$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft File: cI8eBxM4VcgHTu1fjIO0RmpgesI.mft (raw, json) Hash identifier: k6e1OBz0+69FibCoQmsIiUsytn3nS1YXni6TZUz5lvk= Subject key identifier: 81:39:7A:EC:61:54:1C:BE:64:3D:96:FB:7B:E2:2D:54:92:7A:AF:64 Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 0126 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft Manifest number: 0122 Signing time: Sat 19 Jul 2025 04:57:12 +0000 Manifest this update: Sat 19 Jul 2025 04:57:11 +0000 Manifest next update: Sat 26 Jul 2025 04:57:11 +0000 Files and hashes: 1: cI8eBxM4VcgHTu1fjIO0RmpgesI.crl (hash: 1AKX/bRLksNh4GkFZ7lwss6iB1Q1lz/t5t2ixPSstwI=) 2: BFC0298670DC11EF8B65D95AC4F9AE02.roa (hash: UgEzMnFdPuD9AyKqWzCGknoXwkBXShyWFB2xX76uKRE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:57:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16, serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Jul 19 04:57:11 2025 GMT Not After : Jul 26 04:57:11 2025 GMT Subject: CN=687b25a7-f6c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a3:df:8b:f1:89:88:1f:8a:3a:54:1d:9d:25: b6:81:40:71:c7:b1:c9:f2:0a:ca:d8:32:47:0b:40: 78:93:df:39:e9:05:eb:ae:f4:39:52:88:ec:b1:f7: f6:08:a8:38:f0:56:18:a3:df:08:85:fc:41:f0:45: 50:f4:45:4b:e2:c3:22:11:a3:b6:f6:fe:84:47:26: 04:c3:a7:71:5f:93:30:5d:52:a7:ac:dd:17:19:bb: 60:19:39:6c:3d:9d:3a:37:b3:57:04:14:ca:c5:e9: c3:ce:35:58:34:e9:df:f5:d6:a3:91:53:fd:9a:c2: 27:7a:c9:c6:68:c4:92:50:20:4f:17:2a:ef:19:4f: 27:ed:13:62:f4:d0:fc:8a:49:c3:05:c9:e1:2c:a1: 8d:b3:86:98:25:bb:7e:6a:0e:50:15:9e:98:4b:c8: 47:ca:6a:6f:2b:e7:23:50:3e:f0:81:a1:93:e1:f3: ea:1b:38:49:b3:c6:c2:69:3a:2b:04:a9:d3:b8:c5: 51:fa:94:b7:4c:a7:69:3a:05:fe:2b:30:4f:16:57: f1:76:1b:8a:25:20:61:f8:01:ce:3e:d0:b9:b1:36: de:b3:15:d8:76:e2:46:f0:e6:66:73:a1:a4:1a:c9: 06:33:b4:ca:26:4d:d0:fa:fc:5f:35:43:80:d1:99: e3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:39:7A:EC:61:54:1C:BE:64:3D:96:FB:7B:E2:2D:54:92:7A:AF:64 X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:2f:b5:5a:fa:80:d7:1e:0c:f4:21:dd:ba:ac:bc:47:b6:1c: a7:79:a5:11:8c:a6:30:8a:7d:a3:64:29:99:06:9f:3d:5f:79: 5b:ba:5b:cd:80:f7:1d:89:6c:bb:25:18:ee:e6:bc:5b:46:1e: 8c:c0:2e:ba:f9:f4:83:d6:c8:c5:27:a8:4e:f1:c4:d0:10:55: 90:74:ac:45:92:d5:f8:c9:16:31:18:82:ce:68:9a:b2:86:ab: 9f:93:b5:3e:75:b2:ef:34:68:13:90:9f:3d:63:ae:a0:78:ad: fd:b0:95:48:2d:6c:5e:25:20:74:38:1e:1d:94:37:60:cf:0e: a4:9f:ee:9e:16:4e:81:e0:3a:ce:e7:b3:ba:c4:07:89:d4:db: 6a:4f:6a:c2:6e:5c:08:6e:da:1f:8d:17:c9:f8:31:aa:40:0e: 19:13:90:6a:b5:98:86:40:88:1d:08:cc:28:64:e8:90:a2:30: f9:a3:fd:8f:75:3a:89:45:f0:92:15:03:4b:b5:99:57:3a:c2: 91:e3:9b:c4:06:65:cf:7a:47:c6:0c:b5:42:93:7e:4a:90:10: a0:8b:27:f3:9b:b4:5c:0a:cb:90:37:60:6b:04:20:60:0c:ff: b3:5e:69:7a:58:b1:8d:4a:71:50:e3:0a:f2:15:b8:08:3e:12: 8d:82:54:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjUwNzE5MDQ1NzExWhcNMjUwNzI2MDQ1NzExWjAYMRYwFAYD VQQDEw02ODdiMjVhNy1mNmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaPfi/GJiB+KOlQdnSW2gUBxx7HJ8grK2DJHC0B4k9856QXrrvQ5Uojssff2 CKg48FYYo98IhfxB8EVQ9EVL4sMiEaO29v6ERyYEw6dxX5MwXVKnrN0XGbtgGTls PZ06N7NXBBTKxenDzjVYNOnf9dajkVP9msInesnGaMSSUCBPFyrvGU8n7RNi9ND8 iknDBcnhLKGNs4aYJbt+ag5QFZ6YS8hHympvK+cjUD7wgaGT4fPqGzhJs8bCaTor BKnTuMVR+pS3TKdpOgX+KzBPFlfxdhuKJSBh+AHOPtC5sTbesxXYduJG8OZmc6Gk GskGM7TKJk3Q+vxfNUOA0Znj4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIE5euxh VBy+ZD2W+3viLVSSeq9kMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZj Z0hUdTFmaklPMFJtcGdlc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOL7Va+oDXHgz0Id26rLxHthyneaURjKYwin2jZCmZBp89X3lbulvN gPcdiWy7JRju5rxbRh6MwC66+fSD1sjFJ6hO8cTQEFWQdKxFktX4yRYxGILOaJqy hqufk7U+dbLvNGgTkJ89Y66geK39sJVILWxeJSB0OB4dlDdgzw6kn+6eFk6B4DrO 57O6xAeJ1NtqT2rCblwIbtofjRfJ+DGqQA4ZE5BqtZiGQIgdCMwoZOiQojD5o/2P dTqJRfCSFQNLtZlXOsKR45vEBmXPekfGDLVCk35KkBCgiyfzm7RcCsuQN2BrBCBg DP+zXml6WLGNSnFQ4wryFbgIPhKNglST -----END CERTIFICATE-----Generated at Mon Jul 21 03:05:28 2025 by rpki-client