$ rpki-client -vvf rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.mft File: gg9wML6sbUnxCbqOwlplvyNprS8.mft (raw, json) Hash identifier: Ekj/M1ZVxMHSUS2xzD/j2hgwPMf9MJst6O2zie4XK78= Subject key identifier: 25:DC:28:EA:CD:F9:6A:3D:F0:23:CE:11:33:7D:69:5C:FA:2C:CE:CD Authority key identifier: 82:0F:70:30:BE:AC:6D:49:F1:09:BA:8E:C2:5A:65:BF:23:69:AD:2F Certificate issuer: /CN=A9146DAA/serialNumber=820F7030BEAC6D49F109BA8EC25A65BF2369AD2F Certificate serial: 01CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gg9wML6sbUnxCbqOwlplvyNprS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.mft Manifest number: 01CB Signing time: Sat 23 Aug 2025 02:59:42 +0000 Manifest this update: Sat 23 Aug 2025 02:59:42 +0000 Manifest next update: Sat 30 Aug 2025 02:59:42 +0000 Files and hashes: 1: gg9wML6sbUnxCbqOwlplvyNprS8.crl (hash: tJsPULn+jiXNtk3vST63rOHhTMI1PvvLk6binnAdUK4=) 2: 08E67270C19611EDBDEEFD0BC4F9AE02.roa (hash: dWU1gPzZFM9Cw+SS2wudvR0l02XzByvndbpoX+ljoqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.crl rsync://rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gg9wML6sbUnxCbqOwlplvyNprS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:59:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 462 (0x1ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146DAA, serialNumber=820F7030BEAC6D49F109BA8EC25A65BF2369AD2F Validity Not Before: Aug 23 02:59:42 2025 GMT Not After : Aug 30 02:59:42 2025 GMT Subject: CN=68a92e9e-7400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a0:80:d2:ec:da:0f:f1:b5:e9:2d:13:ee:72: 53:a7:a1:34:73:d2:ad:1b:b6:43:35:34:dd:c4:39: a3:3a:c3:1b:30:84:1e:13:bc:21:75:c7:19:51:6e: 09:13:8e:12:d2:e5:00:8b:16:93:0a:0d:57:f3:0e: 15:4d:9b:e9:fe:85:44:d3:7f:03:4f:21:a9:b5:3a: 0d:e3:93:d7:cb:d2:c7:b8:bc:55:60:53:bc:38:ad: 1a:17:db:c0:45:88:77:f6:5a:02:eb:5a:58:58:ea: bc:bb:d1:4e:4b:41:0a:26:f1:78:94:3e:a1:c9:b5: 0e:2a:66:51:ce:ec:73:3d:99:a3:ea:93:5d:4c:31: 41:bd:97:e7:fd:47:5e:e0:04:b0:bf:27:b3:dc:6d: 2f:20:df:ca:af:75:ab:20:2e:95:d6:75:ec:7a:61: 1d:30:39:ab:44:9a:23:61:97:bc:e5:e6:c1:b2:10: 08:ac:e9:3f:f3:8a:05:42:b3:b2:6c:35:64:28:59: 47:00:4a:d9:b3:4f:a3:a5:1b:a4:c9:41:d9:f5:2f: f7:9b:ad:63:0d:cf:e4:46:88:76:ee:f7:3f:24:5d: c4:a5:6a:59:97:82:5b:80:84:6f:fc:c0:45:b0:05: 8a:2f:d1:ef:78:86:9c:2d:db:83:aa:dd:f4:d1:35: a8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:DC:28:EA:CD:F9:6A:3D:F0:23:CE:11:33:7D:69:5C:FA:2C:CE:CD X509v3 Authority Key Identifier: keyid:82:0F:70:30:BE:AC:6D:49:F1:09:BA:8E:C2:5A:65:BF:23:69:AD:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gg9wML6sbUnxCbqOwlplvyNprS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146DAA/71EB7C5AC19311ED9B866B0BC4F9AE02/gg9wML6sbUnxCbqOwlplvyNprS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:ca:79:4c:8a:de:d9:cc:16:08:08:b7:78:fc:32:d1:00:4e: 12:df:2d:b6:73:1b:b1:1e:11:4f:dc:47:8a:63:8f:6d:ff:ab: c1:f6:47:7c:a5:1c:17:1b:96:81:42:66:6a:50:3b:bf:b4:ec: f5:d4:f2:2a:aa:02:df:76:c2:43:bd:9d:0d:ca:b4:39:00:ad: 2d:64:4b:27:15:b4:28:6d:e3:6c:0e:84:ab:7e:67:95:e7:ac: 3c:0b:00:2e:76:41:5b:fa:3c:64:99:41:d3:11:0c:0c:a4:0c: 4b:ce:a3:ad:ac:42:76:18:64:01:52:84:b6:f5:8d:f8:e3:b8: 72:aa:23:94:bf:e9:cf:a2:c4:02:66:cf:ba:d6:62:9f:de:f2: 49:b0:94:73:96:9c:63:21:63:17:b6:2d:8c:86:11:e7:15:7d: 50:82:54:bf:ae:48:89:3d:49:ed:44:46:dc:d6:22:e8:0f:18: 0a:6a:02:54:f3:1a:88:13:44:55:95:1c:59:35:34:30:63:dd: 1d:3c:44:40:a9:75:a3:c9:33:fe:f6:61:98:90:fe:a0:c5:4d: ba:8a:dd:89:5a:b0:27:b0:40:fd:04:bd:ab:17:60:6c:20:93: 90:9f:27:4a:34:10:5d:11:2e:9d:d8:78:d2:9f:f7:83:56:a1: eb:71:a0:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDZEQUExMTAvBgNVBAUTKDgyMEY3MDMwQkVBQzZENDlGMTA5QkE4RUMyNUE2NUJG MjM2OUFEMkYwHhcNMjUwODIzMDI1OTQyWhcNMjUwODMwMDI1OTQyWjAYMRYwFAYD VQQDEw02OGE5MmU5ZS03NDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaCA0uzaD/G16S0T7nJTp6E0c9KtG7ZDNTTdxDmjOsMbMIQeE7whdccZUW4J E44S0uUAixaTCg1X8w4VTZvp/oVE038DTyGptToN45PXy9LHuLxVYFO8OK0aF9vA RYh39loC61pYWOq8u9FOS0EKJvF4lD6hybUOKmZRzuxzPZmj6pNdTDFBvZfn/Ude 4ASwvyez3G0vIN/Kr3WrIC6V1nXsemEdMDmrRJojYZe85ebBshAIrOk/84oFQrOy bDVkKFlHAErZs0+jpRukyUHZ9S/3m61jDc/kRoh27vc/JF3EpWpZl4JbgIRv/MBF sAWKL9HveIacLduDqt300TWowwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCXcKOrN +Wo98CPOETN9aVz6LM7NMB8GA1UdIwQYMBaAFIIPcDC+rG1J8Qm6jsJaZb8jaa0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkRBQS83MUVCN0M1QUMx OTMxMUVEOUI4NjZCMEJDNEY5QUUwMi9nZzl3TUw2c2JVbnhDYnFPd2xwbHZ5TnBy UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dnOXdNTDZzYlVueENicU93bHBsdnlOcHJTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NkRBQS83MUVCN0M1QUMxOTMxMUVEOUI4NjZCMEJDNEY5QUUwMi9nZzl3TUw2c2JV bnhDYnFPd2xwbHZ5TnByUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwynlMit7ZzBYICLd4/DLRAE4S3y22cxuxHhFP3EeKY49t/6vB9kd8 pRwXG5aBQmZqUDu/tOz11PIqqgLfdsJDvZ0NyrQ5AK0tZEsnFbQobeNsDoSrfmeV 56w8CwAudkFb+jxkmUHTEQwMpAxLzqOtrEJ2GGQBUoS29Y3447hyqiOUv+nPosQC Zs+61mKf3vJJsJRzlpxjIWMXti2MhhHnFX1QglS/rkiJPUntREbc1iLoDxgKagJU 8xqIE0RVlRxZNTQwY90dPERAqXWjyTP+9mGYkP6gxU26it2JWrAnsED9BL2rF2Bs IJOQnydKNBBdES6d2HjSn/eDVqHrcaAu -----END CERTIFICATE-----Generated at Sun Aug 24 22:14:33 2025 by rpki-client