$ rpki-client -vvf rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft File: CDWHSXi6MJ7X2kZz53OdkyLyYps.mft (raw, json) Hash identifier: Rsbm282RzGOMhat+XQBoBHf2ZBEYkyWFaeKiKp8ckTU= Subject key identifier: 28:77:8E:E4:EB:1E:6B:FF:59:E0:74:80:19:AC:F2:57:22:DE:C6:BC Authority key identifier: 08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B Certificate issuer: /CN=A917E00F/serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Certificate serial: 79 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft Manifest number: 77 Signing time: Tue 02 Sep 2025 23:33:38 +0000 Manifest this update: Tue 02 Sep 2025 23:33:37 +0000 Manifest next update: Tue 09 Sep 2025 23:33:37 +0000 Files and hashes: 1: CDWHSXi6MJ7X2kZz53OdkyLyYps.crl (hash: GfRoRm39DUAltIDbhj9fabglYWLUphruUrQMZF4yMiw=) 2: 2DA549EAE23E11EFB267422EC4F9AE02.roa (hash: IwOryXN0CLNaxtv7IBy7ZDsktAOlHn3+ya1AEPZi2Ak=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 23:33:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 121 (0x79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E00F, serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B Validity Not Before: Sep 2 23:33:37 2025 GMT Not After : Sep 9 23:33:37 2025 GMT Subject: CN=68b77ed2-0d00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c7:03:e5:4b:3d:ca:59:6a:76:11:39:61:0c: 8c:f5:03:d0:b0:b3:4a:34:51:5f:12:fe:39:d0:8d: db:4e:83:27:5d:2a:6e:15:69:c2:1d:c7:fd:ba:cc: 04:d6:ff:ed:c6:ff:21:aa:8e:1d:ed:ee:95:db:a6: fd:3a:64:be:b1:d2:2a:fc:c5:8f:3e:67:0b:3a:d5: e9:32:a2:98:db:71:98:b9:b1:6c:fe:9d:38:6c:59: 3d:f8:8a:7d:54:c7:05:69:2e:d8:5d:33:62:97:ce: fc:df:a0:31:80:a1:95:8b:ff:d9:b9:92:30:3f:de: 44:b6:9e:69:70:18:70:c8:91:ab:02:05:77:5e:01: c2:30:38:e7:16:5f:c4:d6:e8:fc:7b:91:73:9d:0d: 2f:27:87:52:fc:b7:ec:3c:13:d4:d6:7f:33:c8:ac: 40:88:7d:2a:1e:dc:30:b5:d5:16:94:9d:a7:3d:f5: 59:7e:73:36:c4:c4:cd:e2:ea:9a:60:af:85:f3:12: 33:fd:ac:d0:52:cc:f7:da:d9:b6:ea:bc:e4:87:c9: 73:fb:10:20:eb:78:87:46:f4:ba:b8:96:35:1d:75: 99:c8:ff:b9:d1:f5:0f:5d:96:70:a7:d8:90:6b:34: 19:74:fa:50:8a:99:b6:10:07:82:35:ef:b4:12:0b: 5e:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:8E:E4:EB:1E:6B:FF:59:E0:74:80:19:AC:F2:57:22:DE:C6:BC X509v3 Authority Key Identifier: keyid:08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:f6:66:44:f4:3f:ad:d5:75:75:32:03:03:f7:c5:f2:1e:ed: 60:75:f0:e9:32:7c:34:e6:d6:9e:9a:9f:f4:1f:be:c1:42:1a: 8f:a8:b3:54:e2:8a:35:4c:79:fe:1a:c0:4f:63:59:8a:e6:81: f4:45:54:b5:3b:a9:d4:ca:2f:fc:3b:dd:12:e4:d8:f5:cb:a1: dc:93:43:ef:54:f4:5d:7c:06:83:eb:e5:a5:8a:03:f7:a1:f5: 4e:0d:0a:e3:17:6c:10:8c:5e:32:35:88:3a:0c:31:7a:ce:70: 3b:a8:33:56:80:fa:57:bc:2d:fc:8f:d1:6a:8f:37:10:65:1b: 23:40:c9:a9:42:02:20:a9:80:cb:bb:f4:70:44:35:36:96:14: 03:62:66:17:13:7f:cf:2d:cc:88:59:1b:a7:71:19:35:e2:4d: e0:02:59:3c:16:f1:07:f5:bb:e0:e4:b3:20:83:80:8c:1a:f1: e4:5e:fd:84:11:98:ab:8e:39:01:4a:ba:d3:ce:43:85:77:d8: 4b:4a:58:30:37:b7:21:1a:15:76:38:91:e2:f7:d4:9e:81:03: fe:71:7a:b0:2b:4d:bc:e8:89:b6:8d:a1:8b:c8:dd:3b:5c:a5: 06:62:17:1e:80:b3:ba:e4:16:9d:28:2b:c4:ad:31:29:71:01: fe:49:ba:ec -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTAwRjExMC8GA1UEBRMoMDgzNTg3NDk3OEJBMzA5RUQ3REE0NjczRTc3MzlEOTMy MkYyNjI5QjAeFw0yNTA5MDIyMzMzMzdaFw0yNTA5MDkyMzMzMzdaMBgxFjAUBgNV BAMTDTY4Yjc3ZWQyLTBkMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsxwPlSz3KWWp2ETlhDIz1A9Cws0o0UV8S/jnQjdtOgyddKm4VacIdx/26zATW /+3G/yGqjh3t7pXbpv06ZL6x0ir8xY8+Zws61ekyopjbcZi5sWz+nThsWT34in1U xwVpLthdM2KXzvzfoDGAoZWL/9m5kjA/3kS2nmlwGHDIkasCBXdeAcIwOOcWX8TW 6Px7kXOdDS8nh1L8t+w8E9TWfzPIrECIfSoe3DC11RaUnac99Vl+czbExM3i6ppg r4XzEjP9rNBSzPfa2bbqvOSHyXP7ECDreIdG9Lq4ljUddZnI/7nR9Q9dlnCn2JBr NBl0+lCKmbYQB4I177QSC14fAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKHeO5Ose a/9Z4HSAGazyVyLexrwwHwYDVR0jBBgwFoAUCDWHSXi6MJ7X2kZz53OdkyLyYpsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMDBGLzdEMkIxREYwRDdE MDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3WDJrWno1M09ka3lMeVlw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0RXSFNYaTZNSjdYMmtaejUzT2RreUx5WXBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MDBGLzdEMkIxREYwRDdEMDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3 WDJrWno1M09ka3lMeVlwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABT2ZkT0P63VdXUyAwP3xfIe7WB18OkyfDTm1p6an/QfvsFCGo+os1Ti ijVMef4awE9jWYrmgfRFVLU7qdTKL/w73RLk2PXLodyTQ+9U9F18BoPr5aWKA/eh 9U4NCuMXbBCMXjI1iDoMMXrOcDuoM1aA+le8LfyP0WqPNxBlGyNAyalCAiCpgMu7 9HBENTaWFANiZhcTf88tzIhZG6dxGTXiTeACWTwW8Qf1u+DksyCDgIwa8eRe/YQR mKuOOQFKutPOQ4V32EtKWDA3tyEaFXY4keL31J6BA/5xerArTbzoibaNoYvI3Ttc pQZiFx6As7rkFp0oK8StMSlxAf5Juuw= -----END CERTIFICATE-----Generated at Thu Sep 4 13:59:05 2025 by rpki-client