$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: wG1Y0HZglVcfdbMZ224kDcm1H8+H9PKdq8pndlJ73TA= Subject key identifier: C5:03:45:40:C9:DE:1E:E7:16:BF:2D:98:5E:FA:61:E5:CB:C1:D8:0F Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0E14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0E0C Signing time: Sun 24 Aug 2025 17:48:20 +0000 Manifest this update: Sun 24 Aug 2025 17:48:20 +0000 Manifest next update: Sun 31 Aug 2025 17:48:20 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: R001Mo1am3H38t4EoliAC/dOUCd5D4jvV+dbaFdX7Cw=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: aOcvKXW2OwUSyFzRq5Kiuga5ndEep1PmMp0UDb+8XIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:48:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3604 (0xe14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Aug 24 17:48:20 2025 GMT Not After : Aug 31 17:48:20 2025 GMT Subject: CN=68ab5064-a6e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6e:14:98:af:eb:55:07:75:6c:13:1c:32:70: 75:8a:5c:cc:20:c4:0f:97:08:c9:ee:67:90:c2:ab: 71:ad:c6:67:39:29:7b:e7:ae:64:0c:ea:42:b6:32: e6:ee:e7:ca:c8:74:b3:1c:fe:96:e6:49:41:bf:79: 9a:ab:d4:2d:62:a7:3a:92:57:5d:c5:a4:4b:19:79: b9:ba:68:65:87:a9:42:fc:c7:db:89:05:72:8c:63: f8:31:1c:2e:6b:48:aa:f3:d3:2f:1c:5d:35:87:ac: 11:e2:b9:67:30:09:db:e7:a4:fa:8c:b7:96:18:34: 0e:c3:d4:74:05:ed:2e:55:a7:af:bb:cb:2e:4f:fd: e0:1d:fc:0d:4b:91:63:83:09:9b:aa:fe:c8:40:1a: 2c:13:7d:28:9a:70:a7:71:ee:7f:50:3a:10:6e:fe: 4a:e2:9d:af:9c:a9:e4:68:93:f4:6e:f6:69:04:9f: 34:77:f8:3f:3d:d0:a5:51:d2:e6:0e:ad:79:5b:8a: 29:c7:2b:03:c5:5e:9b:09:38:d9:02:7a:49:b0:d7: ba:cc:0d:a2:42:3f:1b:ca:07:82:7b:85:4d:92:9c: 86:06:29:9e:f0:bd:06:73:db:45:44:0c:97:8d:74: 2c:7a:42:36:79:5b:97:bf:33:b4:52:f9:88:eb:08: 53:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:03:45:40:C9:DE:1E:E7:16:BF:2D:98:5E:FA:61:E5:CB:C1:D8:0F X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:f9:39:81:e7:01:78:52:38:55:30:8d:00:96:48:57:14:b7: 08:a2:38:fd:7a:13:84:26:64:3b:0a:bb:10:6e:99:7f:c9:2d: 1c:ea:33:ef:21:f9:f6:d0:09:08:da:61:f4:60:a3:78:31:19: 85:53:20:7c:db:d3:c9:ee:af:81:fc:0a:52:c2:f4:d7:aa:91: 12:1c:e5:95:07:7e:11:f2:84:b2:8e:0e:39:e5:8a:33:12:4c: 38:75:9f:48:a2:66:35:01:89:ce:6d:17:4f:4d:64:68:e0:91: a9:0b:37:cb:be:74:71:65:50:b9:95:59:15:ee:df:1e:6a:40: 35:23:e3:cf:66:77:9f:4f:95:39:94:d2:73:15:17:00:2a:ca: 5e:bb:d0:2e:64:6f:3b:c6:6f:91:84:1f:0e:c5:e8:d7:22:8b: 1a:6f:d3:f0:83:13:66:22:2a:fc:0f:da:e3:82:14:78:88:26: 5f:79:6f:75:20:13:01:20:3a:14:70:36:4a:d8:e6:0a:c8:2e: 45:bc:44:19:7e:d8:7f:6e:93:42:b6:fa:f5:ba:6f:e1:22:59: 8a:4b:ed:09:6e:16:68:05:20:9f:49:07:37:76:e4:b9:2e:15: d4:aa:0f:c8:2b:48:c2:87:88:7a:50:e1:de:b0:ed:75:6b:00: ec:a9:a4:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwODI0MTc0ODIwWhcNMjUwODMxMTc0ODIwWjAYMRYwFAYD VQQDEw02OGFiNTA2NC1hNmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzG4UmK/rVQd1bBMcMnB1ilzMIMQPlwjJ7meQwqtxrcZnOSl7565kDOpCtjLm 7ufKyHSzHP6W5klBv3maq9QtYqc6klddxaRLGXm5umhlh6lC/MfbiQVyjGP4MRwu a0iq89MvHF01h6wR4rlnMAnb56T6jLeWGDQOw9R0Be0uVaevu8suT/3gHfwNS5Fj gwmbqv7IQBosE30omnCnce5/UDoQbv5K4p2vnKnkaJP0bvZpBJ80d/g/PdClUdLm Dq15W4opxysDxV6bCTjZAnpJsNe6zA2iQj8bygeCe4VNkpyGBime8L0Gc9tFRAyX jXQsekI2eVuXvzO0UvmI6whTgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMUDRUDJ 3h7nFr8tmF76YeXLwdgPMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6+TmB5wF4UjhVMI0AlkhXFLcIojj9ehOEJmQ7CrsQbpl/yS0c6jPv Ifn20AkI2mH0YKN4MRmFUyB829PJ7q+B/ApSwvTXqpESHOWVB34R8oSyjg455Yoz Ekw4dZ9IomY1AYnObRdPTWRo4JGpCzfLvnRxZVC5lVkV7t8eakA1I+PPZnefT5U5 lNJzFRcAKspeu9AuZG87xm+RhB8OxejXIosab9PwgxNmIir8D9rjghR4iCZfeW91 IBMBIDoUcDZK2OYKyC5FvEQZfth/bpNCtvr1um/hIlmKS+0JbhZoBSCfSQc3duS5 LhXUqg/IK0jCh4h6UOHesO11awDsqaSW -----END CERTIFICATE-----Generated at Sun Aug 24 21:50:12 2025 by rpki-client