$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: scNFUOJwbADopONEIuUNUJfzujB7hOPBvfi2Gc2UOUw= Subject key identifier: 62:58:AB:CB:F6:6D:BC:16:72:70:18:3A:F1:C4:1F:F1:57:5D:D1:9D Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0C05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0BFC Signing time: Sun 24 Aug 2025 18:45:42 +0000 Manifest this update: Sun 24 Aug 2025 18:45:42 +0000 Manifest next update: Sun 31 Aug 2025 18:45:42 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: dd9XUw5XzMepc8yyfBs0BjLa2/4Q073rl3wbDsdKNXE=) 2: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (hash: vtoSKlT7or456eJjA8slT3V02xUjwJUVTYQRDOjaj2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 18:45:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3077 (0xc05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Aug 24 18:45:42 2025 GMT Not After : Aug 31 18:45:42 2025 GMT Subject: CN=68ab5dd6-d3da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8e:40:7f:42:80:c2:a6:79:87:21:df:61:d7: be:cd:99:6f:ce:29:43:6c:e5:1d:59:db:cf:02:b2: 67:80:4c:9f:16:f3:fc:75:ca:e1:1f:73:3e:31:46: a9:d7:39:e8:c0:be:56:23:dc:81:3e:4a:95:ba:88: 7d:d3:f7:c5:73:ec:61:bc:15:f8:ff:95:ef:f0:3a: 41:e6:2c:78:9e:71:9a:b7:e1:f8:47:a2:8d:85:3d: 8f:aa:9a:5b:0f:f2:e1:3d:c7:1f:eb:08:c7:a3:63: 2e:60:3c:ef:64:98:90:98:dc:5c:d2:fc:93:10:43: 71:c4:fe:78:f6:5f:90:6a:bb:c8:49:3b:d7:69:57: 5d:85:16:e9:fb:e1:90:a5:6b:92:6d:3f:72:12:f5: e6:0a:a0:dd:cd:67:58:96:89:cd:b8:ea:a4:7e:c1: 32:b7:bb:ad:d2:9a:6b:c8:1e:2b:6d:bc:7b:ad:09: f0:8c:3e:2a:4f:05:fc:a1:93:39:ce:ae:66:1b:49: 16:ff:17:83:6e:a8:a9:f2:2c:23:b1:af:d8:3d:de: 24:e7:71:e5:36:bd:6e:7e:ce:4f:af:bb:86:9f:f1: e2:4d:6e:a8:a2:09:d5:4b:e1:83:7b:e8:ba:fb:fc: 41:df:b9:e2:3e:15:c2:4e:f9:09:4e:44:32:1b:85: 14:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:58:AB:CB:F6:6D:BC:16:72:70:18:3A:F1:C4:1F:F1:57:5D:D1:9D X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:9b:d0:db:6d:5a:2e:45:b7:6f:7b:f7:f5:45:90:9d:ee:5b: 9d:58:2b:d5:0c:0b:e5:81:95:e8:64:71:20:55:62:d3:58:46: bd:36:4f:5e:59:51:d7:56:bc:12:f6:93:2d:57:ae:4a:b6:79: 0a:2b:04:d9:52:e4:2c:f7:15:3d:44:38:dc:c8:e0:e9:eb:42: f2:73:26:a3:42:46:4b:69:06:02:89:04:1d:e8:23:20:16:81: 03:54:1d:9f:c8:00:cc:f5:e0:04:b2:f4:b5:06:6d:85:91:08: 98:70:ba:15:3c:7a:3d:66:eb:11:32:e5:e3:93:25:37:3e:46: 0d:9e:68:19:8f:a9:4c:c4:89:60:41:8a:7e:8f:65:df:3a:ad: 99:a1:7a:89:fc:ca:ad:26:d0:44:cb:08:12:81:6c:c0:29:db: 85:f1:38:30:bf:35:88:06:35:f9:9c:22:fa:4f:15:42:b0:0f: 7a:c4:60:78:8a:76:7d:e2:cf:83:08:2d:be:43:5d:5c:fa:9b: f1:fc:e5:6e:e7:5b:35:f7:9a:29:41:d2:69:dc:14:2d:ba:28: 95:a2:ef:19:5f:df:1e:fa:a0:20:06:a1:73:57:c9:2a:4c:8b: af:9e:57:ed:4c:40:e3:da:ef:f8:fc:80:cf:ae:b7:57:e4:0a: c1:42:7c:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwODI0MTg0NTQyWhcNMjUwODMxMTg0NTQyWjAYMRYwFAYD VQQDEw02OGFiNWRkNi1kM2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv45Af0KAwqZ5hyHfYde+zZlvzilDbOUdWdvPArJngEyfFvP8dcrhH3M+MUap 1znowL5WI9yBPkqVuoh90/fFc+xhvBX4/5Xv8DpB5ix4nnGat+H4R6KNhT2Pqppb D/LhPccf6wjHo2MuYDzvZJiQmNxc0vyTEENxxP549l+QarvISTvXaVddhRbp++GQ pWuSbT9yEvXmCqDdzWdYlonNuOqkfsEyt7ut0ppryB4rbbx7rQnwjD4qTwX8oZM5 zq5mG0kW/xeDbqip8iwjsa/YPd4k53HlNr1ufs5Pr7uGn/HiTW6oognVS+GDe+i6 +/xB37niPhXCTvkJTkQyG4UU5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGJYq8v2 bbwWcnAYOvHEH/FXXdGdMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwm9DbbVouRbdve/f1RZCd7ludWCvVDAvlgZXoZHEgVWLTWEa9Nk9e WVHXVrwS9pMtV65KtnkKKwTZUuQs9xU9RDjcyODp60LycyajQkZLaQYCiQQd6CMg FoEDVB2fyADM9eAEsvS1Bm2FkQiYcLoVPHo9ZusRMuXjkyU3PkYNnmgZj6lMxIlg QYp+j2XfOq2ZoXqJ/MqtJtBEywgSgWzAKduF8TgwvzWIBjX5nCL6TxVCsA96xGB4 inZ94s+DCC2+Q11c+pvx/OVu51s195opQdJp3BQtuiiVou8ZX98e+qAgBqFzV8kq TIuvnlftTEDj2u/4/IDPrrdX5ArBQnwh -----END CERTIFICATE-----Generated at Sun Aug 24 21:54:11 2025 by rpki-client