$ rpki-client -vvf rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft File: DGhYIowwF0gr3H85geiYuVbaoCk.mft (raw, json) Hash identifier: +jI3/jQWAKhsakxPDY39CgIHsIWJaV0DQFNKIycdJMo= Subject key identifier: D4:09:68:FC:8A:E1:01:36:A8:9E:F1:BD:B0:CE:E3:AE:AB:26:7C:F7 Authority key identifier: 0C:68:58:22:8C:30:17:48:2B:DC:7F:39:81:E8:98:B9:56:DA:A0:29 Certificate issuer: /CN=A9170975/serialNumber=0C6858228C3017482BDC7F3981E898B956DAA029 Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft Manifest number: 2D Signing time: Tue 19 Aug 2025 08:12:56 +0000 Manifest this update: Tue 19 Aug 2025 08:12:56 +0000 Manifest next update: Tue 26 Aug 2025 08:12:56 +0000 Files and hashes: 1: DGhYIowwF0gr3H85geiYuVbaoCk.crl (hash: SagwiIW0v2VcgWJx/Qzo7x8CRQsTaI+HDrBSAxZSFMc=) 2: B12A39803A2A11F09E37DB48C4F9AE02.roa (hash: k8LJciNO3nbjiZjsCJ8G57U38keqVi40DfjRW/V+QTI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.crl rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 08:12:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170975, serialNumber=0C6858228C3017482BDC7F3981E898B956DAA029 Validity Not Before: Aug 19 08:12:56 2025 GMT Not After : Aug 26 08:12:56 2025 GMT Subject: CN=68a43208-4e36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e2:74:e8:9d:0a:05:d4:f1:25:85:b1:81:4a: 73:8a:44:82:ab:40:df:99:0b:3e:25:e7:d9:7a:09: 0d:98:6d:09:74:31:fc:b0:70:23:57:a8:64:a0:e6: 93:b9:dd:c1:b5:2a:9c:46:30:4e:ab:b6:21:aa:50: a3:1a:08:a1:a9:4d:bb:cb:ed:06:1b:2f:62:d9:73: 27:b9:e8:a5:4c:e4:96:20:7a:61:5c:05:34:a5:cf: 01:76:e1:0a:36:d1:1d:ce:1f:f2:18:81:06:66:e1: ad:e3:ac:91:65:88:5e:28:17:3b:5d:9f:ad:83:c1: c3:7d:3a:db:b8:77:1f:74:26:62:13:af:c8:a9:bc: 7d:e1:ed:85:40:9e:0d:37:81:ab:14:50:ce:ce:33: 7d:ba:2e:83:ba:c3:62:55:f2:11:d1:4b:f1:b4:9b: fc:59:3e:9a:23:27:cc:0f:a3:49:6a:6f:ef:be:8f: 02:61:66:7b:07:2b:94:da:fe:32:e6:6a:54:81:66: a6:f7:01:d5:a3:12:ba:87:ad:2f:5a:9b:80:d3:4d: 20:b9:e9:0f:35:52:2a:70:08:d7:a4:3d:98:a0:81: 8d:44:27:38:26:a0:c2:3d:9f:86:47:ce:96:6f:b9: ef:fe:cb:17:5a:3f:0e:70:4a:32:67:33:68:a8:60: 9d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:09:68:FC:8A:E1:01:36:A8:9E:F1:BD:B0:CE:E3:AE:AB:26:7C:F7 X509v3 Authority Key Identifier: keyid:0C:68:58:22:8C:30:17:48:2B:DC:7F:39:81:E8:98:B9:56:DA:A0:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:46:a9:dc:b4:ed:bb:7e:f7:49:66:7a:e5:b6:51:f1:b4:33: 86:80:3c:45:fc:4e:60:1c:09:12:61:ff:20:19:06:4d:d3:3e: 6a:55:94:0c:8d:18:bb:91:cf:12:f6:c4:b0:bd:14:e6:63:b5: f2:a5:c4:c4:a6:25:f9:45:9d:fc:b2:18:6c:38:5e:29:ea:59: 2d:1a:22:3a:3a:27:16:64:93:09:37:47:bb:32:a1:17:af:d6: d4:9e:27:e2:bb:77:cc:54:36:ec:3f:0c:fa:46:62:40:a9:eb: 15:a2:69:0e:c3:1b:49:de:c2:ff:6e:62:d1:e2:0f:b4:95:a4: 92:70:d5:c9:df:c9:02:23:3b:b6:f3:6a:8f:46:94:5c:dc:00: 0c:2f:63:5e:17:b1:63:db:6b:3b:fa:4d:a5:c1:ce:0b:2a:d8: 14:c4:4e:10:ee:4e:f8:9b:78:e6:fd:10:03:ce:bf:a4:37:c5: 29:d8:eb:2e:a0:7c:9c:11:8d:0d:7f:4e:3e:fd:9a:61:66:5b: 77:85:0f:0c:ad:22:20:9a:b9:29:97:7b:02:8b:19:26:f8:9f: b2:42:b2:af:da:1e:46:45:5d:e8:70:6c:3d:d9:e1:e6:8d:1a: 7a:a2:aa:46:19:78:09:85:31:d6:51:eb:a8:a0:6f:49:de:e2: 46:4e:03:1b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MDk3NTExMC8GA1UEBRMoMEM2ODU4MjI4QzMwMTc0ODJCREM3RjM5ODFFODk4Qjk1 NkRBQTAyOTAeFw0yNTA4MTkwODEyNTZaFw0yNTA4MjYwODEyNTZaMBgxFjAUBgNV BAMTDTY4YTQzMjA4LTRlMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDU4nTonQoF1PElhbGBSnOKRIKrQN+ZCz4l59l6CQ2YbQl0MfywcCNXqGSg5pO5 3cG1KpxGME6rtiGqUKMaCKGpTbvL7QYbL2LZcye56KVM5JYgemFcBTSlzwF24Qo2 0R3OH/IYgQZm4a3jrJFliF4oFztdn62DwcN9Otu4dx90JmITr8ipvH3h7YVAng03 gasUUM7OM326LoO6w2JV8hHRS/G0m/xZPpojJ8wPo0lqb+++jwJhZnsHK5Ta/jLm alSBZqb3AdWjErqHrS9am4DTTSC56Q81UipwCNekPZiggY1EJzgmoMI9n4ZHzpZv ue/+yxdaPw5wSjJnM2ioYJ3tAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1Alo/Irh ATaonvG9sM7jrqsmfPcwHwYDVR0jBBgwFoAUDGhYIowwF0gr3H85geiYuVbaoCkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwOTc1LzY3QzdBNDJBM0Ey NjExRjBCQ0NGNUUxRkM0RjlBRTAyL0RHaFlJb3d3RjBncjNIODVnZWlZdVZiYW9D ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvREdoWUlvd3dGMGdyM0g4NWdlaVl1VmJhb0NrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw OTc1LzY3QzdBNDJBM0EyNjExRjBCQ0NGNUUxRkM0RjlBRTAyL0RHaFlJb3d3RjBn cjNIODVnZWlZdVZiYW9Day5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJdGqdy07bt+90lmeuW2UfG0M4aAPEX8TmAcCRJh/yAZBk3TPmpVlAyN GLuRzxL2xLC9FOZjtfKlxMSmJflFnfyyGGw4XinqWS0aIjo6JxZkkwk3R7syoRev 1tSeJ+K7d8xUNuw/DPpGYkCp6xWiaQ7DG0newv9uYtHiD7SVpJJw1cnfyQIjO7bz ao9GlFzcAAwvY14XsWPbazv6TaXBzgsq2BTEThDuTvibeOb9EAPOv6Q3xSnY6y6g fJwRjQ1/Tj79mmFmW3eFDwytIiCauSmXewKLGSb4n7JCsq/aHkZFXehwbD3Z4eaN GnqiqkYZeAmFMdZR66igb0ne4kZOAxs= -----END CERTIFICATE-----Generated at Thu Aug 21 07:24:12 2025 by rpki-client