$ rpki-client -vvf rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.mft File: tAOKtkA58xRWIqIP9w7Xvh1Of5E.mft (raw, json) Hash identifier: DXwYYMPd5pGOkAgtnNH6qFPUg73W6k7fmVb9R7LFkIE= Subject key identifier: 2C:C5:DE:B7:01:25:62:34:67:71:95:96:D2:C5:E5:1A:5B:9C:B1:F3 Authority key identifier: B4:03:8A:B6:40:39:F3:14:56:22:A2:0F:F7:0E:D7:BE:1D:4E:7F:91 Certificate issuer: /CN=A918ABAC/serialNumber=B4038AB64039F3145622A20FF70ED7BE1D4E7F91 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tAOKtkA58xRWIqIP9w7Xvh1Of5E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.mft Manifest number: 2F Signing time: Mon 25 Aug 2025 08:23:45 +0000 Manifest this update: Mon 25 Aug 2025 08:23:44 +0000 Manifest next update: Mon 01 Sep 2025 08:23:44 +0000 Files and hashes: 1: tAOKtkA58xRWIqIP9w7Xvh1Of5E.crl (hash: ivZh0rgzApgQ77BUykqHJ6dNEJ3hTnWyDhUgDSG6Uns=) 2: E641780E535211F0A795A950C4F9AE02.roa (hash: /6fZjzm6zMKlJavcLCHUvZwJwnYnVUAiwPFKfA2za2E=) 3: ACE7F9985DF711F084BC8A50C4F9AE02.roa (hash: JnKzQUCZZIkzk+PTJ2yOthp2jewtbhpdupguptGlDRA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.crl rsync://rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tAOKtkA58xRWIqIP9w7Xvh1Of5E.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 08:23:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918ABAC, serialNumber=B4038AB64039F3145622A20FF70ED7BE1D4E7F91 Validity Not Before: Aug 25 08:23:44 2025 GMT Not After : Sep 1 08:23:44 2025 GMT Subject: CN=68ac1d91-7933 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:32:f1:01:38:50:b5:61:61:a8:57:a8:0c:65: 8c:83:c2:ab:2f:3b:c1:e5:1e:a5:45:02:92:a0:4f: 21:60:81:26:7d:cc:8a:1f:56:c1:f6:8f:66:9f:64: 6c:77:be:d3:0e:58:70:2e:33:0f:b3:e5:01:96:2d: b0:85:74:71:a4:25:bb:78:cd:70:c8:39:a3:bf:f1: 81:23:53:ad:8e:89:a9:d1:7a:17:30:62:04:25:0a: 40:04:ec:8b:8d:d5:37:91:fa:df:93:62:14:03:7e: 4a:93:b0:01:41:43:a8:7f:77:e6:26:59:29:6a:ff: f3:8b:ca:5a:b3:cd:6c:8c:c9:7d:bb:60:6e:2d:5c: 02:f9:36:4e:93:f1:4a:27:25:b6:04:42:c3:bb:59: cf:4f:b3:c8:8c:bc:c7:4d:b1:a6:b4:08:f8:09:ce: b4:67:16:14:a7:53:ce:92:13:dc:3c:b6:e7:86:fb: bf:d3:ae:95:d5:3e:b3:90:2f:57:fd:a3:9c:c6:ad: 63:78:d2:5b:c1:4f:cf:d0:0e:40:d3:90:84:12:73: aa:29:28:b4:2f:f4:f6:6a:f9:a5:66:76:bd:00:0f: 54:4e:7b:e3:37:7b:a8:73:aa:7c:a7:78:63:48:33: ac:3e:86:7e:c3:e4:2f:9b:dd:4a:74:48:12:dc:de: 75:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:C5:DE:B7:01:25:62:34:67:71:95:96:D2:C5:E5:1A:5B:9C:B1:F3 X509v3 Authority Key Identifier: keyid:B4:03:8A:B6:40:39:F3:14:56:22:A2:0F:F7:0E:D7:BE:1D:4E:7F:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tAOKtkA58xRWIqIP9w7Xvh1Of5E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918ABAC/649BC3B250C911F0B4730246C4F9AE02/tAOKtkA58xRWIqIP9w7Xvh1Of5E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:b5:84:b8:e8:6f:60:9d:aa:61:ee:88:ed:25:bd:82:68:23: 92:6e:1d:0f:d8:0b:54:b3:ca:c0:d1:df:45:dd:d3:81:d3:e2: 86:ef:c3:13:9a:af:58:9f:9d:01:6b:3e:71:cb:a8:5f:d0:87: f1:09:1c:e2:6a:46:1c:51:c6:90:e5:b2:10:ee:5f:17:16:c0: 2a:76:a3:ec:3b:a4:32:56:92:f4:30:d2:64:53:2c:f0:86:7b: 41:0f:fd:d4:83:87:17:8d:81:19:41:ba:08:e2:04:bc:77:e8: 4c:29:90:33:7f:0e:cf:25:fb:68:02:33:fb:44:2c:d2:16:78: 4e:cc:e8:84:28:12:7d:4d:e5:43:11:08:fb:d9:0c:5e:ee:04: a4:20:c2:af:a6:8f:c9:38:37:7f:d1:ea:b8:c0:fd:f8:ad:a6: 02:f1:48:dc:fa:9c:8d:f2:07:67:f5:d7:f5:ec:42:a5:5b:aa: 6f:6d:23:41:79:af:d0:4e:23:cb:8f:69:69:35:99:1e:51:9b: 28:41:e2:8f:79:1b:65:a6:5b:66:34:53:5c:af:33:5f:8f:fb: bf:0d:b5:77:9e:6d:9b:5a:4b:b5:dd:11:3a:2c:ec:6f:f3:20: 72:9c:78:44:13:03:2e:20:26:b9:04:9c:31:b3:06:d6:68:6f: 97:17:a2:a1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 QUJBQzExMC8GA1UEBRMoQjQwMzhBQjY0MDM5RjMxNDU2MjJBMjBGRjcwRUQ3QkUx RDRFN0Y5MTAeFw0yNTA4MjUwODIzNDRaFw0yNTA5MDEwODIzNDRaMBgxFjAUBgNV BAMTDTY4YWMxZDkxLTc5MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDKMvEBOFC1YWGoV6gMZYyDwqsvO8HlHqVFApKgTyFggSZ9zIofVsH2j2afZGx3 vtMOWHAuMw+z5QGWLbCFdHGkJbt4zXDIOaO/8YEjU62OianRehcwYgQlCkAE7IuN 1TeR+t+TYhQDfkqTsAFBQ6h/d+YmWSlq//OLylqzzWyMyX27YG4tXAL5Nk6T8Uon JbYEQsO7Wc9Ps8iMvMdNsaa0CPgJzrRnFhSnU86SE9w8tueG+7/TrpXVPrOQL1f9 o5zGrWN40lvBT8/QDkDTkIQSc6opKLQv9PZq+aVmdr0AD1ROe+M3e6hzqnyneGNI M6w+hn7D5C+b3Up0SBLc3nVvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULMXetwEl YjRncZWW0sXlGlucsfMwHwYDVR0jBBgwFoAUtAOKtkA58xRWIqIP9w7Xvh1Of5Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBQkFDLzY0OUJDM0IyNTBD OTExRjBCNDczMDI0NkM0RjlBRTAyL3RBT0t0a0E1OHhSV0lxSVA5dzdYdmgxT2Y1 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdEFPS3RrQTU4eFJXSXFJUDl3N1h2aDFPZjVFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThB QkFDLzY0OUJDM0IyNTBDOTExRjBCNDczMDI0NkM0RjlBRTAyL3RBT0t0a0E1OHhS V0lxSVA5dzdYdmgxT2Y1RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGS1hLjob2CdqmHuiO0lvYJoI5JuHQ/YC1SzysDR30Xd04HT4obvwxOa r1ifnQFrPnHLqF/Qh/EJHOJqRhxRxpDlshDuXxcWwCp2o+w7pDJWkvQw0mRTLPCG e0EP/dSDhxeNgRlBugjiBLx36EwpkDN/Ds8l+2gCM/tELNIWeE7M6IQoEn1N5UMR CPvZDF7uBKQgwq+mj8k4N3/R6rjA/fitpgLxSNz6nI3yB2f11/XsQqVbqm9tI0F5 r9BOI8uPaWk1mR5RmyhB4o95G2WmW2Y0U1yvM1+P+78NtXeebZtaS7XdETos7G/z IHKceEQTAy4gJrkEnDGzBtZob5cXoqE= -----END CERTIFICATE-----Generated at Mon Aug 25 23:31:01 2025 by rpki-client