$ rpki-client -vvf rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft File: ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft (raw, json) Hash identifier: LaFRwzBbh5JHI7ib9q1Ka4ioij2Trx5beyiw/toZPXQ= Subject key identifier: 70:11:69:FB:14:8A:BB:4E:6F:F2:25:93:85:96:6D:A4:4B:29:78:01 Authority key identifier: 72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 Certificate issuer: /CN=A9161477/serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Certificate serial: 67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft Manifest number: 65 Signing time: Fri 05 Sep 2025 07:30:57 +0000 Manifest this update: Fri 05 Sep 2025 07:30:56 +0000 Manifest next update: Fri 12 Sep 2025 07:30:56 +0000 Files and hashes: 1: ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl (hash: tS7GHRV/tONNRGB+1arS1SW3U5CZjHHHiIeAkpskk/Q=) 2: CAB73E3AF3FC11EF83B4DD30C4F9AE02.roa (hash: BR0iac6RCibng8iXx5EGv9yUT7uect2xiyJYOcbA9Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 07:30:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 103 (0x67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161477, serialNumber=7241E8F038B9F252FB61CA41B6A4FC167B775526 Validity Not Before: Sep 5 07:30:56 2025 GMT Not After : Sep 12 07:30:56 2025 GMT Subject: CN=68ba91b0-5826 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:32:2e:4b:55:d5:fe:80:da:26:fa:38:76:83: 55:a1:cc:9b:91:96:0d:62:44:56:20:0c:87:e1:fc: 00:bd:77:5a:0a:40:b8:f4:bb:2f:bc:fb:ff:a7:58: 22:30:dc:61:1e:f6:9d:d3:d4:77:cd:b1:0e:17:03: 4f:1d:3c:b4:78:f7:9e:8c:51:d7:a2:a9:1e:95:3e: d7:83:fb:b4:89:9a:f9:1a:9c:a3:48:28:ee:19:88: a6:2f:3d:d6:94:55:01:9f:2d:2f:94:fc:4a:c4:7e: fd:26:c1:69:c4:ae:cc:d3:a9:24:75:10:7e:46:88: ba:29:15:a3:be:cc:ac:6a:95:7c:63:a0:4e:44:3b: 60:70:0d:db:05:43:b0:00:2a:e7:97:71:66:b6:df: 72:5d:bc:8e:97:c9:42:26:4e:da:cf:00:df:64:f2: f1:87:39:f7:a1:49:3e:d5:87:6f:d4:eb:01:63:98: 15:e4:fa:4e:c3:72:0b:e9:43:4a:9e:b7:8c:1b:50: 64:3d:e7:c1:e4:6a:58:87:b2:79:64:e1:3c:01:6e: c1:33:25:15:a1:ed:83:f6:7f:54:0d:2d:b7:fc:a8: 4e:18:53:9a:f7:b4:b8:f3:2a:f5:73:44:b9:fd:29: 69:11:11:31:c9:92:5b:00:98:6b:40:5d:83:31:a2: b3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:11:69:FB:14:8A:BB:4E:6F:F2:25:93:85:96:6D:A4:4B:29:78:01 X509v3 Authority Key Identifier: keyid:72:41:E8:F0:38:B9:F2:52:FB:61:CA:41:B6:A4:FC:16:7B:77:55:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ckHo8Di58lL7YcpBtqT8Fnt3VSY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161477/6B7035F8F3FC11EF99D53730C4F9AE02/ckHo8Di58lL7YcpBtqT8Fnt3VSY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:81:89:84:df:d3:43:74:f6:e2:0e:dc:aa:e1:4c:1c:69:62: b1:a1:83:63:2b:b1:e4:1b:6d:7c:c7:57:66:64:6f:f4:7e:3f: 12:e3:8d:bb:7f:41:e7:17:22:ea:7e:77:ef:c7:a8:01:78:96: f1:a1:0d:95:4c:f4:f1:b9:3b:00:4f:14:f7:76:4a:96:67:a1: 31:cd:7c:95:38:ee:72:63:73:fb:f5:30:ab:4b:a7:53:e4:da: 30:90:4c:df:f1:30:fe:e4:3b:8f:52:33:9c:68:9d:5e:cb:d1: 4d:86:8e:94:07:ba:d4:fa:70:86:39:a2:48:7d:46:8d:5d:38: 02:2e:ea:72:48:7a:84:93:94:a5:48:2a:1a:67:69:90:7b:0c: da:c3:c7:c1:b8:66:d0:37:b6:a2:86:81:db:bc:12:d0:e3:c2: 93:0f:7b:63:2f:53:83:fc:af:17:68:a7:a4:31:09:a8:dc:48: 42:1b:98:5b:1b:97:85:7f:00:19:87:59:26:56:b5:05:c6:09: 60:47:bf:d4:44:9b:ea:3d:cb:60:2b:3e:e3:2e:bb:85:6b:ae: 3d:22:47:c9:57:a3:19:f0:07:e4:17:69:18:e3:20:29:cd:59: 23:9b:66:b2:ce:0e:84:54:40:3c:47:d3:ec:31:42:6b:ba:85: 77:f2:1d:4f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MTQ3NzExMC8GA1UEBRMoNzI0MUU4RjAzOEI5RjI1MkZCNjFDQTQxQjZBNEZDMTY3 Qjc3NTUyNjAeFw0yNTA5MDUwNzMwNTZaFw0yNTA5MTIwNzMwNTZaMBgxFjAUBgNV BAMTDTY4YmE5MWIwLTU4MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+Mi5LVdX+gNom+jh2g1WhzJuRlg1iRFYgDIfh/AC9d1oKQLj0uy+8+/+nWCIw 3GEe9p3T1HfNsQ4XA08dPLR4956MUdeiqR6VPteD+7SJmvkanKNIKO4ZiKYvPdaU VQGfLS+U/ErEfv0mwWnErszTqSR1EH5GiLopFaO+zKxqlXxjoE5EO2BwDdsFQ7AA KueXcWa233JdvI6XyUImTtrPAN9k8vGHOfehST7Vh2/U6wFjmBXk+k7DcgvpQ0qe t4wbUGQ958HkaliHsnlk4TwBbsEzJRWh7YP2f1QNLbf8qE4YU5r3tLjzKvVzRLn9 KWkRETHJklsAmGtAXYMxorPNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUcBFp+xSK u05v8iWThZZtpEspeAEwHwYDVR0jBBgwFoAUckHo8Di58lL7YcpBtqT8Fnt3VSYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxNDc3LzZCNzAzNUY4RjNG QzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxMN1ljcEJ0cVQ4Rm50M1ZT WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY2tIbzhEaTU4bEw3WWNwQnRxVDhGbnQzVlNZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx NDc3LzZCNzAzNUY4RjNGQzExRUY5OUQ1MzczMEM0RjlBRTAyL2NrSG84RGk1OGxM N1ljcEJ0cVQ4Rm50M1ZTWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHOBiYTf00N09uIO3KrhTBxpYrGhg2MrseQbbXzHV2Zkb/R+PxLjjbt/ QecXIup+d+/HqAF4lvGhDZVM9PG5OwBPFPd2SpZnoTHNfJU47nJjc/v1MKtLp1Pk 2jCQTN/xMP7kO49SM5xonV7L0U2GjpQHutT6cIY5okh9Ro1dOAIu6nJIeoSTlKVI KhpnaZB7DNrDx8G4ZtA3tqKGgdu8EtDjwpMPe2MvU4P8rxdop6QxCajcSEIbmFsb l4V/ABmHWSZWtQXGCWBHv9REm+o9y2ArPuMuu4Vrrj0iR8lXoxnwB+QXaRjjICnN WSObZrLODoRUQDxH0+wxQmu6hXfyHU8= -----END CERTIFICATE-----Generated at Sat Sep 6 07:02:46 2025 by rpki-client