$ rpki-client -vvf rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft File: AQMtnfw2KpWHQ-htPI0GEaatsFs.mft (raw, json) Hash identifier: wnMhZjeVcZQ5r1YQT/57w5WBIN8hf3NwfWjDR0iFX+8= Subject key identifier: BD:29:49:82:E6:E6:30:01:3B:E4:26:4C:72:89:90:1B:F9:3D:9C:B4 Authority key identifier: 01:03:2D:9D:FC:36:2A:95:87:43:E8:6D:3C:8D:06:11:A6:AD:B0:5B Certificate issuer: /CN=A9166E2B/serialNumber=01032D9DFC362A958743E86D3C8D0611A6ADB05B Certificate serial: 0C73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft Manifest number: 0C5B Signing time: Sat 06 Sep 2025 18:42:32 +0000 Manifest this update: Sat 06 Sep 2025 18:42:32 +0000 Manifest next update: Sat 13 Sep 2025 18:42:32 +0000 Files and hashes: 1: AQMtnfw2KpWHQ-htPI0GEaatsFs.crl (hash: WF491iTzIRufzfIE7vw2xUWdrr38AL4V/G+/aq2DcU8=) 2: 2D0509BC078511ED87041524C4F9AE02.roa (hash: OhD3vjT84Ykw6Uqb+DhKbwC3X7GSCVv4M4crx5/Gxaw=) 3: 20F1E6906B8C11F0A612561BC4F9AE02.roa (hash: sNHYoYiLZid3XR7DYoExAvwJFzWoz5zJp9zNVyLdkkQ=) 4: 2BA0624C078511ED87041524C4F9AE02.roa (hash: OgDpE/kLbNvrNHxmlaFE7wjr3tmLX0c3S1JS4qIXLMQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.crl rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 18:42:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3187 (0xc73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166E2B, serialNumber=01032D9DFC362A958743E86D3C8D0611A6ADB05B Validity Not Before: Sep 6 18:42:32 2025 GMT Not After : Sep 13 18:42:32 2025 GMT Subject: CN=68bc8098-7122 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d4:8d:b0:47:59:85:b7:8b:fe:99:43:85:78: c0:2d:e4:54:df:5a:e5:eb:87:50:5b:aa:29:01:eb: 8a:e6:47:68:6c:3d:f0:a7:e5:75:2c:d4:24:2f:30: 7c:c5:8c:b9:8f:40:e0:77:48:7c:7f:52:01:2a:ee: 81:b3:bb:fe:b5:3b:cf:5e:7d:93:48:ea:68:99:14: 9c:1d:c2:48:cb:36:76:ec:d0:88:fa:32:b5:ed:5a: b7:28:a5:ff:41:27:ac:03:67:5c:99:c2:20:bd:ab: 77:0f:08:a7:a1:0e:92:b9:0f:f0:52:2e:56:be:85: d5:f2:2d:d0:c0:fb:91:bd:ee:1f:66:98:14:2b:b0: 18:c4:c2:c5:63:07:3d:d2:93:2b:17:49:42:80:b2: 33:f0:17:df:a6:6a:4b:7a:ae:c6:48:93:40:7e:c1: 15:f5:7c:f3:f2:e3:61:13:33:1e:0d:eb:71:31:99: 18:83:1f:e0:f1:41:03:ce:5f:57:cf:93:4c:b2:a6: 51:1a:cb:7b:b5:08:51:91:f2:1d:78:8f:4b:c7:44: b1:68:76:c9:a8:a3:84:80:5b:53:8a:fe:fb:0a:20: 73:7d:44:f0:70:c9:b7:a6:e9:2c:55:5c:bb:84:f9: 14:18:23:8c:fe:4e:3c:c7:57:99:61:a7:3e:0a:9e: 24:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:29:49:82:E6:E6:30:01:3B:E4:26:4C:72:89:90:1B:F9:3D:9C:B4 X509v3 Authority Key Identifier: keyid:01:03:2D:9D:FC:36:2A:95:87:43:E8:6D:3C:8D:06:11:A6:AD:B0:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AQMtnfw2KpWHQ-htPI0GEaatsFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166E2B/27E7CAA60C2D11EAB029DB53C4F9AE02/AQMtnfw2KpWHQ-htPI0GEaatsFs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:d5:c3:e6:c5:63:7a:c9:b2:19:01:9f:19:35:e5:78:6d:ea: 26:48:b8:37:f0:c6:39:00:b6:89:2c:5f:6e:23:de:ee:fa:10: 42:e1:4a:ac:01:3c:a1:37:50:3c:25:79:19:0d:d3:75:bf:bd: 43:38:a9:97:8c:29:c8:f4:c3:40:9b:e9:b3:7e:45:ed:bf:61: c3:51:fe:c6:b5:1a:91:67:e0:93:98:ba:0d:81:4e:ab:50:c6: d0:2c:e2:46:08:61:bb:0f:92:b1:fc:5e:86:a5:db:d1:ef:cd: df:be:1b:bc:25:b7:d1:d4:79:d0:c7:0b:2c:53:2f:30:a8:1e: c4:07:d6:ac:1b:a2:5d:90:2a:61:73:49:b9:be:53:42:9d:5d: d4:e0:0e:86:97:d7:34:90:ae:b8:0c:29:ae:4a:05:2f:dc:5c: 93:d3:d8:d8:a8:6d:39:9a:64:a7:a8:2d:4d:a6:f8:08:80:89: 9b:6d:43:fe:80:51:ea:dc:62:e9:9f:c3:57:d1:18:35:51:4a: d7:f0:f2:7f:1e:cb:01:1b:60:46:cc:0e:ab:45:80:85:99:9a: 85:76:ee:1d:0d:71:91:f2:fd:69:08:5c:02:06:c2:18:46:04: 42:30:b2:81:76:be:ad:f3:f8:aa:ea:b6:11:d0:0d:f1:54:8f: f1:73:f0:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZFMkIxMTAvBgNVBAUTKDAxMDMyRDlERkMzNjJBOTU4NzQzRTg2RDNDOEQwNjEx QTZBREIwNUIwHhcNMjUwOTA2MTg0MjMyWhcNMjUwOTEzMTg0MjMyWjAYMRYwFAYD VQQDEw02OGJjODA5OC03MTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy9SNsEdZhbeL/plDhXjALeRU31rl64dQW6opAeuK5kdobD3wp+V1LNQkLzB8 xYy5j0Dgd0h8f1IBKu6Bs7v+tTvPXn2TSOpomRScHcJIyzZ27NCI+jK17Vq3KKX/ QSesA2dcmcIgvat3DwinoQ6SuQ/wUi5WvoXV8i3QwPuRve4fZpgUK7AYxMLFYwc9 0pMrF0lCgLIz8BffpmpLeq7GSJNAfsEV9Xzz8uNhEzMeDetxMZkYgx/g8UEDzl9X z5NMsqZRGst7tQhRkfIdeI9Lx0SxaHbJqKOEgFtTiv77CiBzfUTwcMm3puksVVy7 hPkUGCOM/k48x1eZYac+Cp4k7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL0pSYLm 5jABO+QmTHKJkBv5PZy0MB8GA1UdIwQYMBaAFAEDLZ38NiqVh0PobTyNBhGmrbBb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkUyQi8yN0U3Q0FBNjBD MkQxMUVBQjAyOURCNTNDNEY5QUUwMi9BUU10bmZ3MktwV0hRLWh0UEkwR0VhYXRz RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FRTXRuZncyS3BXSFEtaHRQSTBHRWFhdHNGcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkUyQi8yN0U3Q0FBNjBDMkQxMUVBQjAyOURCNTNDNEY5QUUwMi9BUU10bmZ3Mktw V0hRLWh0UEkwR0VhYXRzRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA51cPmxWN6ybIZAZ8ZNeV4beomSLg38MY5ALaJLF9uI97u+hBC4Uqs ATyhN1A8JXkZDdN1v71DOKmXjCnI9MNAm+mzfkXtv2HDUf7GtRqRZ+CTmLoNgU6r UMbQLOJGCGG7D5Kx/F6GpdvR783fvhu8JbfR1HnQxwssUy8wqB7EB9asG6JdkCph c0m5vlNCnV3U4A6Gl9c0kK64DCmuSgUv3FyT09jYqG05mmSnqC1NpvgIgImbbUP+ gFHq3GLpn8NX0Rg1UUrX8PJ/HssBG2BGzA6rRYCFmZqFdu4dDXGR8v1pCFwCBsIY RgRCMLKBdr6t8/iq6rYR0A3xVI/xc/BS -----END CERTIFICATE-----Generated at Mon Sep 8 10:27:56 2025 by rpki-client