$ rpki-client -vvf rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft File: cnOFPaBj78uOxUSwMg1acHuUwIk.mft (raw, json) Hash identifier: Z7J1bhGPzCDfyuUr4HaX/cLLoc1X58AIOZ2/4cpvzQY= Subject key identifier: DF:C6:CE:0A:51:89:09:BC:D7:0C:94:3D:F3:4A:F4:B1:46:83:C5:D4 Authority key identifier: 72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 Certificate issuer: /CN=A9163824/serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Certificate serial: 0744 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft Manifest number: 2D59 Signing time: Wed 20 Aug 2025 15:45:02 +0000 Manifest this update: Wed 20 Aug 2025 15:45:01 +0000 Manifest next update: Wed 27 Aug 2025 15:45:01 +0000 Files and hashes: 1: cnOFPaBj78uOxUSwMg1acHuUwIk.crl (hash: r+VfHl6wkEGe9zrITztpiwpZnRueEHQTt024aSwaI78=) 2: 4BB610C2E16511EC8EDF6621C4F9AE02.roa (hash: ekyxreCpgMcKP34usIZn12GGqR3mbNPPXZzJX4hQpac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 15:45:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1860 (0x744) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163824, serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Validity Not Before: Aug 20 15:45:01 2025 GMT Not After : Aug 27 15:45:01 2025 GMT Subject: CN=68a5ed7e-aa1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bc:1c:5d:5e:1f:58:ef:9b:27:d1:7b:cb:d8: e1:5a:6f:75:ed:a0:91:82:e6:ef:36:6e:c4:f5:d3: 5a:db:e2:58:83:01:5e:3f:a9:03:d9:e9:13:98:41: 68:af:0a:c3:2f:32:92:bb:e2:7a:92:52:f0:62:5b: ce:60:5c:39:18:44:34:4c:65:f8:69:74:87:74:15: 58:de:3d:12:db:1e:51:73:72:6a:ee:08:63:9a:20: 7a:e9:98:3b:7c:56:7e:21:be:bf:d7:19:13:c6:3f: be:41:52:d1:a7:5d:cc:e3:a1:02:fa:6c:a9:1f:8a: 16:b8:55:b7:1e:06:7e:1e:55:11:29:53:b0:9c:24: 81:21:44:b7:c8:2e:06:3d:ff:cc:f4:ab:09:ee:68: 97:07:b1:31:23:3a:7e:5d:4b:45:e1:28:3f:6f:47: 96:c9:30:7b:b8:53:de:24:02:7a:2e:62:47:e7:a8: 3a:08:ff:86:7e:06:5f:bf:21:9f:4e:65:37:f1:b4: d5:bf:05:05:16:ff:6b:bb:b2:4e:86:55:3a:32:23: 06:98:7c:28:22:ad:08:da:31:cb:11:64:47:3c:1b: ae:90:c9:2e:dc:10:d0:a8:45:12:77:6d:9c:f3:16: 25:01:cb:82:d6:24:4d:69:fb:27:f4:81:9c:c0:3b: 32:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C6:CE:0A:51:89:09:BC:D7:0C:94:3D:F3:4A:F4:B1:46:83:C5:D4 X509v3 Authority Key Identifier: keyid:72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:ef:89:6e:d9:a7:6a:74:3a:8c:12:4b:61:1a:80:4a:95:73: da:ba:8b:44:a4:44:ff:de:14:0c:2e:02:d2:30:31:88:61:b3: b9:2d:6b:99:e9:8d:d5:6b:f0:ed:f1:f0:ef:66:e6:7e:6f:01: c9:ef:dd:f0:da:a4:c3:89:b3:b9:b1:a0:ce:17:1f:87:d8:23: 46:b2:57:ee:04:61:b0:d6:87:6d:62:7c:95:a7:b4:74:02:04: c2:12:94:02:0a:d3:f6:1b:b9:f1:d4:fa:f2:84:7e:55:92:df: f0:eb:bc:87:81:1f:ea:fe:1e:94:2f:d9:99:12:62:87:5e:48: 06:8a:9e:ce:1c:af:28:47:36:9f:fd:19:91:86:9f:45:d0:0d: 11:c9:a7:e3:e5:c1:8c:a2:6b:1a:05:60:70:38:82:cc:7f:75: 3d:3d:4e:76:48:cf:9e:7e:3a:45:f4:4d:ac:64:9a:9a:a7:de: 23:4f:2a:c9:3a:b6:bb:12:f8:38:5c:64:dc:c1:10:9d:30:24: 25:58:96:d9:79:85:2a:9e:5e:8e:62:71:df:1e:51:71:ca:2b: 2d:0f:a6:0e:14:e8:c1:ca:43:7c:ae:7e:cc:83:1f:90:2a:dd: 49:72:90:b6:73:3c:5f:55:dc:14:ab:38:54:2c:04:41:13:15: d9:3b:e8:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4MjQxMTAvBgNVBAUTKDcyNzM4NTNEQTA2M0VGQ0I4RUM1NDRCMDMyMEQ1QTcw N0I5NEMwODkwHhcNMjUwODIwMTU0NTAxWhcNMjUwODI3MTU0NTAxWjAYMRYwFAYD VQQDEw02OGE1ZWQ3ZS1hYTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7wcXV4fWO+bJ9F7y9jhWm917aCRgubvNm7E9dNa2+JYgwFeP6kD2ekTmEFo rwrDLzKSu+J6klLwYlvOYFw5GEQ0TGX4aXSHdBVY3j0S2x5Rc3Jq7ghjmiB66Zg7 fFZ+Ib6/1xkTxj++QVLRp13M46EC+mypH4oWuFW3HgZ+HlURKVOwnCSBIUS3yC4G Pf/M9KsJ7miXB7ExIzp+XUtF4Sg/b0eWyTB7uFPeJAJ6LmJH56g6CP+GfgZfvyGf TmU38bTVvwUFFv9ru7JOhlU6MiMGmHwoIq0I2jHLEWRHPBuukMku3BDQqEUSd22c 8xYlAcuC1iRNafsn9IGcwDsyPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/GzgpR iQm81wyUPfNK9LFGg8XUMB8GA1UdIwQYMBaAFHJzhT2gY+/LjsVEsDINWnB7lMCJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzgyNC9CQTBFRkU1MkZE MjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4dU94VVN3TWcxYWNIdVV3 SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuT0ZQYUJqNzh1T3hVU3dNZzFhY0h1VXdJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzgyNC9CQTBFRkU1MkZEMjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4 dU94VVN3TWcxYWNIdVV3SWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH74lu2adqdDqMEkthGoBKlXPauotEpET/3hQMLgLSMDGIYbO5LWuZ 6Y3Va/Dt8fDvZuZ+bwHJ793w2qTDibO5saDOFx+H2CNGslfuBGGw1odtYnyVp7R0 AgTCEpQCCtP2G7nx1PryhH5Vkt/w67yHgR/q/h6UL9mZEmKHXkgGip7OHK8oRzaf /RmRhp9F0A0Ryafj5cGMomsaBWBwOILMf3U9PU52SM+efjpF9E2sZJqap94jTyrJ Ora7Evg4XGTcwRCdMCQlWJbZeYUqnl6OYnHfHlFxyistD6YOFOjBykN8rn7Mgx+Q Kt1JcpC2czxfVdwUqzhULARBExXZO+j8 -----END CERTIFICATE-----Generated at Fri Aug 22 16:30:39 2025 by rpki-client