43ZvVJaEr1LtgsIAkiyHHsIgWole9ICcoZS9n8Nf6IKn24GxNhFh82fyQ mrY28AjjcZEBJkvhXKVhJz5iJN4skDPGu0q4cWHd8kSQlugzqrWpiirE/joHZ4mG RyNWUZgreklPBV6DzSeWFZN+ZIlBLlO9mEdPLcnnrw9AbILlEEl7cxaleUxac/5v pMk0ENzmgRMps4GDjaKkArGBumi2YoGmzLWpkZp8x/X5LdCvOOJG/a49X9/5nM9t chF9YqrGwl6GhZDmSkBIJTQ4xwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAhyUAe+ LreibJ9pGH6BDYEaqlTfMB8GA1UdIwQYMBaAFPREuN2sGirsnJjYmBYcc0gsLtSI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdFMi83MDMxQTFFQzkz NTAxMUVGQkFDRTAwNENDNEY5QUUwMi85RVM0M2F3YUt1eWNtTmlZRmh4elNDd3Ux SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzlFUzQzYXdhS3V5Y21OaVlGaHh6U0N3dTFJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjdFMi83MDMxQTFFQzkzNTAxMUVGQkFDRTAwNENDNEY5QUUwMi85RVM0M2F3YUt1 eWNtTmlZRmh4elNDd3UxSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARgg3LXIPCs2dZ6qN0RqEEK4MpDOgo+6JLnrNqODeoVXS/l/4cp6RV x31/IY7JTJ+vmwoKvt39ikHXvouo0Z3VgdBF6MmCzLPyxSmUeDBk66VBI3b714Yc mD8yC+5D/+vovHxnjQQWloMtCzeQYxMt21GytzT7yYFS8YyZ13MYWPoVu5BPhzVd xRYJYU0TPwRdzwqDKgTAznMVCXz6jVQ8C4LgDvfOXtLqaiVhepF1qJz92Uzph7Zh nHeYg4kbw5vFn8zNcgHayxO9xxIUWH0MEBOSN/KflbQQIWea9vANYulz0Sjl0RgE THUIZkMdkQFfUYRnlCMwitBR8Mbk9Sqi -----END CERTIFICATE-----Generated at Mon Jul 21 00:27:20 2025 by rpki-client