$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: Xr80Ul4OQhQlXxgOblsqc/5JOjwGPaivaB3xRtSXU/M= Subject key identifier: 9F:86:54:10:79:78:83:1D:B3:74:E1:6A:7D:27:A1:39:2D:D2:32:7B Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 09 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 08 Signing time: Mon 21 Jul 2025 08:22:00 +0000 Manifest this update: Mon 21 Jul 2025 08:22:00 +0000 Manifest next update: Mon 28 Jul 2025 08:22:00 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: KWpHLdG1Y1DXnyG6y41gxUc8MNVbRYe5xGBYRt9rHrQ=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 08:21:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Jul 21 08:22:00 2025 GMT Not After : Jul 28 08:22:00 2025 GMT Subject: CN=687df8a8-d64b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:aa:dd:a8:fc:57:13:7c:57:e2:03:57:45:bf: 9e:51:10:69:d0:b1:9d:86:a8:92:f4:5c:4c:4b:6a: 46:ff:01:44:a0:04:4f:3f:9d:bc:2d:b8:b2:98:3a: 03:c0:9d:2f:b0:10:67:b1:2e:56:d5:df:cc:24:ee: cc:a8:7c:00:b0:f9:77:5a:d9:1c:19:60:40:34:d4: 7c:32:19:bb:5d:53:0e:9e:72:bb:b6:43:0f:35:d8: 4e:1d:8b:9e:f3:b0:fd:f3:33:4a:d1:78:8d:29:b5: 8f:54:a3:38:c5:c5:64:82:6b:d3:6b:94:4d:01:a5: 2e:4a:07:47:ee:70:bf:8d:a8:d2:3c:a2:e0:86:53: b9:7f:44:80:eb:0b:89:3a:74:6a:eb:f5:82:b2:05: 74:e6:89:53:69:3b:bb:84:3f:ae:51:4d:03:c9:d7: d8:7a:67:74:66:20:14:a4:f5:71:2f:03:67:fd:29: a3:6d:54:98:b8:82:5a:84:ac:a5:32:7f:9b:6a:b6: bd:e1:c1:54:10:8d:6a:a5:1e:df:36:60:1d:74:9c: d2:47:19:0b:1d:bb:af:cf:a0:e6:17:1a:93:40:98: 31:91:db:93:9e:b5:a3:af:a7:0b:4a:e8:a6:f5:7e: 45:65:b1:54:87:7c:c4:7b:44:05:db:31:2e:99:52: 1f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:86:54:10:79:78:83:1D:B3:74:E1:6A:7D:27:A1:39:2D:D2:32:7B X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:0c:a0:2d:9d:e9:b0:49:9a:62:cd:67:df:ea:ca:ad:b3:d4: 16:57:a4:19:fa:45:35:45:21:e1:35:fe:6d:fc:52:3f:c9:35: 77:05:db:ab:0e:32:3c:77:7a:3a:a2:88:2f:82:05:6e:07:ab: 41:7a:6d:91:54:fe:7d:39:9c:af:ad:00:33:3d:b9:4a:f4:67: 5a:a3:f9:c7:26:2f:5e:86:13:4c:7b:d3:14:c4:b8:83:e1:80: 6c:d1:de:c0:a4:7d:c6:72:07:c2:42:b3:53:34:b0:0e:92:e6: 65:4a:32:1c:d4:d0:52:a1:01:ed:76:47:d6:8b:e2:fa:50:0f: 8e:7b:84:6d:b4:59:1e:3d:e9:bd:4b:c3:44:7f:5b:73:0b:d5: 8c:22:20:93:bf:d9:b2:d7:25:f1:42:32:93:62:e0:f4:b4:fa: 69:1b:f5:79:04:a1:8f:81:3b:40:7a:8b:20:d2:6c:99:90:2b: 70:b1:53:a8:48:ea:35:cb:f3:1b:ce:45:0d:6f:1e:ac:83:6d: 5e:b2:c4:ef:6f:90:9a:5a:c6:45:f0:bb:2c:a1:59:9b:b8:ee: f2:f8:b3:9d:46:69:2d:a0:e4:a7:1e:07:ea:d4:e0:8e:9b:98: 75:bb:2e:5d:5e:49:45:46:33:72:e2:15:a4:b6:65:cd:f9:4a: 70:b8:cc:ee -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTA3MjEwODIyMDBaFw0yNTA3MjgwODIyMDBaMBgxFjAUBgNV BAMTDTY4N2RmOGE4LWQ2NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6qt2o/FcTfFfiA1dFv55REGnQsZ2GqJL0XExLakb/AUSgBE8/nbwtuLKYOgPA nS+wEGexLlbV38wk7syofACw+Xda2RwZYEA01HwyGbtdUw6ecru2Qw812E4di57z sP3zM0rReI0ptY9UozjFxWSCa9NrlE0BpS5KB0fucL+NqNI8ouCGU7l/RIDrC4k6 dGrr9YKyBXTmiVNpO7uEP65RTQPJ19h6Z3RmIBSk9XEvA2f9KaNtVJi4glqErKUy f5tqtr3hwVQQjWqlHt82YB10nNJHGQsdu6/PoOYXGpNAmDGR25OetaOvpwtK6Kb1 fkVlsVSHfMR7RAXbMS6ZUh/vAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUn4ZUEHl4 gx2zdOFqfSehOS3SMnswHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy NURGL0U2MTI0MDgyNUVENTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5 MnBWTHdhQWtUTU1XMTlUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJEMoC2d6bBJmmLNZ9/qyq2z1BZXpBn6RTVFIeE1/m38Uj/JNXcF26sO Mjx3ejqiiC+CBW4Hq0F6bZFU/n05nK+tADM9uUr0Z1qj+ccmL16GE0x70xTEuIPh gGzR3sCkfcZyB8JCs1M0sA6S5mVKMhzU0FKhAe12R9aL4vpQD457hG20WR496b1L w0R/W3ML1YwiIJO/2bLXJfFCMpNi4PS0+mkb9XkEoY+BO0B6iyDSbJmQK3CxU6hI 6jXL8xvORQ1vHqyDbV6yxO9vkJpaxkXwuyyhWZu47vL4s51GaS2g5KceB+rU4I6b mHW7Ll1eSUVGM3LiFaS2Zc35SnC4zO4= -----END CERTIFICATE-----Generated at Mon Jul 21 12:26:20 2025 by rpki-client