$ rpki-client -vvf rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft File: 5vEsD995brDfK2AuWsQsy4OyLhg.mft (raw, json) Hash identifier: anZNkZTQOdBCDcXVYGAzZ27M2zJpWXWywI9Py9AAth4= Subject key identifier: D9:CD:09:D3:2A:2E:B7:56:4F:87:C7:1C:92:31:4E:61:54:00:CC:47 Authority key identifier: E6:F1:2C:0F:DF:79:6E:B0:DF:2B:60:2E:5A:C4:2C:CB:83:B2:2E:18 Certificate issuer: /CN=A914E3B7/serialNumber=E6F12C0FDF796EB0DF2B602E5AC42CCB83B22E18 Certificate serial: 34AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft Manifest number: 34AA Signing time: Wed 20 Aug 2025 15:10:01 +0000 Manifest this update: Wed 20 Aug 2025 15:10:00 +0000 Manifest next update: Wed 27 Aug 2025 15:10:00 +0000 Files and hashes: 1: 5vEsD995brDfK2AuWsQsy4OyLhg.crl (hash: I3MBwJefLPEXVwpveIQPtWUW9uDcxguhNqW4EcKbyN8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.crl rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 15:10:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13485 (0x34ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E3B7, serialNumber=E6F12C0FDF796EB0DF2B602E5AC42CCB83B22E18 Validity Not Before: Aug 20 15:10:00 2025 GMT Not After : Aug 27 15:10:00 2025 GMT Subject: CN=68a5e549-c8a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:40:99:12:b8:0c:90:bf:02:9b:7c:ca:1a:bb: 56:54:63:1a:6f:e5:ab:ce:47:70:84:22:fa:6f:92: 1d:55:f4:e5:4b:ff:b7:0b:e5:63:4b:b6:c0:42:ee: 54:46:bb:5d:aa:fc:bd:e0:c0:02:28:2e:1c:01:5d: a8:5a:e8:e1:bf:a9:5c:b2:14:b3:f2:61:5a:0e:80: d7:50:af:4f:e2:19:6f:d9:e8:fc:ff:c1:7a:ac:57: 9e:2b:ae:5b:16:58:a8:84:59:50:e6:74:45:a7:8f: a9:06:ba:9f:88:b5:81:4c:c8:9b:04:3a:0a:76:98: e8:00:cb:c4:9b:66:f8:d9:1b:9d:a1:56:e8:5e:d6: ca:b3:4d:96:a2:60:96:e8:7e:c8:a3:ab:71:18:42: 6a:e9:c8:62:2c:93:e4:2f:24:2a:5a:93:aa:90:fe: 18:53:3f:7a:a2:47:79:b4:86:02:74:7c:9e:d4:fb: 2d:90:57:9e:d5:ae:7c:4f:a6:73:23:66:b6:90:39: 44:19:c8:a9:32:62:0f:ae:a0:d7:2e:78:f3:e7:fa: 06:14:45:9b:2b:55:4a:70:72:5d:c2:8b:8f:60:c1: 7a:5e:71:e8:f5:3f:cb:85:80:50:af:93:cc:cc:80: 16:a3:24:4a:50:a7:b6:f2:10:77:74:48:f1:d2:ec: 2c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:CD:09:D3:2A:2E:B7:56:4F:87:C7:1C:92:31:4E:61:54:00:CC:47 X509v3 Authority Key Identifier: keyid:E6:F1:2C:0F:DF:79:6E:B0:DF:2B:60:2E:5A:C4:2C:CB:83:B2:2E:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:b8:6f:e9:29:a7:7b:ab:1c:11:2f:e0:b0:7b:68:c0:c5:64: d5:ee:96:7b:07:bb:67:e2:98:3b:4f:23:59:61:42:da:5d:f5: 78:fd:19:81:47:5c:97:53:29:08:86:7d:66:e4:9d:6a:bf:a1: 61:69:02:30:07:88:fe:f7:44:ad:a2:6b:0a:f6:3b:dc:b4:bc: 6b:09:5a:bc:db:81:bb:15:10:68:b6:b5:ac:01:09:c3:f8:a8: 8e:fb:9e:85:4f:3d:4d:fc:a3:42:bf:2f:ec:e4:6b:a6:4a:ee: 85:5c:ca:a5:6e:78:b1:69:f6:94:e2:70:52:67:18:c4:17:f7: c8:1e:29:d0:c7:c9:f4:c0:3a:ab:ff:b8:3c:77:d7:c5:33:1d: 7a:b5:c3:08:7c:58:53:80:2a:39:41:36:9c:e3:ed:b0:fb:a2: cd:69:24:fc:e2:a3:44:31:e2:5e:a0:50:f0:a6:3e:54:ba:37: 39:c7:d3:3c:6a:ab:e0:e2:90:06:c2:bb:60:f8:26:35:eb:e2: b7:ea:43:3e:eb:40:b8:1d:54:fb:64:28:18:4d:7a:01:f1:5f: f2:40:b3:a1:c6:11:09:da:8d:76:2c:ae:49:8f:7e:5b:e9:5a: 6d:6e:e9:ca:53:fe:df:c4:83:9c:55:7f:66:a0:15:2c:56:fa: 4f:57:98:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUzQjcxMTAvBgNVBAUTKEU2RjEyQzBGREY3OTZFQjBERjJCNjAyRTVBQzQyQ0NC ODNCMjJFMTgwHhcNMjUwODIwMTUxMDAwWhcNMjUwODI3MTUxMDAwWjAYMRYwFAYD VQQDEw02OGE1ZTU0OS1jOGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkCZErgMkL8Cm3zKGrtWVGMab+WrzkdwhCL6b5IdVfTlS/+3C+VjS7bAQu5U Rrtdqvy94MACKC4cAV2oWujhv6lcshSz8mFaDoDXUK9P4hlv2ej8/8F6rFeeK65b FliohFlQ5nRFp4+pBrqfiLWBTMibBDoKdpjoAMvEm2b42RudoVboXtbKs02WomCW 6H7Io6txGEJq6chiLJPkLyQqWpOqkP4YUz96okd5tIYCdHye1PstkFee1a58T6Zz I2a2kDlEGcipMmIPrqDXLnjz5/oGFEWbK1VKcHJdwouPYMF6XnHo9T/LhYBQr5PM zIAWoyRKUKe28hB3dEjx0uwsdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNnNCdMq LrdWT4fHHJIxTmFUAMxHMB8GA1UdIwQYMBaAFObxLA/feW6w3ytgLlrELMuDsi4Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTNCNy85RkFFODRGQTFE QTQxMUUyQUMyQkFGOUEwOEIwMkNEMi81dkVzRDk5NWJyRGZLMkF1V3NRc3k0T3lM aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzV2RXNEOTk1YnJEZksyQXVXc1FzeTRPeUxoZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTNCNy85RkFFODRGQTFEQTQxMUUyQUMyQkFGOUEwOEIwMkNEMi81dkVzRDk5NWJy RGZLMkF1V3NRc3k0T3lMaGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/uG/pKad7qxwRL+Cwe2jAxWTV7pZ7B7tn4pg7TyNZYULaXfV4/RmB R1yXUykIhn1m5J1qv6FhaQIwB4j+90StomsK9jvctLxrCVq824G7FRBotrWsAQnD +KiO+56FTz1N/KNCvy/s5GumSu6FXMqlbnixafaU4nBSZxjEF/fIHinQx8n0wDqr /7g8d9fFMx16tcMIfFhTgCo5QTac4+2w+6LNaST84qNEMeJeoFDwpj5Uujc5x9M8 aqvg4pAGwrtg+CY16+K36kM+60C4HVT7ZCgYTXoB8V/yQLOhxhEJ2o12LK5Jj35b 6VptbunKU/7fxIOcVX9moBUsVvpPV5gC -----END CERTIFICATE-----Generated at Fri Aug 22 16:30:39 2025 by rpki-client