$ rpki-client -vvf rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.mft File: C2HEdIlppE_IPIiCoCV50NWSO2E.mft (raw, json) Hash identifier: iXNG95V09WEAvGtZNJesK5r2iiaJmRo5iRnjkRm0Ceg= Subject key identifier: 41:21:B5:21:12:D0:9C:C9:1A:EA:F3:62:77:2A:4E:B7:D0:5A:7F:93 Authority key identifier: 0B:61:C4:74:89:69:A4:4F:C8:3C:88:82:A0:25:79:D0:D5:92:3B:61 Certificate issuer: /CN=A917B092/serialNumber=0B61C4748969A44FC83C8882A02579D0D5923B61 Certificate serial: 01DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2HEdIlppE_IPIiCoCV50NWSO2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.mft Manifest number: 01CD Signing time: Sun 07 Sep 2025 03:25:41 +0000 Manifest this update: Sun 07 Sep 2025 03:25:41 +0000 Manifest next update: Sun 14 Sep 2025 03:25:41 +0000 Files and hashes: 1: C2HEdIlppE_IPIiCoCV50NWSO2E.crl (hash: qjqs+7egq9cwyQLyL+T1IFLUV3C1P53aLyL1MatIyZI=) 2: 9816AE202ED111EF9B668069C4F9AE02.roa (hash: eTkk2If6zpml/RuCza+brdDkrA2sYBq8cWe9+X2do9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.crl rsync://rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2HEdIlppE_IPIiCoCV50NWSO2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 03:25:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 475 (0x1db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B092, serialNumber=0B61C4748969A44FC83C8882A02579D0D5923B61 Validity Not Before: Sep 7 03:25:41 2025 GMT Not After : Sep 14 03:25:41 2025 GMT Subject: CN=68bcfb35-61e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:af:3d:a5:93:d6:e3:c5:15:e2:de:4e:15:7d: 5b:5d:f5:e3:97:44:8c:fa:82:69:1a:4f:99:c2:d3: d3:a6:4d:5c:c3:2f:de:7c:60:c3:fb:ef:84:db:3d: ac:b5:92:fa:55:bf:56:21:ff:e8:72:bd:7a:b3:03: 48:ab:dc:b9:5b:e6:5e:dc:da:50:06:e6:21:d9:23: 7d:8a:03:b8:c2:0e:66:59:96:96:c7:57:95:7b:2b: fd:bb:24:d7:de:c9:96:1b:b0:2a:5a:e9:b8:48:b9: f8:92:7f:a6:4c:41:65:75:f0:ca:3b:be:28:c5:86: 53:b2:c7:1a:72:56:d1:93:32:f4:fa:65:59:79:1c: 2c:71:58:6e:cf:5b:47:f7:76:43:3e:f0:d4:09:c6: 66:f8:f9:3d:48:0c:54:e7:27:10:b9:24:c2:90:de: 42:39:68:aa:e9:23:12:31:7e:df:44:19:3f:2d:c9: 85:c9:82:c3:84:73:c9:6f:4a:8d:61:9d:73:cb:1a: ae:fa:1d:bb:e9:0e:bc:56:f7:33:bc:d2:98:98:d7: ca:43:fc:26:d8:67:0b:6f:50:89:39:95:66:83:49: cb:a2:a5:06:1d:e2:cc:f8:4c:fd:57:9d:7f:b0:ab: a7:7d:3f:a4:7e:af:fb:fb:21:19:30:ae:fa:82:8b: b4:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:21:B5:21:12:D0:9C:C9:1A:EA:F3:62:77:2A:4E:B7:D0:5A:7F:93 X509v3 Authority Key Identifier: keyid:0B:61:C4:74:89:69:A4:4F:C8:3C:88:82:A0:25:79:D0:D5:92:3B:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2HEdIlppE_IPIiCoCV50NWSO2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B092/28230996EE2311EDBABE2A5DC4F9AE02/C2HEdIlppE_IPIiCoCV50NWSO2E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:e0:24:9b:28:26:ca:9c:1e:32:fb:70:8a:b5:4b:3a:e3:6c: 66:86:02:25:ff:4e:38:96:16:8c:e1:c9:c3:db:d6:2d:1a:98: 27:4c:75:e9:bf:59:05:61:ca:c5:50:a0:4d:e8:d5:c7:4a:3a: d7:b0:76:55:31:10:70:8c:92:6c:89:b0:77:2e:35:1f:2c:1c: 9c:75:db:b0:9e:7d:95:e1:aa:7a:92:16:ec:b0:6f:2d:6d:12: b8:0d:c2:cd:51:81:22:f3:58:ec:35:88:e9:6b:87:2f:22:ed: 29:5d:c9:e0:2d:32:75:68:d7:de:a3:7c:56:61:5e:8a:2d:16: 33:76:3e:ba:21:84:23:d0:d9:b4:04:cb:51:57:b1:f1:7c:5e: c5:74:ef:32:fb:ba:2e:ed:f4:a0:e7:0a:c1:73:85:4f:3c:42: 96:84:91:d3:16:97:03:7c:77:98:43:81:a9:66:37:45:5d:59: 43:69:12:41:c7:5c:80:c5:c9:e4:c2:ce:e2:13:93:54:fd:94: 56:98:a8:d1:10:3d:f5:f1:19:fc:2e:80:4d:a3:3e:8b:83:f4: 82:4a:e3:9c:55:f3:b3:04:be:bf:24:8b:44:b0:ad:a2:cc:1d: 6a:b4:dc:dc:c6:62:9c:50:c0:49:ea:95:ad:af:57:35:87:5c: 88:30:17:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0IwOTIxMTAvBgNVBAUTKDBCNjFDNDc0ODk2OUE0NEZDODNDODg4MkEwMjU3OUQw RDU5MjNCNjEwHhcNMjUwOTA3MDMyNTQxWhcNMjUwOTE0MDMyNTQxWjAYMRYwFAYD VQQDEw02OGJjZmIzNS02MWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyq89pZPW48UV4t5OFX1bXfXjl0SM+oJpGk+ZwtPTpk1cwy/efGDD+++E2z2s tZL6Vb9WIf/ocr16swNIq9y5W+Ze3NpQBuYh2SN9igO4wg5mWZaWx1eVeyv9uyTX 3smWG7AqWum4SLn4kn+mTEFldfDKO74oxYZTsscaclbRkzL0+mVZeRwscVhuz1tH 93ZDPvDUCcZm+Pk9SAxU5ycQuSTCkN5COWiq6SMSMX7fRBk/LcmFyYLDhHPJb0qN YZ1zyxqu+h276Q68VvczvNKYmNfKQ/wm2GcLb1CJOZVmg0nLoqUGHeLM+Ez9V51/ sKunfT+kfq/7+yEZMK76gou0mwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEEhtSES 0JzJGurzYncqTrfQWn+TMB8GA1UdIwQYMBaAFAthxHSJaaRPyDyIgqAledDVkjth MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjA5Mi8yODIzMDk5NkVF MjMxMUVEQkFCRTJBNURDNEY5QUUwMi9DMkhFZElscHBFX0lQSWlDb0NWNTBOV1NP MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MySEVkSWxwcEVfSVBJaUNvQ1Y1ME5XU08yRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjA5Mi8yODIzMDk5NkVFMjMxMUVEQkFCRTJBNURDNEY5QUUwMi9DMkhFZElscHBF X0lQSWlDb0NWNTBOV1NPMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAa4CSbKCbKnB4y+3CKtUs642xmhgIl/044lhaM4cnD29YtGpgnTHXp v1kFYcrFUKBN6NXHSjrXsHZVMRBwjJJsibB3LjUfLBycdduwnn2V4ap6khbssG8t bRK4DcLNUYEi81jsNYjpa4cvIu0pXcngLTJ1aNfeo3xWYV6KLRYzdj66IYQj0Nm0 BMtRV7HxfF7FdO8y+7ou7fSg5wrBc4VPPEKWhJHTFpcDfHeYQ4GpZjdFXVlDaRJB x1yAxcnkws7iE5NU/ZRWmKjRED318Rn8LoBNoz6Lg/SCSuOcVfOzBL6/JItEsK2i zB1qtNzcxmKcUMBJ6pWtr1c1h1yIMBdL -----END CERTIFICATE-----Generated at Mon Sep 8 20:28:13 2025 by rpki-client