$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft File: 4suW87BaY-nlR5ZSbszpSjWR5fw.mft (raw, json) Hash identifier: kLHnouxYPz3Nf02NFpSeBOF5p3bl7qsXB/CyJPNvGsc= Subject key identifier: 1A:A4:51:B6:4F:D6:FB:4B:9E:53:04:93:87:31:C8:00:A4:39:60:89 Authority key identifier: E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC Certificate issuer: /CN=A9157B74/serialNumber=E2CB96F3B05A63E9E54796526ECCE94A3591E5FC Certificate serial: 31 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4suW87BaY-nlR5ZSbszpSjWR5fw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft Manifest number: 30 Signing time: Mon 25 Aug 2025 08:12:11 +0000 Manifest this update: Mon 25 Aug 2025 08:12:11 +0000 Manifest next update: Mon 01 Sep 2025 08:12:11 +0000 Files and hashes: 1: 4suW87BaY-nlR5ZSbszpSjWR5fw.crl (hash: 8A1ZE6F93Qt3myV7BOtwWickoNt90Q0ZZQ4BdEqDYCY=) 2: ACCFE0643C9711F08159891EC4F9AE02.roa (hash: lVHhBj6K1C48l+j8zLFa7FZ7WGKYKz6QlN3fyLSlK7w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.crl rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4suW87BaY-nlR5ZSbszpSjWR5fw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 08:12:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B74, serialNumber=E2CB96F3B05A63E9E54796526ECCE94A3591E5FC Validity Not Before: Aug 25 08:12:11 2025 GMT Not After : Sep 1 08:12:11 2025 GMT Subject: CN=68ac1adb-8b2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:18:d0:54:60:b8:f9:1b:5a:7f:e0:f2:a2:bf: bc:da:6e:00:17:ee:46:cb:14:d7:3a:dd:3c:78:eb: c3:94:09:36:2f:14:df:a2:96:55:2d:2a:75:1a:15: 33:80:c7:44:48:7c:51:03:f6:f8:7d:b2:f3:a0:09: f4:25:f2:b3:fa:5b:68:1e:0f:2d:ac:60:cb:84:7a: 82:84:2f:a5:66:03:e5:25:5e:e6:fe:c3:0f:e6:8f: b8:a2:ef:e1:5d:29:77:e6:cb:50:82:d0:9d:04:74: ec:5d:d2:6d:6a:dd:ce:86:64:aa:0a:6b:c5:23:91: c2:d8:dc:d3:47:0a:71:e5:0c:e7:cd:20:b1:57:73: d4:33:29:b6:50:cb:a4:10:3f:ca:28:d1:01:b2:4e: 03:35:6b:9e:54:cd:0e:3b:7b:5f:f2:8a:90:22:43: 16:62:3a:0a:2f:c8:65:4a:e7:bf:27:90:07:c4:c2: 19:19:2e:4f:15:ce:b3:20:20:86:68:60:c2:8e:38: 9a:a0:2e:16:4c:ea:b0:35:6c:7b:e4:6a:db:4c:22: 82:f5:b2:c0:be:79:69:5a:93:00:0b:15:e8:98:62: 9b:bd:ff:1d:13:f5:b9:b4:f3:0c:06:5e:e8:3d:88: a1:9a:a9:b5:92:03:c0:25:56:7e:19:81:bb:0e:de: f5:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:A4:51:B6:4F:D6:FB:4B:9E:53:04:93:87:31:C8:00:A4:39:60:89 X509v3 Authority Key Identifier: keyid:E2:CB:96:F3:B0:5A:63:E9:E5:47:96:52:6E:CC:E9:4A:35:91:E5:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4suW87BaY-nlR5ZSbszpSjWR5fw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B74/AF64E5103BAA11F09642821CC4F9AE02/4suW87BaY-nlR5ZSbszpSjWR5fw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:a9:e9:9d:6c:9e:e3:b8:e9:07:79:ee:06:5a:73:79:21:a3: ad:5c:08:4f:ac:83:7d:ac:fc:61:bd:22:58:3f:73:34:1d:31: 3c:dd:4f:6c:b7:98:c9:a1:a7:3b:86:6a:9e:0b:6e:fd:ba:eb: 4d:b5:0f:17:05:b2:67:c8:19:d6:46:a0:bf:a5:6f:b5:41:57: 70:7d:06:35:64:f1:98:68:a4:66:16:5f:3c:d5:9f:9c:24:16: 37:34:28:1f:01:60:07:bf:2f:4b:31:82:4d:6d:31:dd:f4:ff: 99:ad:3c:51:0b:a3:14:0f:f1:f1:63:43:7b:1f:ff:2d:c7:5e: 9d:03:c6:8d:4f:d4:81:bb:9b:13:48:eb:08:0f:95:e8:db:48: 00:4c:b8:ab:9b:49:58:15:45:e0:cc:cc:5f:5d:b3:b3:06:f4: 45:6e:5d:6a:86:9b:08:6f:c7:bf:d6:74:aa:4a:c9:98:12:4a: e6:8d:3a:fd:6b:d0:ef:b9:c9:3d:34:68:fa:6c:a4:4c:37:ca: d3:10:f2:19:9b:d1:8a:39:f1:67:a5:3d:45:08:7f:9e:1b:be: 52:85:e5:41:37:e7:84:20:63:44:93:86:d4:57:c7:68:aa:03: 26:79:a4:25:5f:c0:cd:2d:e4:fa:c2:55:1c:3e:48:5b:9c:58: c9:d9:a1:08 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0I3NDExMC8GA1UEBRMoRTJDQjk2RjNCMDVBNjNFOUU1NDc5NjUyNkVDQ0U5NEEz NTkxRTVGQzAeFw0yNTA4MjUwODEyMTFaFw0yNTA5MDEwODEyMTFaMBgxFjAUBgNV BAMTDTY4YWMxYWRiLThiMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZGNBUYLj5G1p/4PKiv7zabgAX7kbLFNc63Tx468OUCTYvFN+illUtKnUaFTOA x0RIfFED9vh9svOgCfQl8rP6W2geDy2sYMuEeoKEL6VmA+UlXub+ww/mj7ii7+Fd KXfmy1CC0J0EdOxd0m1q3c6GZKoKa8UjkcLY3NNHCnHlDOfNILFXc9QzKbZQy6QQ P8oo0QGyTgM1a55UzQ47e1/yipAiQxZiOgovyGVK578nkAfEwhkZLk8VzrMgIIZo YMKOOJqgLhZM6rA1bHvkattMIoL1ssC+eWlakwALFeiYYpu9/x0T9bm08wwGXug9 iKGaqbWSA8AlVn4ZgbsO3vVnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGqRRtk/W +0ueUwSThzHIAKQ5YIkwHwYDVR0jBBgwFoAU4suW87BaY+nlR5ZSbszpSjWR5fww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3Qjc0L0FGNjRFNTEwM0JB QTExRjA5NjQyODIxQ0M0RjlBRTAyLzRzdVc4N0JhWS1ubFI1WlNic3pwU2pXUjVm dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNHN1Vzg3QmFZLW5sUjVaU2JzenBTaldSNWZ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 Qjc0L0FGNjRFNTEwM0JBQTExRjA5NjQyODIxQ0M0RjlBRTAyLzRzdVc4N0JhWS1u bFI1WlNic3pwU2pXUjVmdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJup6Z1snuO46Qd57gZac3kho61cCE+sg32s/GG9Ilg/czQdMTzdT2y3 mMmhpzuGap4Lbv266021DxcFsmfIGdZGoL+lb7VBV3B9BjVk8ZhopGYWXzzVn5wk Fjc0KB8BYAe/L0sxgk1tMd30/5mtPFELoxQP8fFjQ3sf/y3HXp0Dxo1P1IG7mxNI 6wgPlejbSABMuKubSVgVReDMzF9ds7MG9EVuXWqGmwhvx7/WdKpKyZgSSuaNOv1r 0O+5yT00aPpspEw3ytMQ8hmb0Yo58WelPUUIf54bvlKF5UE354QgY0SThtRXx2iq AyZ5pCVfwM0t5PrCVRw+SFucWMnZoQg= -----END CERTIFICATE-----Generated at Mon Aug 25 23:17:09 2025 by rpki-client