$ rpki-client -vvf rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.mft File: zES2e9GPRfbhN63kcxM1pVGmYSc.mft (raw, json) Hash identifier: J0TgblU26sAwPz+FY9wvroo4Yi/gLePCXKirMAbzqgg= Subject key identifier: 72:A5:7E:EF:0F:A4:CD:2F:98:BE:B9:C3:35:1D:47:06:CD:6A:88:A4 Authority key identifier: CC:44:B6:7B:D1:8F:45:F6:E1:37:AD:E4:73:13:35:A5:51:A6:61:27 Certificate issuer: /CN=A916523A/serialNumber=CC44B67BD18F45F6E137ADE4731335A551A66127 Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zES2e9GPRfbhN63kcxM1pVGmYSc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.mft Manifest number: 22 Signing time: Thu 21 Aug 2025 08:03:48 +0000 Manifest this update: Thu 21 Aug 2025 08:03:48 +0000 Manifest next update: Thu 28 Aug 2025 08:03:48 +0000 Files and hashes: 1: zES2e9GPRfbhN63kcxM1pVGmYSc.crl (hash: GICysC0QO5RLop/xCh8uTE8DgevQkT6t1hxyeJpQiOg=) 2: 469F3FE44CDF11F08D2EFF16C4F9AE02.roa (hash: V/fASBu8lY37YHb4lDAmyOYyJCBMY5CbifIBgISs7Nk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.crl rsync://rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zES2e9GPRfbhN63kcxM1pVGmYSc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 08:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916523A, serialNumber=CC44B67BD18F45F6E137ADE4731335A551A66127 Validity Not Before: Aug 21 08:03:48 2025 GMT Not After : Aug 28 08:03:48 2025 GMT Subject: CN=68a6d2e4-227e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:79:48:d9:f9:ae:5b:19:d2:bf:c4:62:8d:1a: 9a:16:a4:1d:a0:7c:d6:27:f0:06:3b:00:23:60:03: e8:58:86:17:01:91:d0:8d:7e:0a:d2:91:e7:cc:c5: 96:f4:87:a2:59:3e:85:83:12:f0:ba:71:d6:76:66: 66:a7:02:0e:04:7e:3a:76:7e:84:85:80:f3:21:dc: d8:41:e3:91:8f:91:e4:d7:6f:8c:53:a5:2c:0f:9e: 6c:f4:8a:ae:5e:c6:40:f7:ce:39:a0:0d:67:3c:a3: f6:5d:38:f4:cd:da:4c:44:4a:b3:fc:74:91:db:7b: f5:52:4e:8c:6f:6e:6a:de:1a:90:9b:2d:9e:ec:dd: e8:93:1c:d5:95:ef:ba:e4:69:dd:1b:00:5b:72:f3: 1d:08:01:3f:5f:0b:38:e2:df:ff:55:6e:75:32:53: 0f:9b:75:c5:df:29:6d:ec:5e:78:46:ad:d6:45:19: 9c:a4:bb:69:05:55:3b:b3:6b:49:b3:26:d1:73:d6: 8a:22:b1:d8:18:f1:d2:5b:64:f1:44:64:fe:71:54: fd:19:55:78:62:74:41:f3:05:64:a2:05:85:47:16: 53:4c:dc:3a:7d:c3:d1:35:34:de:2a:a9:a1:18:16: f1:9e:ef:d5:a0:24:12:5e:9c:ae:e4:e9:4b:da:10: 68:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A5:7E:EF:0F:A4:CD:2F:98:BE:B9:C3:35:1D:47:06:CD:6A:88:A4 X509v3 Authority Key Identifier: keyid:CC:44:B6:7B:D1:8F:45:F6:E1:37:AD:E4:73:13:35:A5:51:A6:61:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zES2e9GPRfbhN63kcxM1pVGmYSc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916523A/E75B878C4CDD11F0BFA08F80C4F9AE02/zES2e9GPRfbhN63kcxM1pVGmYSc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:01:21:a2:11:22:f4:b4:fd:fb:64:62:00:96:32:bc:b5:f3: f8:f5:7f:04:ae:7c:49:da:95:ea:fa:df:ac:92:67:f6:17:1a: b8:c1:17:0c:20:e3:13:42:d7:d4:74:b9:4f:11:81:ab:b6:2b: 91:86:52:ae:e3:38:77:bd:a8:f8:cf:26:d4:89:72:88:24:17: 72:35:25:98:f0:49:c6:d6:e6:e4:5b:d2:ad:6e:ad:91:d7:6f: db:bf:27:a9:6f:7b:a0:19:19:fe:13:99:62:bd:c5:82:30:72: 06:32:6a:e4:96:24:ec:aa:b1:0a:8e:77:3f:84:a8:71:9b:15: cf:e5:cf:e5:39:4b:3c:41:82:52:ee:7b:91:c5:8f:34:9a:63: e5:8d:96:de:1f:e5:98:81:7a:2c:60:b6:10:b8:e5:9d:5e:90: 99:9d:35:51:e4:d5:a9:75:7b:a8:98:9c:b6:fe:76:63:c1:86: 4c:56:7b:37:d9:26:ee:61:ba:d7:e0:37:fe:74:d8:f7:a9:6c: fe:57:8d:49:a9:2b:9d:65:21:0c:b9:be:b7:18:30:3e:e7:23: 84:3e:e3:1a:d7:af:fe:3f:82:49:04:3b:92:3b:2b:35:cb:8b: bd:ed:6e:31:57:56:dd:a0:8a:ff:01:c3:b1:ca:4a:56:18:e5: 17:89:94:ff -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NTIzQTExMC8GA1UEBRMoQ0M0NEI2N0JEMThGNDVGNkUxMzdBREU0NzMxMzM1QTU1 MUE2NjEyNzAeFw0yNTA4MjEwODAzNDhaFw0yNTA4MjgwODAzNDhaMBgxFjAUBgNV BAMTDTY4YTZkMmU0LTIyN2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCreUjZ+a5bGdK/xGKNGpoWpB2gfNYn8AY7ACNgA+hYhhcBkdCNfgrSkefMxZb0 h6JZPoWDEvC6cdZ2ZmanAg4Efjp2foSFgPMh3NhB45GPkeTXb4xTpSwPnmz0iq5e xkD3zjmgDWc8o/ZdOPTN2kxESrP8dJHbe/VSToxvbmreGpCbLZ7s3eiTHNWV77rk ad0bAFty8x0IAT9fCzji3/9VbnUyUw+bdcXfKW3sXnhGrdZFGZyku2kFVTuza0mz JtFz1ooisdgY8dJbZPFEZP5xVP0ZVXhidEHzBWSiBYVHFlNM3Dp9w9E1NN4qqaEY FvGe79WgJBJenK7k6UvaEGjzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUcqV+7w+k zS+YvrnDNR1HBs1qiKQwHwYDVR0jBBgwFoAUzES2e9GPRfbhN63kcxM1pVGmYScw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1MjNBL0U3NUI4NzhDNENE RDExRjBCRkEwOEY4MEM0RjlBRTAyL3pFUzJlOUdQUmZiaE42M2tjeE0xcFZHbVlT Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvekVTMmU5R1BSZmJoTjYza2N4TTFwVkdtWVNjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1 MjNBL0U3NUI4NzhDNENERDExRjBCRkEwOEY4MEM0RjlBRTAyL3pFUzJlOUdQUmZi aE42M2tjeE0xcFZHbVlTYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALIBIaIRIvS0/ftkYgCWMry18/j1fwSufEnaler636ySZ/YXGrjBFwwg 4xNC19R0uU8Rgau2K5GGUq7jOHe9qPjPJtSJcogkF3I1JZjwScbW5uRb0q1urZHX b9u/J6lve6AZGf4TmWK9xYIwcgYyauSWJOyqsQqOdz+EqHGbFc/lz+U5SzxBglLu e5HFjzSaY+WNlt4f5ZiBeixgthC45Z1ekJmdNVHk1al1e6iYnLb+dmPBhkxWezfZ Ju5hutfgN/502PepbP5XjUmpK51lIQy5vrcYMD7nI4Q+4xrXr/4/gkkEO5I7KzXL i73tbjFXVt2giv8Bw7HKSlYY5ReJlP8= -----END CERTIFICATE-----Generated at Fri Aug 22 16:27:45 2025 by rpki-client