$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft File: MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft (raw, json) Hash identifier: 5GpDwRND9EjoH4lPrjkPXfgX7pUNDE8PXTvcahiANYg= Subject key identifier: 40:52:46:46:44:F7:DA:9B:47:83:A8:70:A4:FA:3B:F7:3E:91:84:D7 Authority key identifier: 30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 Certificate issuer: /CN=A91B9EC7/serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Certificate serial: 014C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft Manifest number: 014A Signing time: Thu 21 Aug 2025 04:21:54 +0000 Manifest this update: Thu 21 Aug 2025 04:21:53 +0000 Manifest next update: Thu 28 Aug 2025 04:21:53 +0000 Files and hashes: 1: MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl (hash: eYCfMXWXUAxy89CqokCuaWc3HJtgIRDB8xBXqxTuDcg=) 2: 02FC3E3C82A511EEA1F2710DC4F9AE02.roa (hash: 6W6Gywd7YHiIdjjDyCFNskNZyB3wgY++Ir7hfO/X2TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 04:21:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 332 (0x14c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9EC7, serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Validity Not Before: Aug 21 04:21:53 2025 GMT Not After : Aug 28 04:21:53 2025 GMT Subject: CN=68a69ee1-a365 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:26:39:e7:c3:30:e6:87:73:0b:c4:26:3e:f4: 12:f2:d1:e4:7e:d0:31:ad:3d:97:aa:00:fe:ac:52: 03:ea:cd:12:6f:3f:f8:c9:96:ab:7d:cb:ac:d3:de: 15:c6:6d:48:70:9f:b3:df:47:f6:b1:8e:4d:49:7e: 7d:56:8a:43:d2:8e:86:fb:ed:ed:55:ce:79:50:c6: 65:13:a2:1c:92:b2:ca:76:9b:8c:93:74:12:ac:b8: 3f:fa:12:63:bb:5b:0b:57:59:8f:74:3f:46:b7:25: 8a:50:3b:de:1a:5f:54:0d:55:3c:19:d1:3f:17:e7: ff:fb:52:3c:ab:a1:d5:81:b8:cc:5b:e6:99:37:bf: 1d:3c:ce:03:bc:99:a6:92:54:f7:40:22:93:bf:43: d5:dd:9e:98:0e:12:3d:d8:67:40:98:3f:78:22:0d: 3f:9c:fa:c7:84:1b:a0:9e:18:70:c3:de:43:18:a4: d4:bb:94:1e:c1:0b:cd:c4:23:cb:25:06:e4:78:63: d3:61:b6:08:db:2e:93:ae:e0:07:07:88:02:ed:f8: b6:a0:d3:1e:bc:f5:3b:a9:ee:57:6b:fe:3a:d7:15: 8f:9b:58:59:a8:70:f1:f8:33:60:bc:5e:15:77:27: 91:e1:74:fc:5a:a9:f6:76:76:27:f1:9b:74:df:13: 40:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:52:46:46:44:F7:DA:9B:47:83:A8:70:A4:FA:3B:F7:3E:91:84:D7 X509v3 Authority Key Identifier: keyid:30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:81:c7:f9:fe:1b:7c:76:1c:97:9b:4d:af:e2:b9:fe:ba:bb: 18:26:c3:d7:06:1c:8e:77:8c:5a:7a:cb:5a:d9:72:7c:e7:bc: 7c:4c:e8:66:27:64:08:33:57:d4:5c:9b:03:4d:51:0b:4c:a6: 82:1c:47:ee:3d:3f:35:34:04:e7:75:04:11:db:c0:13:92:9c: f5:31:f1:73:92:6c:47:ab:f2:04:ca:ba:e2:03:7d:73:36:25: 2a:db:1d:4c:62:1d:94:33:c0:0d:73:b0:07:7c:3b:1f:dc:45: f1:a8:11:c0:24:6b:d6:7d:a7:7a:2c:b3:e8:3f:13:2f:8e:31: 35:d6:4e:5b:8e:d9:16:60:a6:b2:81:d0:21:39:d7:9c:85:7b: 66:6b:a4:e1:e7:88:71:88:ed:ff:d3:7f:7a:f4:8c:a5:2c:78: 0c:ac:c2:75:c7:af:ad:93:b9:a8:6b:ed:23:75:05:fd:d9:ad: 3c:09:49:fe:0b:b3:32:73:ec:8d:1e:56:bd:6c:38:e5:95:3f: 8d:24:bb:ee:94:73:69:35:9f:99:4a:3d:03:0e:e5:86:21:57: a9:c8:67:be:b5:ee:fd:63:5d:89:fd:68:90:c3:7f:04:64:93: 91:72:c0:f2:3d:d2:f8:d2:76:a6:07:14:4b:b0:cf:06:9a:66: e3:5e:38:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlFQzcxMTAvBgNVBAUTKDMwNkUzNEZBODREQTA5MEM2MDAxQjM1NDY0QkI4QzQy NjM1N0Q5MjgwHhcNMjUwODIxMDQyMTUzWhcNMjUwODI4MDQyMTUzWjAYMRYwFAYD VQQDEw02OGE2OWVlMS1hMzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwiY558Mw5odzC8QmPvQS8tHkftAxrT2XqgD+rFID6s0Sbz/4yZarfcus094V xm1IcJ+z30f2sY5NSX59VopD0o6G++3tVc55UMZlE6IckrLKdpuMk3QSrLg/+hJj u1sLV1mPdD9GtyWKUDveGl9UDVU8GdE/F+f/+1I8q6HVgbjMW+aZN78dPM4DvJmm klT3QCKTv0PV3Z6YDhI92GdAmD94Ig0/nPrHhBugnhhww95DGKTUu5QewQvNxCPL JQbkeGPTYbYI2y6TruAHB4gC7fi2oNMevPU7qe5Xa/461xWPm1hZqHDx+DNgvF4V dyeR4XT8Wqn2dnYn8Zt03xNAiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEBSRkZE 99qbR4OocKT6O/c+kYTXMB8GA1UdIwQYMBaAFDBuNPqE2gkMYAGzVGS7jEJjV9ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVDNy9FNjNGMkY4QTgy QTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNReGdBYk5VWkx1TVFtTlgy U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01HNDAtb1RhQ1F4Z0FiTlVaTHVNUW1OWDJTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUVDNy9FNjNGMkY4QTgyQTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNR eGdBYk5VWkx1TVFtTlgyU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQgcf5/ht8dhyXm02v4rn+ursYJsPXBhyOd4xaesta2XJ857x8TOhm J2QIM1fUXJsDTVELTKaCHEfuPT81NATndQQR28ATkpz1MfFzkmxHq/IEyrriA31z NiUq2x1MYh2UM8ANc7AHfDsf3EXxqBHAJGvWfad6LLPoPxMvjjE11k5bjtkWYKay gdAhOdechXtma6Th54hxiO3/03969IylLHgMrMJ1x6+tk7moa+0jdQX92a08CUn+ C7Myc+yNHla9bDjllT+NJLvulHNpNZ+ZSj0DDuWGIVepyGe+te79Y12J/WiQw38E ZJORcsDyPdL40namBxRLsM8GmmbjXjht -----END CERTIFICATE-----Generated at Fri Aug 22 16:20:35 2025 by rpki-client