$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: iv1IhTXCgEthriL3bmCBg2cOmYNb3gXwCrecdEIN1XQ= Subject key identifier: E4:C7:7E:F6:D9:CF:32:7B:7F:79:D7:B3:9C:91:41:9F:93:1E:F0:77 Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 0120 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 011E Signing time: Sat 19 Jul 2025 04:59:01 +0000 Manifest this update: Sat 19 Jul 2025 04:59:01 +0000 Manifest next update: Sat 26 Jul 2025 04:59:01 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: w/35daoIa4zhpLTsB6r9te4+XiuLlyAXIXP5Es7xefU=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:59:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 288 (0x120) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: Jul 19 04:59:01 2025 GMT Not After : Jul 26 04:59:01 2025 GMT Subject: CN=687b2615-38fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2f:b4:7e:f1:28:43:79:c4:f3:cb:e3:ef:e5: ef:b6:69:b1:90:2a:d4:a3:71:3f:30:e5:0d:49:a6: b1:ec:a4:58:da:9d:9a:3e:1c:17:3d:b6:1c:12:72: 04:2b:cf:4d:15:0d:91:95:22:80:4a:40:20:a0:d5: 13:14:52:ac:16:54:7c:ef:f1:a2:7a:f3:0e:77:82: df:8e:1e:de:62:13:28:31:16:1e:67:b8:97:11:f6: f0:09:83:f5:a4:28:c4:c7:9f:aa:ec:f1:db:5e:29: 54:f8:39:5a:0f:21:2c:27:6b:2a:9b:aa:c8:52:a1: 20:7d:07:d6:da:73:97:6e:5a:6e:a2:88:dd:26:1a: 4f:8f:65:c6:14:60:41:b8:ad:0e:ec:3e:d3:ab:d3: 2c:bb:f9:82:13:6c:5b:ba:b2:42:25:21:02:fd:78: 89:ad:5c:11:13:80:67:3e:95:27:6b:34:19:d7:8e: b7:ce:c3:c3:81:9a:2d:75:33:cc:8e:60:21:9f:23: bb:25:02:87:5b:05:a5:a0:2f:27:76:84:67:21:18: 21:bb:fb:e9:fb:72:b8:81:72:33:79:56:86:a5:10: 64:27:28:ad:23:37:27:6b:65:3a:1d:ef:58:2f:1d: d4:e8:f2:15:94:bf:05:a7:9b:0e:79:7c:0e:3e:11: 64:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:C7:7E:F6:D9:CF:32:7B:7F:79:D7:B3:9C:91:41:9F:93:1E:F0:77 X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:be:29:54:71:a3:0e:21:85:d9:e8:d9:b5:49:f4:28:7f:e2: e9:1d:f8:ee:9e:01:f8:72:69:dc:2c:96:e9:ed:85:59:cb:6f: 1a:17:f7:90:20:65:fc:60:58:09:a8:74:fc:7a:1d:1d:c5:95: 85:04:f1:9d:dc:1a:aa:43:20:71:23:a7:9b:52:5a:c7:67:19: a7:b3:d3:a6:fc:fa:77:16:e4:93:42:bd:a4:a7:95:c6:93:a8: 9a:3a:6b:2d:72:3d:95:1d:30:15:9f:1e:b6:f7:14:8e:9f:2a: ad:52:fe:48:6d:9a:2a:e4:4e:1c:e7:63:ff:c5:ef:f9:90:93: e1:1c:b9:7b:fe:48:a3:e6:23:c3:1a:ee:a9:de:7e:fd:8d:4a: 60:47:22:91:27:c4:a2:52:75:1d:3a:e2:9d:02:4c:ee:d1:df: 3e:ce:36:aa:d4:b5:cf:6f:0f:62:d0:51:f2:55:71:c9:b1:ef: 8d:69:66:c2:3f:f9:6c:6e:99:06:b6:9b:d6:83:3a:5e:26:be: ac:b3:7e:68:8e:43:70:67:96:5a:f5:24:6d:6b:35:3e:28:d0: 22:31:b5:39:8d:13:a8:40:ab:ba:b4:49:fd:21:c9:95:aa:e2: 9c:62:7a:f8:d3:48:e5:b9:67:be:09:00:c5:51:61:dc:3f:7c: 27:27:9a:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUwNzE5MDQ1OTAxWhcNMjUwNzI2MDQ1OTAxWjAYMRYwFAYD VQQDEw02ODdiMjYxNS0zOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuS+0fvEoQ3nE88vj7+XvtmmxkCrUo3E/MOUNSaax7KRY2p2aPhwXPbYcEnIE K89NFQ2RlSKASkAgoNUTFFKsFlR87/GievMOd4Lfjh7eYhMoMRYeZ7iXEfbwCYP1 pCjEx5+q7PHbXilU+DlaDyEsJ2sqm6rIUqEgfQfW2nOXblpuoojdJhpPj2XGFGBB uK0O7D7Tq9Msu/mCE2xburJCJSEC/XiJrVwRE4BnPpUnazQZ1463zsPDgZotdTPM jmAhnyO7JQKHWwWloC8ndoRnIRghu/vp+3K4gXIzeVaGpRBkJyitIzcna2U6He9Y Lx3U6PIVlL8Fp5sOeXwOPhFkcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOTHfvbZ zzJ7f3nXs5yRQZ+THvB3MB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMvilUcaMOIYXZ6Nm1SfQof+LpHfjungH4cmncLJbp7YVZy28aF/eQ IGX8YFgJqHT8eh0dxZWFBPGd3BqqQyBxI6ebUlrHZxmns9Om/Pp3FuSTQr2kp5XG k6iaOmstcj2VHTAVnx629xSOnyqtUv5IbZoq5E4c52P/xe/5kJPhHLl7/kij5iPD Gu6p3n79jUpgRyKRJ8SiUnUdOuKdAkzu0d8+zjaq1LXPbw9i0FHyVXHJse+NaWbC P/lsbpkGtpvWgzpeJr6ss35ojkNwZ5Za9SRtazU+KNAiMbU5jROoQKu6tEn9IcmV quKcYnr400jluWe+CQDFUWHcP3wnJ5oh -----END CERTIFICATE-----Generated at Sun Jul 20 11:29:09 2025 by rpki-client