$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: ja0BGW73CX8SaSBiw0ZfANqn5S4wj+gO/2aAOcbVZt0= Subject key identifier: 7C:59:7E:93:A1:7A:B6:34:AD:1A:34:C6:31:87:84:8A:EA:7E:60:CD Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D4F Signing time: Mon 08 Sep 2025 18:01:46 +0000 Manifest this update: Mon 08 Sep 2025 18:01:46 +0000 Manifest next update: Mon 15 Sep 2025 18:01:46 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: FQZ8MuPWtsHVkx9aUKvpKz4c4L4+ezLmAHVr6EvUuKY=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 18:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3416 (0xd58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Sep 8 18:01:46 2025 GMT Not After : Sep 15 18:01:46 2025 GMT Subject: CN=68bf1a0a-576f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8a:66:99:f7:2b:c0:b0:6d:08:2f:f2:9c:d6: c4:1a:05:85:c6:30:b2:2a:e3:76:6a:a0:a4:0b:b8: 6c:3b:45:a8:ed:64:0f:ed:4f:6a:d4:75:bf:42:d2: c6:a2:b8:4c:35:2e:84:52:84:b2:2a:d0:d4:f6:92: 2a:2c:b8:c8:82:09:90:20:42:70:35:08:52:81:ec: 7e:4e:97:35:95:50:bd:dc:2b:ba:46:58:a4:96:f0: 4d:1c:29:36:87:7c:75:d6:0a:20:0d:46:41:07:9e: 9c:a7:c5:6e:a9:78:76:85:18:bb:ad:4a:93:96:5b: b7:07:09:b7:8d:04:bf:10:0c:b3:bc:94:f4:9e:83: 17:86:13:c4:69:50:0b:4f:da:2f:1f:cd:8a:7b:93: d5:ee:19:30:6b:06:f1:cc:09:7f:78:60:39:c8:9f: 8f:6f:08:1a:bf:cf:36:38:59:66:94:ee:87:89:e8: 0f:7f:9a:53:1b:74:a9:18:45:f7:cf:b1:73:96:77: 87:7b:16:0c:e4:d5:9c:bf:db:0c:3e:47:e8:3e:2e: 6f:c7:a9:3c:4c:c4:0b:c8:10:6b:9d:73:3f:88:ab: 96:4e:86:40:d3:3f:16:fa:7d:2b:0a:2b:d6:52:2d: aa:a1:4e:57:87:de:d3:20:e3:c9:c0:b2:80:bb:39: 18:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:59:7E:93:A1:7A:B6:34:AD:1A:34:C6:31:87:84:8A:EA:7E:60:CD X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d8:c3:ef:bf:ab:30:48:fa:2e:4d:e3:69:9b:fc:f1:ee:60:8f: 50:16:ca:d6:51:8d:0d:6d:b3:9c:bc:b6:fb:61:da:74:54:04: 9d:0b:97:d8:0c:07:43:e0:52:b8:3a:bb:0d:d6:7c:be:5e:0b: e7:13:ad:01:9f:42:bd:1e:52:30:46:9b:5b:1b:ae:3f:02:c0: 02:f8:9a:2b:fb:89:16:ba:f7:d4:c6:d2:8b:bc:01:11:c4:de: 72:a0:ee:3d:43:aa:ae:94:99:a9:b7:d2:94:87:f6:ea:57:2a: db:5b:89:59:38:27:bb:1a:89:46:da:44:f8:8f:b9:e9:c1:a1: 34:de:b7:bd:1e:97:2f:49:90:db:92:65:86:0a:bb:cd:d6:6a: 4c:77:d7:6e:5c:cb:18:ca:fb:ff:33:1b:04:d2:f9:4d:9a:d4: 53:8a:db:5a:4f:ea:8e:86:d8:38:9a:93:e7:4c:25:21:41:2f: 5c:d9:aa:26:6a:15:41:9e:1e:f4:00:17:75:6f:bc:7a:97:cc: a6:6b:af:90:f8:5a:9e:ed:40:a0:d5:22:28:53:d8:aa:72:1f: 49:9d:58:6e:be:e7:de:84:77:7f:4a:1a:0c:6c:5d:da:3e:9d: 2c:f9:c4:35:c8:26:0d:b9:2a:7f:61:6a:23:09:cd:2c:91:6a: 26:2f:f6:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUwOTA4MTgwMTQ2WhcNMjUwOTE1MTgwMTQ2WjAYMRYwFAYD VQQDEw02OGJmMWEwYS01NzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4pmmfcrwLBtCC/ynNbEGgWFxjCyKuN2aqCkC7hsO0Wo7WQP7U9q1HW/QtLG orhMNS6EUoSyKtDU9pIqLLjIggmQIEJwNQhSgex+Tpc1lVC93Cu6RliklvBNHCk2 h3x11gogDUZBB56cp8VuqXh2hRi7rUqTllu3Bwm3jQS/EAyzvJT0noMXhhPEaVAL T9ovH82Ke5PV7hkwawbxzAl/eGA5yJ+Pbwgav882OFlmlO6HiegPf5pTG3SpGEX3 z7FzlneHexYM5NWcv9sMPkfoPi5vx6k8TMQLyBBrnXM/iKuWToZA0z8W+n0rCivW Ui2qoU5Xh97TIOPJwLKAuzkYVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHxZfpOh erY0rRo0xjGHhIrqfmDNMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDYw++/qzBI+i5N42mb/PHuYI9QFsrWUY0NbbOcvLb7Ydp0VASdC5fY DAdD4FK4OrsN1ny+XgvnE60Bn0K9HlIwRptbG64/AsAC+Jor+4kWuvfUxtKLvAER xN5yoO49Q6qulJmpt9KUh/bqVyrbW4lZOCe7GolG2kT4j7npwaE03re9HpcvSZDb kmWGCrvN1mpMd9duXMsYyvv/MxsE0vlNmtRTittaT+qOhtg4mpPnTCUhQS9c2aom ahVBnh70ABd1b7x6l8yma6+Q+Fqe7UCg1SIoU9iqch9JnVhuvufehHd/ShoMbF3a Pp0s+cQ1yCYNuSp/YWojCc0skWomL/aC -----END CERTIFICATE-----Generated at Tue Sep 9 13:22:50 2025 by rpki-client