$ rpki-client -vvf rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft File: 28IYSbtMFwTSMZPEG3DGaxqWVi8.mft (raw, json) Hash identifier: o61VEeKtI/jMT3rcJ+/ANzTNVVkoZ0JaeJCcN4JdlQA= Subject key identifier: D6:E5:B2:E5:11:D4:2B:1C:E3:C0:62:D1:9A:0D:0E:61:83:FB:F9:40 Authority key identifier: DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F Certificate issuer: /CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Certificate serial: 156F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft Manifest number: 1563 Signing time: Sun 24 Aug 2025 16:45:38 +0000 Manifest this update: Sun 24 Aug 2025 16:45:37 +0000 Manifest next update: Sun 31 Aug 2025 16:45:37 +0000 Files and hashes: 1: 28IYSbtMFwTSMZPEG3DGaxqWVi8.crl (hash: uDpHYi85URYPk0qe69o1+YAjvP1hZjyEdFWvfFdTd2M=) 2: 13EB2806503611F0AE9ACE86C4F9AE02.roa (hash: 5U+qNAcyg11e1mcFFeSSmJQHAt3E5ngFjCNuSAbr96I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 16:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5487 (0x156f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C233, serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Validity Not Before: Aug 24 16:45:37 2025 GMT Not After : Aug 31 16:45:37 2025 GMT Subject: CN=68ab41b1-afcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5f:74:e7:dd:79:90:fa:41:75:e1:c5:45:42: 09:88:aa:23:57:81:60:c4:3a:fb:07:96:46:bb:d9: fc:5a:14:86:20:c5:53:86:5f:b4:3d:d9:16:cd:96: 15:fa:76:c5:c6:bb:b0:cc:a8:10:b4:b0:ac:92:c0: 12:22:85:22:c2:aa:6d:03:20:58:77:7d:9a:12:58: 23:dc:ab:6c:c0:74:65:26:23:3f:c3:91:8f:57:8c: 0f:f5:3c:6c:7c:61:8c:5f:9e:52:6e:72:6f:8a:66: cd:07:9e:0d:5b:9a:c1:e0:c4:89:34:9d:1a:0a:32: 6f:44:9c:37:02:62:4f:e5:62:a5:eb:6c:26:60:d2: 25:6a:8e:20:c7:bb:9f:74:5a:ab:3c:ef:4b:62:0e: c0:a2:8f:6f:10:cb:4d:f5:55:7a:39:1e:a7:2b:19: e5:2e:45:3a:6c:29:f3:4d:0e:5a:c9:ea:cb:a7:03: 9a:a5:2f:b0:3c:aa:33:a2:a9:7d:4a:43:65:95:11: c9:d2:bb:69:21:e8:0f:51:5a:d6:95:14:13:48:94: 72:dc:37:26:97:6b:81:7e:40:ec:51:c0:24:81:56: f6:82:8f:06:2f:d6:43:a5:d7:7e:88:f0:fb:72:ee: ed:4b:d3:28:20:65:06:05:69:d3:04:6b:2a:70:44: d4:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:E5:B2:E5:11:D4:2B:1C:E3:C0:62:D1:9A:0D:0E:61:83:FB:F9:40 X509v3 Authority Key Identifier: keyid:DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:ad:70:84:bc:33:34:ea:da:3d:f5:b6:eb:1e:fa:65:50:8d: a7:dd:0f:ff:3a:c3:49:83:1f:16:00:f8:79:f3:c4:93:41:a6: bb:08:69:fc:8e:55:ff:5e:48:f0:6c:c4:13:6c:30:c0:30:5d: 03:7a:60:d2:bc:d8:6a:e2:87:a4:58:c2:24:6d:5a:e4:72:b3: 7b:df:2e:39:e0:c1:90:39:09:98:62:86:3e:ad:43:13:7b:9d: 48:a9:53:fc:94:d1:34:68:1c:e1:30:cc:8f:06:be:ac:52:f9: 07:cd:43:f1:b7:b5:28:dc:fb:b4:2f:50:68:38:6f:ab:9e:ed: f1:08:e3:4f:45:81:ff:73:5d:8b:ab:ea:61:70:11:6f:08:6f: 8b:3a:ed:c6:d6:26:b1:f5:db:3c:5b:26:1e:9e:85:df:81:16: 25:b6:8a:23:c8:73:52:76:1f:42:57:15:aa:28:f2:96:e8:ea: a9:1b:29:c7:97:76:6a:48:2b:11:77:6b:93:fb:94:7a:06:58: c4:c4:e7:72:c4:3a:4a:c1:ae:08:e4:c8:25:cc:1b:f2:d6:da: 2f:3e:22:31:30:86:c3:0d:65:90:18:6e:9b:ef:dc:8d:1e:fa: 06:09:70:84:61:89:46:65:a7:7c:91:c6:1b:d9:96:be:12:c5: 99:cb:81:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFW8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMyMzMxMTAvBgNVBAUTKERCQzIxODQ5QkI0QzE3MDREMjMxOTNDNDFCNzBDNjZC MUE5NjU2MkYwHhcNMjUwODI0MTY0NTM3WhcNMjUwODMxMTY0NTM3WjAYMRYwFAYD VQQDEw02OGFiNDFiMS1hZmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5F905915kPpBdeHFRUIJiKojV4FgxDr7B5ZGu9n8WhSGIMVThl+0PdkWzZYV +nbFxruwzKgQtLCsksASIoUiwqptAyBYd32aElgj3KtswHRlJiM/w5GPV4wP9Txs fGGMX55SbnJvimbNB54NW5rB4MSJNJ0aCjJvRJw3AmJP5WKl62wmYNIlao4gx7uf dFqrPO9LYg7Aoo9vEMtN9VV6OR6nKxnlLkU6bCnzTQ5ayerLpwOapS+wPKozoql9 SkNllRHJ0rtpIegPUVrWlRQTSJRy3Dcml2uBfkDsUcAkgVb2go8GL9ZDpdd+iPD7 cu7tS9MoIGUGBWnTBGsqcETUqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNblsuUR 1Csc48Bi0ZoNDmGD+/lAMB8GA1UdIwQYMBaAFNvCGEm7TBcE0jGTxBtwxmsallYv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzIzMy8xRkRBRkQ2MjQz RTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3VFNNWlBFRzNER2F4cVdW aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI4SVlTYnRNRndUU01aUEVHM0RHYXhxV1ZpOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzIzMy8xRkRBRkQ2MjQzRTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3 VFNNWlBFRzNER2F4cVdWaTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBErXCEvDM06to99bbrHvplUI2n3Q//OsNJgx8WAPh588STQaa7CGn8 jlX/XkjwbMQTbDDAMF0DemDSvNhq4oekWMIkbVrkcrN73y454MGQOQmYYoY+rUMT e51IqVP8lNE0aBzhMMyPBr6sUvkHzUPxt7Uo3Pu0L1BoOG+rnu3xCONPRYH/c12L q+phcBFvCG+LOu3G1iax9ds8WyYenoXfgRYltoojyHNSdh9CVxWqKPKW6OqpGynH l3ZqSCsRd2uT+5R6BljExOdyxDpKwa4I5MglzBvy1tovPiIxMIbDDWWQGG6b79yN HvoGCXCEYYlGZad8kcYb2Za+EsWZy4F3 -----END CERTIFICATE-----Generated at Sun Aug 24 21:40:43 2025 by rpki-client