$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.mft File: 05hHRxQle77zpal12QzQ3GW92-8.mft (raw, json) Hash identifier: lijqGwvSgIyx2HKfKA0nqQROl9CaiNcmiRqW9XW+48M= Subject key identifier: 3F:E1:3F:D4:BB:CE:B0:28:C2:69:BF:2C:88:BB:C6:2E:64:A8:8B:16 Authority key identifier: D3:98:47:47:14:25:7B:BE:F3:A5:A9:75:D9:0C:D0:DC:65:BD:DB:EF Certificate issuer: /CN=A9197CBC/serialNumber=D398474714257BBEF3A5A975D90CD0DC65BDDBEF Certificate serial: CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/05hHRxQle77zpal12QzQ3GW92-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.mft Manifest number: CA Signing time: Tue 09 Sep 2025 05:52:33 +0000 Manifest this update: Tue 09 Sep 2025 05:52:33 +0000 Manifest next update: Tue 16 Sep 2025 05:52:33 +0000 Files and hashes: 1: 05hHRxQle77zpal12QzQ3GW92-8.crl (hash: da4P0vZwFEe99oEo+FG3lF/KJy9sFh2Do/5mC0VVbIQ=) 2: E1EF913A5DF011EFAC9CA43BC4F9AE02.roa (hash: AKbHkLcQXH3Mnm7pa/ostI0hJA36SnM0asrKnPo4ABw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.crl rsync://rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/05hHRxQle77zpal12QzQ3GW92-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 05:52:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 205 (0xcd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CBC, serialNumber=D398474714257BBEF3A5A975D90CD0DC65BDDBEF Validity Not Before: Sep 9 05:52:33 2025 GMT Not After : Sep 16 05:52:33 2025 GMT Subject: CN=68bfc0a1-8c1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:6c:1c:37:9a:7e:f9:4b:19:65:ac:61:ba:46: 29:de:16:7c:43:29:ba:f9:66:26:a2:b2:50:2b:0c: f0:20:06:50:d3:31:f6:40:a0:de:b1:cc:92:1f:7d: 25:dd:2c:c7:82:ea:78:b3:95:54:47:eb:29:51:ab: 9c:76:51:2f:bb:4b:14:35:ba:e7:4d:b4:c8:e3:44: fe:b8:7e:ce:a3:30:c3:9c:b1:bc:9c:66:8c:fa:a2: c2:63:28:92:ff:ee:ed:dd:fe:c3:b8:83:29:f3:5e: c5:ed:c4:5b:7d:9a:98:40:17:01:9f:99:c3:75:a0: 4c:03:70:ea:bb:54:36:e0:96:b0:a1:3f:be:ca:b6: 1e:45:ab:50:41:5e:0e:ab:71:c3:2d:70:bc:67:6f: 1f:92:de:a3:80:db:d4:3b:a3:41:70:0a:76:5e:29: 6b:fd:41:2e:00:a6:54:6e:a7:3d:41:97:0f:f3:55: 91:f6:cb:07:dc:8f:36:43:e0:5d:22:cd:aa:b2:41: 46:bc:13:fc:0c:cd:d9:a3:0a:08:00:9c:99:19:cc: 1a:82:88:88:1e:a0:f0:6e:46:3b:8b:59:e8:d7:e5: 0b:fe:f5:cb:3e:75:08:4b:ed:ff:39:cf:38:ce:fc: 0b:af:82:a0:5a:4b:53:83:32:95:ef:fc:1d:2b:a7: 5b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:E1:3F:D4:BB:CE:B0:28:C2:69:BF:2C:88:BB:C6:2E:64:A8:8B:16 X509v3 Authority Key Identifier: keyid:D3:98:47:47:14:25:7B:BE:F3:A5:A9:75:D9:0C:D0:DC:65:BD:DB:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/05hHRxQle77zpal12QzQ3GW92-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CBC/952BAE2E5DF011EFAC70ED0AC4F9AE02/05hHRxQle77zpal12QzQ3GW92-8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:9c:02:bc:7a:15:17:3d:f3:69:56:53:f8:29:9e:3d:f1:ea: 23:27:35:f3:d7:57:d7:c4:a9:29:ad:8c:03:1a:32:c9:bf:5f: a8:c6:89:4b:4a:35:c9:20:88:98:9f:e0:c6:c8:bb:c6:fd:cc: a3:36:e9:a4:8a:b9:58:38:a5:b4:c9:d3:85:d1:b5:54:6d:0a: d2:3d:54:94:80:93:6f:c2:08:7a:c8:21:5d:09:f6:58:43:3b: d3:b6:d0:a9:14:05:e7:3d:91:f1:e8:c1:18:a2:da:f2:8b:dd: 51:84:64:39:c2:55:cc:e5:e8:a0:44:87:cf:b0:54:4e:eb:fd: 75:bd:fc:80:6e:d0:b6:dc:3d:79:65:93:dd:4b:cc:a2:ca:10: 3c:10:79:d3:bd:c0:0f:ea:81:9b:22:77:7e:29:ba:19:86:e2: 1b:6b:e4:b3:ba:26:d2:44:6b:1d:be:27:57:f5:32:97:d3:ab: d0:39:5c:3b:64:bf:33:ce:40:87:f0:41:ff:81:50:ee:1a:ca: 89:c7:3b:88:f1:0a:31:bb:b2:03:08:cc:bc:d9:52:16:03:05: 04:b1:20:4b:71:44:50:cc:09:1c:27:01:94:22:94:27:f4:27: 07:9b:be:9e:c8:b6:5e:5a:a3:60:6f:ca:42:e9:48:5f:bb:76: d3:6b:e8:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdDQkMxMTAvBgNVBAUTKEQzOTg0NzQ3MTQyNTdCQkVGM0E1QTk3NUQ5MENEMERD NjVCRERCRUYwHhcNMjUwOTA5MDU1MjMzWhcNMjUwOTE2MDU1MjMzWjAYMRYwFAYD VQQDEw02OGJmYzBhMS04YzFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA32wcN5p++UsZZaxhukYp3hZ8Qym6+WYmorJQKwzwIAZQ0zH2QKDescySH30l 3SzHgup4s5VUR+spUaucdlEvu0sUNbrnTbTI40T+uH7OozDDnLG8nGaM+qLCYyiS /+7t3f7DuIMp817F7cRbfZqYQBcBn5nDdaBMA3Dqu1Q24JawoT++yrYeRatQQV4O q3HDLXC8Z28fkt6jgNvUO6NBcAp2Xilr/UEuAKZUbqc9QZcP81WR9ssH3I82Q+Bd Is2qskFGvBP8DM3ZowoIAJyZGcwagoiIHqDwbkY7i1no1+UL/vXLPnUIS+3/Oc84 zvwLr4KgWktTgzKV7/wdK6dbkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD/hP9S7 zrAowmm/LIi7xi5kqIsWMB8GA1UdIwQYMBaAFNOYR0cUJXu+86WpddkM0Nxlvdvv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0NCQy85NTJCQUUyRTVE RjAxMUVGQUM3MEVEMEFDNEY5QUUwMi8wNWhIUnhRbGU3N3pwYWwxMlF6UTNHVzky LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA1aEhSeFFsZTc3enBhbDEyUXpRM0dXOTItOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0NCQy85NTJCQUUyRTVERjAxMUVGQUM3MEVEMEFDNEY5QUUwMi8wNWhIUnhRbGU3 N3pwYWwxMlF6UTNHVzkyLTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABnAK8ehUXPfNpVlP4KZ498eojJzXz11fXxKkprYwDGjLJv1+oxolL SjXJIIiYn+DGyLvG/cyjNumkirlYOKW0ydOF0bVUbQrSPVSUgJNvwgh6yCFdCfZY QzvTttCpFAXnPZHx6MEYotryi91RhGQ5wlXM5eigRIfPsFRO6/11vfyAbtC23D15 ZZPdS8yiyhA8EHnTvcAP6oGbInd+KboZhuIba+SzuibSRGsdvidX9TKX06vQOVw7 ZL8zzkCH8EH/gVDuGsqJxzuI8Qoxu7IDCMy82VIWAwUEsSBLcURQzAkcJwGUIpQn 9CcHm76eyLZeWqNgb8pC6Uhfu3bTa+hu -----END CERTIFICATE-----Generated at Tue Sep 9 14:19:48 2025 by rpki-client