$ rpki-client -vvf rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.mft File: Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.mft (raw, json) Hash identifier: I4vJHFxCFTzQK/AGSgxf8HRZGUQ+NhgkR5ickhPm2zY= Subject key identifier: CD:09:7A:51:54:F8:68:01:E6:A5:0B:61:3C:A4:97:8C:E6:77:AC:2E Authority key identifier: 4E:7E:D9:51:C4:F8:9F:11:F1:94:46:8E:A8:15:44:D7:33:5E:4F:59 Certificate issuer: /CN=A9176C8F/serialNumber=4E7ED951C4F89F11F194468EA81544D7335E4F59 Certificate serial: AB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.mft Manifest number: A9 Signing time: Sat 19 Jul 2025 06:26:36 +0000 Manifest this update: Sat 19 Jul 2025 06:26:35 +0000 Manifest next update: Sat 26 Jul 2025 06:26:35 +0000 Files and hashes: 1: Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.crl (hash: Uzw1ggFmViYo1zoWjaAg4T//qyNVHoV6bN8KuvTaJKs=) 2: 4E9597086B5C11EFABB11F60C4F9AE02.roa (hash: qpNZ0Lm7ohL4bDYSXZ5HFsKxSW3wfA050YYCOcr+GtU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.crl rsync://rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 171 (0xab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176C8F, serialNumber=4E7ED951C4F89F11F194468EA81544D7335E4F59 Validity Not Before: Jul 19 06:26:35 2025 GMT Not After : Jul 26 06:26:35 2025 GMT Subject: CN=687b3a9c-c522 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:bb:31:21:bd:f2:cd:89:bf:ca:a0:d1:96:d8: 15:6d:7f:4f:5d:67:84:89:17:20:28:86:e8:d9:8d: 2d:ab:c2:b5:5e:03:7e:a5:85:18:9e:42:9e:bc:3c: 26:d6:e3:f4:b8:2d:2d:05:19:08:d5:8b:ae:f1:be: 7e:b8:88:67:34:9a:17:b0:3a:66:72:03:a5:90:c9: dd:ea:2a:58:fe:40:49:10:e3:d5:4e:18:53:9d:b9: cb:66:08:89:d5:de:40:b1:70:01:14:69:e3:ff:c6: 93:c0:42:61:14:45:6a:d7:0b:5c:28:82:0f:6f:44: d8:b8:76:da:a3:5d:95:83:64:0a:19:5b:ac:55:b0: 5e:f6:fa:f1:aa:d6:f3:c0:68:25:f9:4f:c8:7a:67: b2:5f:24:bd:7c:86:ea:59:11:6e:8e:ae:7b:18:9e: 52:6e:66:ef:52:93:a5:cd:01:ca:d3:e1:68:ec:f1: 3e:55:eb:00:dd:a5:ae:7c:c2:5b:6f:da:dd:7e:8d: e5:b8:fd:3b:7d:42:5b:b1:50:a4:99:dd:14:82:2c: fb:4a:91:7e:81:51:5b:44:f1:7e:66:e1:f9:b7:21: fa:25:81:38:fd:9c:55:e9:d5:9b:20:64:ad:13:33: 31:1a:88:8e:e6:61:72:e4:45:9b:a7:e3:cf:b6:a3: af:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:09:7A:51:54:F8:68:01:E6:A5:0B:61:3C:A4:97:8C:E6:77:AC:2E X509v3 Authority Key Identifier: keyid:4E:7E:D9:51:C4:F8:9F:11:F1:94:46:8E:A8:15:44:D7:33:5E:4F:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176C8F/F14EED986B5A11EFBC99925CC4F9AE02/Tn7ZUcT4nxHxlEaOqBVE1zNeT1k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:04:a6:9e:a3:49:6b:9e:ac:e2:ec:21:45:0e:ba:56:1e:95: 89:a7:2e:b5:94:49:49:40:fb:fd:b9:01:53:53:f4:e4:ef:29: 08:b8:53:16:8e:8d:6b:ed:15:67:5e:ec:ff:6b:30:67:1b:3c: 18:a2:f2:d8:87:c8:cd:bd:24:5a:e9:3f:46:b2:f1:75:9f:32: 36:4c:ab:a9:fa:79:a9:97:94:44:19:47:16:37:3a:b7:3f:5b: 26:65:0f:b4:c3:64:7e:8c:a5:37:a3:31:e3:4e:6d:c8:ed:33: 80:e8:96:20:59:70:1c:e8:80:27:85:85:39:5b:7a:16:88:0e: be:79:b0:54:66:09:14:fc:2f:ef:d1:ff:e2:4e:1e:95:b5:f4: e2:d4:33:3a:1c:ac:19:f5:65:3a:3f:01:14:1a:14:e7:52:0f: ea:67:ec:cc:51:cd:55:61:7a:65:94:84:b8:9b:72:9a:0d:22: 41:04:d5:9f:4e:42:f5:83:75:b3:6a:ca:45:56:47:1e:27:cb: 08:90:c7:01:0f:5e:ed:de:37:7d:38:fa:0c:71:a0:d9:f9:71: 3d:83:dc:d1:cd:42:3f:a9:74:cc:20:d1:00:f9:d6:d1:ac:78: bc:9e:f2:1f:07:cf:59:e6:b6:c8:b6:4c:79:17:59:61:a7:f5: 6f:02:f3:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzZDOEYxMTAvBgNVBAUTKDRFN0VEOTUxQzRGODlGMTFGMTk0NDY4RUE4MTU0NEQ3 MzM1RTRGNTkwHhcNMjUwNzE5MDYyNjM1WhcNMjUwNzI2MDYyNjM1WjAYMRYwFAYD VQQDEw02ODdiM2E5Yy1jNTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA77sxIb3yzYm/yqDRltgVbX9PXWeEiRcgKIbo2Y0tq8K1XgN+pYUYnkKevDwm 1uP0uC0tBRkI1Yuu8b5+uIhnNJoXsDpmcgOlkMnd6ipY/kBJEOPVThhTnbnLZgiJ 1d5AsXABFGnj/8aTwEJhFEVq1wtcKIIPb0TYuHbao12Vg2QKGVusVbBe9vrxqtbz wGgl+U/IemeyXyS9fIbqWRFujq57GJ5SbmbvUpOlzQHK0+Fo7PE+VesA3aWufMJb b9rdfo3luP07fUJbsVCkmd0Ugiz7SpF+gVFbRPF+ZuH5tyH6JYE4/ZxV6dWbIGSt EzMxGoiO5mFy5EWbp+PPtqOvPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0JelFU +GgB5qULYTykl4zmd6wuMB8GA1UdIwQYMBaAFE5+2VHE+J8R8ZRGjqgVRNczXk9Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkM4Ri9GMTRFRUQ5ODZC NUExMUVGQkM5OTkyNUNDNEY5QUUwMi9UbjdaVWNUNG54SHhsRWFPcUJWRTF6TmVU MWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RuN1pVY1Q0bnhIeGxFYU9xQlZFMXpOZVQxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NkM4Ri9GMTRFRUQ5ODZCNUExMUVGQkM5OTkyNUNDNEY5QUUwMi9UbjdaVWNUNG54 SHhsRWFPcUJWRTF6TmVUMWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgBKaeo0lrnqzi7CFFDrpWHpWJpy61lElJQPv9uQFTU/Tk7ykIuFMW jo1r7RVnXuz/azBnGzwYovLYh8jNvSRa6T9GsvF1nzI2TKup+nmpl5REGUcWNzq3 P1smZQ+0w2R+jKU3ozHjTm3I7TOA6JYgWXAc6IAnhYU5W3oWiA6+ebBUZgkU/C/v 0f/iTh6VtfTi1DM6HKwZ9WU6PwEUGhTnUg/qZ+zMUc1VYXpllIS4m3KaDSJBBNWf TkL1g3WzaspFVkceJ8sIkMcBD17t3jd9OPoMcaDZ+XE9g9zRzUI/qXTMINEA+dbR rHi8nvIfB89Z5rbItkx5F1lhp/VvAvPE -----END CERTIFICATE-----Generated at Sat Jul 19 21:40:21 2025 by rpki-client