$ rpki-client -vvf rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft File: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft (raw, json) Hash identifier: jF+0Qj2Kct5Mjaa4e5piuA2F5FyxwqRv34zFPY9t3wY= Subject key identifier: 1C:C7:69:E7:8F:6D:0F:07:6B:E0:45:D8:36:16:B5:16:94:B6:6A:E4 Authority key identifier: D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 Certificate issuer: /CN=A9159ECD/serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Certificate serial: DF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft Manifest number: DD Signing time: Thu 04 Sep 2025 23:42:26 +0000 Manifest this update: Thu 04 Sep 2025 23:42:26 +0000 Manifest next update: Thu 11 Sep 2025 23:42:26 +0000 Files and hashes: 1: 2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl (hash: Oqmj6NTE7Y/oPtBKOAJ6WLCSvRB2GweLRPNAFxjgVus=) 2: 5A4723DA6F3C11EF8FD45F13C4F9AE02.roa (hash: kyChUBrK7l3YN4vwLMgx+ZZf43nxmdSV9d2PzrRyBN4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 23:42:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9159ECD, serialNumber=D95DA1171412300AB53B3E4870F2F441F06C8124 Validity Not Before: Sep 4 23:42:26 2025 GMT Not After : Sep 11 23:42:26 2025 GMT Subject: CN=68ba23e2-5572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:25:91:f9:e2:b1:7e:7a:57:be:aa:f5:f9:a6: 0c:9e:5c:67:be:02:5a:f7:c3:2f:8c:d7:b0:ce:2c: a9:e2:97:07:d7:64:00:2d:82:fc:72:ea:de:0d:6e: 0c:a1:94:70:19:eb:d6:a9:c2:5e:a6:4f:29:6e:33: 18:f8:f1:29:60:26:75:7a:51:fb:04:b4:fc:e2:7c: 8e:bd:bd:cf:f3:10:fd:12:00:3e:3d:00:29:2f:a7: cc:67:38:46:2e:d2:e4:f7:94:91:47:bc:1e:cc:dd: c8:af:92:bf:fc:80:aa:40:9e:fa:21:67:84:59:33: 85:52:65:d8:79:ce:71:2c:bc:6a:01:08:8d:f5:1b: 02:a3:f5:15:84:f8:97:b9:1d:3c:e1:e4:fa:2f:e9: 38:1c:d7:a8:90:55:a7:74:8d:2d:79:88:ac:97:e0: 40:0a:02:60:02:8b:04:c9:63:77:0b:82:df:6d:1f: 31:55:c5:61:02:a1:33:3b:f3:a4:ca:56:60:a9:97: 2b:65:a0:6d:cd:46:38:a7:c3:fa:6c:95:31:8b:c0: bc:2d:25:0d:20:fe:15:ff:3c:0d:a8:8d:c4:25:2f: f4:04:88:2b:e9:62:3e:6b:28:fa:01:a7:99:ed:5a: bb:53:db:af:aa:1a:04:5e:d3:46:70:6c:be:61:27: c6:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:C7:69:E7:8F:6D:0F:07:6B:E0:45:D8:36:16:B5:16:94:B6:6A:E4 X509v3 Authority Key Identifier: keyid:D9:5D:A1:17:14:12:30:0A:B5:3B:3E:48:70:F2:F4:41:F0:6C:81:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159ECD/EF6383E23D9F11EF99033768C4F9AE02/2V2hFxQSMAq1Oz5IcPL0QfBsgSQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:72:2c:84:a2:51:bc:aa:f3:32:c2:15:27:d4:bf:96:32:36: 1d:91:48:d0:e2:9e:42:ae:18:4c:69:64:e3:3d:b7:76:38:13: f1:27:f6:cb:31:83:b5:3c:8f:9f:66:ed:1d:e4:31:01:aa:cf: 03:18:a2:9b:dc:9d:c1:02:04:36:ec:fe:23:e0:32:b2:45:c3: a7:bb:09:bf:e2:2f:de:87:ad:56:03:eb:41:e0:48:3d:bc:20: 5f:80:e9:23:fd:5c:ce:6c:7f:dd:b0:40:33:4c:c4:68:26:b2: f1:af:fe:85:4b:78:9a:d6:ba:8a:eb:4c:c9:2c:da:e8:81:12: e9:e2:ce:d1:89:60:7f:46:06:7a:f6:08:ad:cd:f1:c1:f5:1c: 17:ee:ef:11:06:1f:0f:1d:09:e0:f1:1d:69:85:ce:d8:6b:84: eb:1b:9b:dd:1d:1b:93:49:20:da:03:d4:0a:af:ec:41:60:7c: 48:be:5c:a6:c8:a7:71:62:7a:6e:1e:a5:a9:dc:0e:a0:43:bd: 7e:11:80:5a:f0:47:10:69:90:2a:68:af:56:7e:a3:74:15:84: cf:12:55:ac:1f:3b:7d:4a:f1:f4:d2:c0:7a:19:2e:4a:c8:bd: eb:be:7d:16:aa:af:91:d5:11:07:06:1a:b9:dc:5d:b2:54:09: 8e:18:0f:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTlFQ0QxMTAvBgNVBAUTKEQ5NURBMTE3MTQxMjMwMEFCNTNCM0U0ODcwRjJGNDQx RjA2QzgxMjQwHhcNMjUwOTA0MjM0MjI2WhcNMjUwOTExMjM0MjI2WjAYMRYwFAYD VQQDEw02OGJhMjNlMi01NTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwyWR+eKxfnpXvqr1+aYMnlxnvgJa98MvjNewziyp4pcH12QALYL8cureDW4M oZRwGevWqcJepk8pbjMY+PEpYCZ1elH7BLT84nyOvb3P8xD9EgA+PQApL6fMZzhG LtLk95SRR7wezN3Ir5K//ICqQJ76IWeEWTOFUmXYec5xLLxqAQiN9RsCo/UVhPiX uR084eT6L+k4HNeokFWndI0teYisl+BACgJgAosEyWN3C4LfbR8xVcVhAqEzO/Ok ylZgqZcrZaBtzUY4p8P6bJUxi8C8LSUNIP4V/zwNqI3EJS/0BIgr6WI+ayj6AaeZ 7Vq7U9uvqhoEXtNGcGy+YSfGXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBzHaeeP bQ8Ha+BF2DYWtRaUtmrkMB8GA1UdIwQYMBaAFNldoRcUEjAKtTs+SHDy9EHwbIEk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUVDRC9FRjYzODNFMjNE OUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01BcTFPejVJY1BMMFFmQnNn U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJWMmhGeFFTTUFxMU96NUljUEwwUWZCc2dTUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OUVDRC9FRjYzODNFMjNEOUYxMUVGOTkwMzM3NjhDNEY5QUUwMi8yVjJoRnhRU01B cTFPejVJY1BMMFFmQnNnU1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPciyEolG8qvMywhUn1L+WMjYdkUjQ4p5CrhhMaWTjPbd2OBPxJ/bL MYO1PI+fZu0d5DEBqs8DGKKb3J3BAgQ27P4j4DKyRcOnuwm/4i/eh61WA+tB4Eg9 vCBfgOkj/VzObH/dsEAzTMRoJrLxr/6FS3ia1rqK60zJLNrogRLp4s7RiWB/RgZ6 9gitzfHB9RwX7u8RBh8PHQng8R1phc7Ya4TrG5vdHRuTSSDaA9QKr+xBYHxIvlym yKdxYnpuHqWp3A6gQ71+EYBa8EcQaZAqaK9WfqN0FYTPElWsHzt9SvH00sB6GS5K yL3rvn0Wqq+R1REHBhq53F2yVAmOGA9m -----END CERTIFICATE-----Generated at Sat Sep 6 21:09:03 2025 by rpki-client