$ rpki-client -vvf rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft File: 2OexX5y5FnTlEn_UBtfZ5xjgirA.mft (raw, json) Hash identifier: YYKiyJ8CLefCTb+3+N2bEDfz9E14A3ZVWd6Z97249G4= Subject key identifier: 50:01:97:2B:DA:B8:66:C4:6F:ED:E8:D9:FA:27:A4:13:83:D6:76:64 Authority key identifier: D8:E7:B1:5F:9C:B9:16:74:E5:12:7F:D4:06:D7:D9:E7:18:E0:8A:B0 Certificate issuer: /CN=A917E27F/serialNumber=D8E7B15F9CB91674E5127FD406D7D9E718E08AB0 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft Manifest number: 14 Signing time: Fri 05 Sep 2025 08:32:42 +0000 Manifest this update: Fri 05 Sep 2025 08:32:41 +0000 Manifest next update: Fri 12 Sep 2025 08:32:41 +0000 Files and hashes: 1: 2OexX5y5FnTlEn_UBtfZ5xjgirA.crl (hash: O/o9YrfI1q+xqkIXlip+Cn4lSc44pyodHrLFbt07H6s=) 2: 4197AB74735611F080D68151C4F9AE02.roa (hash: uw93y6FGovmGq+bi/XnqUmoXwqLRFeM+9sTlrsvluUo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.crl rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 08:32:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E27F, serialNumber=D8E7B15F9CB91674E5127FD406D7D9E718E08AB0 Validity Not Before: Sep 5 08:32:41 2025 GMT Not After : Sep 12 08:32:41 2025 GMT Subject: CN=68baa029-f595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:26:a8:04:28:b6:68:05:dd:43:8e:84:39:99: 18:39:c5:8f:d4:01:a2:89:4d:a7:45:03:d8:9a:ce: df:ce:1d:91:b4:77:b9:b8:81:d9:cd:45:25:95:6c: f9:50:d2:33:af:09:fc:8d:86:c3:d0:cf:08:d1:16: 16:6a:2d:2e:97:75:85:e3:f9:e7:53:46:1f:ae:01: e1:38:93:f6:6d:af:02:88:e6:fa:ab:1c:24:43:fc: 35:a3:7b:60:2d:d6:ff:44:1a:15:5e:62:da:8f:ed: cc:53:e7:dd:3f:d3:4a:4d:72:b7:0c:c8:44:00:ff: 68:f8:1a:51:2f:d4:38:f2:1a:d6:37:85:68:d5:1f: 39:04:86:99:d3:9a:30:d9:d6:72:8e:d8:7b:eb:e6: 57:39:03:f7:4f:0b:d2:d3:6d:dd:7f:cb:9b:47:3b: c7:1a:8a:5d:37:fd:7e:e5:9d:09:64:35:6c:66:7b: 07:68:06:bc:cc:dd:84:37:0c:17:4e:ff:7c:8a:98: 30:8f:36:f2:ff:07:22:1d:32:9f:d2:81:4b:73:a9: cd:74:19:12:85:c9:e1:1e:b0:89:bc:84:c9:fa:f2: 7b:f3:32:2d:a0:4b:2f:b7:17:9a:71:4a:e0:53:61: c8:64:bb:d9:66:29:b0:86:02:9d:0e:9c:ad:0a:0f: 35:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:01:97:2B:DA:B8:66:C4:6F:ED:E8:D9:FA:27:A4:13:83:D6:76:64 X509v3 Authority Key Identifier: keyid:D8:E7:B1:5F:9C:B9:16:74:E5:12:7F:D4:06:D7:D9:E7:18:E0:8A:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:40:7f:84:f9:3b:5f:3b:cc:bd:25:a2:de:41:cb:6c:7b:56: 47:a3:ed:8d:b6:37:3b:1d:e4:7d:73:72:fc:4e:24:7c:4d:bb: 89:5e:31:79:f4:a5:67:29:8f:79:73:ef:60:82:5d:5e:67:fb: fb:5e:25:07:a1:b1:54:61:e9:cb:88:9f:21:ad:04:66:89:55: 85:b1:3e:0d:2f:db:57:12:a1:35:7b:4a:6a:e8:53:7c:9a:2e: 11:08:fd:47:f7:16:f6:0a:ef:71:80:1f:e0:47:55:ab:80:ef: 04:9e:c3:4e:98:52:64:63:53:05:7c:2a:7c:a2:58:ce:04:34: 65:85:b9:80:b7:81:9f:88:bd:ed:8c:c6:37:0b:7c:18:00:ba: 75:4b:a4:94:7d:2e:95:cb:78:3d:05:6f:20:5c:8b:c4:79:7f: 00:f6:72:12:5b:63:cd:00:96:26:9d:6d:f2:83:24:d2:f8:8a: c7:41:a5:d3:02:9a:e4:c7:c5:ec:e2:38:5a:c1:69:96:80:ba: bc:b3:c7:2d:40:7e:56:6e:b1:8c:74:e0:68:c1:72:c4:f6:7c: dc:67:7c:86:c2:9d:2a:6c:d1:19:39:d1:db:6a:53:eb:41:43: 43:08:a0:cd:dc:cd:b4:45:e6:ac:c3:84:0e:10:fe:6b:48:08: a3:7c:b2:0a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTI3RjExMC8GA1UEBRMoRDhFN0IxNUY5Q0I5MTY3NEU1MTI3RkQ0MDZEN0Q5RTcx OEUwOEFCMDAeFw0yNTA5MDUwODMyNDFaFw0yNTA5MTIwODMyNDFaMBgxFjAUBgNV BAMTDTY4YmFhMDI5LWY1OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQJqgEKLZoBd1DjoQ5mRg5xY/UAaKJTadFA9iazt/OHZG0d7m4gdnNRSWVbPlQ 0jOvCfyNhsPQzwjRFhZqLS6XdYXj+edTRh+uAeE4k/ZtrwKI5vqrHCRD/DWje2At 1v9EGhVeYtqP7cxT590/00pNcrcMyEQA/2j4GlEv1DjyGtY3hWjVHzkEhpnTmjDZ 1nKO2Hvr5lc5A/dPC9LTbd1/y5tHO8cail03/X7lnQlkNWxmewdoBrzM3YQ3DBdO /3yKmDCPNvL/ByIdMp/SgUtzqc10GRKFyeEesIm8hMn68nvzMi2gSy+3F5pxSuBT Ychku9lmKbCGAp0OnK0KDzUnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUUAGXK9q4 ZsRv7ejZ+iekE4PWdmQwHwYDVR0jBBgwFoAU2OexX5y5FnTlEn/UBtfZ5xjgirAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMjdGLzc2OUQyRDY2NzJC NzExRjA5QzA0NjkwREM0RjlBRTAyLzJPZXhYNXk1Rm5UbEVuX1VCdGZaNXhqZ2ly QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMk9leFg1eTVGblRsRW5fVUJ0Zlo1eGpnaXJBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MjdGLzc2OUQyRDY2NzJCNzExRjA5QzA0NjkwREM0RjlBRTAyLzJPZXhYNXk1Rm5U bEVuX1VCdGZaNXhqZ2lyQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFtAf4T5O187zL0lot5By2x7Vkej7Y22Nzsd5H1zcvxOJHxNu4leMXn0 pWcpj3lz72CCXV5n+/teJQehsVRh6cuInyGtBGaJVYWxPg0v21cSoTV7SmroU3ya LhEI/Uf3FvYK73GAH+BHVauA7wSew06YUmRjUwV8KnyiWM4ENGWFuYC3gZ+Ive2M xjcLfBgAunVLpJR9LpXLeD0FbyBci8R5fwD2chJbY80AliadbfKDJNL4isdBpdMC muTHxeziOFrBaZaAuryzxy1AflZusYx04GjBcsT2fNxnfIbCnSps0Rk50dtqU+tB Q0MIoM3czbRF5qzDhA4Q/mtICKN8sgo= -----END CERTIFICATE-----Generated at Sat Sep 6 21:10:10 2025 by rpki-client