$ rpki-client -vvf rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft File: aMK1iNFoWlh0LYouGIhl2zEQPPc.mft (raw, json) Hash identifier: cFWugvFtTWWLACsSK1kAqBiAzW09pz4MRvihrKauiCQ= Subject key identifier: 98:A9:30:14:3B:F6:FB:7A:31:BD:4B:A7:6E:E6:B8:08:BC:8A:24:77 Authority key identifier: 68:C2:B5:88:D1:68:5A:58:74:2D:8A:2E:18:88:65:DB:31:10:3C:F7 Certificate issuer: /CN=A91AADAF/serialNumber=68C2B588D1685A58742D8A2E188865DB31103CF7 Certificate serial: 91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft Manifest number: 8F Signing time: Sat 19 Jul 2025 06:44:08 +0000 Manifest this update: Sat 19 Jul 2025 06:44:07 +0000 Manifest next update: Sat 26 Jul 2025 06:44:07 +0000 Files and hashes: 1: aMK1iNFoWlh0LYouGIhl2zEQPPc.crl (hash: +JCJTBncJod+CgCrzh00qiE3Dfm6rqsbv1ZON45ASVk=) 2: 01BA52A28CF411EFAE6F7F10C4F9AE02.roa (hash: EDXTUfDV5y3+rKMOJtb6JOA7sYGQ4kz4K9vrUd4nHN0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.crl rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:44:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 145 (0x91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AADAF, serialNumber=68C2B588D1685A58742D8A2E188865DB31103CF7 Validity Not Before: Jul 19 06:44:07 2025 GMT Not After : Jul 26 06:44:07 2025 GMT Subject: CN=687b3eb7-03bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ac:de:23:b8:7f:41:a2:84:3d:48:ad:35:c0: 3b:e1:e3:7f:0a:44:c1:a7:ce:71:7c:aa:4b:61:ff: 88:26:51:74:22:c6:c4:17:ac:c4:97:8a:6d:02:a1: 50:85:96:ba:89:aa:fd:ab:74:9f:63:58:de:27:f8: df:8a:85:fd:95:9d:ea:a9:91:d1:b8:cf:79:d4:82: 57:fa:27:65:c3:6f:73:0b:9e:c2:fb:54:19:1f:e8: b4:78:78:9a:6a:fe:dc:58:ac:31:70:f1:48:86:49: ec:74:72:37:83:17:9e:75:3b:de:e6:39:6c:e5:a4: 33:46:7c:d3:92:b7:85:2f:4f:a0:05:57:fa:eb:bf: 26:6b:d3:f2:d1:fb:e1:9a:37:79:25:73:8a:2f:5e: f1:04:54:00:85:5c:47:ca:c4:f6:15:44:85:a2:ab: c2:c5:ec:92:1b:5a:fc:ad:d4:1b:3a:a3:61:2d:6c: 4d:c8:19:b0:9a:29:96:43:22:6b:a5:6d:d5:43:19: 5f:94:67:9c:fd:da:44:1a:09:9c:3d:d9:62:75:70: 78:d0:34:6e:7d:17:3a:42:1a:31:02:50:1d:b8:54: de:25:f1:c5:5c:5d:44:a3:94:02:8b:3a:45:9d:59: a0:5f:68:3b:84:5a:3c:ef:3b:a8:8e:01:d8:03:24: 3c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:A9:30:14:3B:F6:FB:7A:31:BD:4B:A7:6E:E6:B8:08:BC:8A:24:77 X509v3 Authority Key Identifier: keyid:68:C2:B5:88:D1:68:5A:58:74:2D:8A:2E:18:88:65:DB:31:10:3C:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:9f:2c:c2:35:69:8b:25:11:fb:10:b6:5e:ab:90:e4:ef:cf: f7:42:39:81:d6:2a:39:23:e9:27:9b:05:bf:c8:60:5d:31:00: 4c:c0:90:4b:cf:46:d9:6e:77:f5:36:26:18:88:93:fd:a5:c0: 7c:2d:e6:0e:92:93:d1:21:28:5a:93:99:70:87:13:21:48:98: 65:c8:de:73:b1:76:a9:3b:f1:1f:b4:3d:ad:95:18:04:b5:32: 58:4b:ef:15:c9:ad:fa:b8:41:f4:19:e5:28:f8:7c:a6:38:9d: 79:ff:1a:b9:e1:74:4c:e7:7d:0d:f2:55:c3:64:90:88:1c:5a: ba:ce:fb:ff:39:73:82:e5:17:8f:d3:09:dd:7a:1e:d0:c2:ae: 8d:60:a8:61:6d:e7:f6:d7:9d:c2:33:cc:5b:d5:a1:43:e5:fd: e5:4f:8d:28:56:71:2a:95:26:89:ae:5a:26:35:04:8a:45:ea: 7f:90:13:be:d9:fb:13:cd:e5:83:9f:4e:c2:cf:9b:05:44:ba: 9b:59:11:af:cb:a2:b5:6b:fc:ff:e0:fc:f1:97:97:ad:c1:ee: 14:20:2e:30:a9:fb:f1:4d:1b:6e:8a:87:fe:08:bd:88:43:6d: 52:b2:af:68:54:be:b9:1b:d8:1b:d9:33:b0:a1:ba:50:0b:94: f2:fb:17:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFEQUYxMTAvBgNVBAUTKDY4QzJCNTg4RDE2ODVBNTg3NDJEOEEyRTE4ODg2NURC MzExMDNDRjcwHhcNMjUwNzE5MDY0NDA3WhcNMjUwNzI2MDY0NDA3WjAYMRYwFAYD VQQDEw02ODdiM2ViNy0wM2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqqzeI7h/QaKEPUitNcA74eN/CkTBp85xfKpLYf+IJlF0IsbEF6zEl4ptAqFQ hZa6iar9q3SfY1jeJ/jfioX9lZ3qqZHRuM951IJX+idlw29zC57C+1QZH+i0eHia av7cWKwxcPFIhknsdHI3gxeedTve5jls5aQzRnzTkreFL0+gBVf6678ma9Py0fvh mjd5JXOKL17xBFQAhVxHysT2FUSFoqvCxeySG1r8rdQbOqNhLWxNyBmwmimWQyJr pW3VQxlflGec/dpEGgmcPdlidXB40DRufRc6QhoxAlAduFTeJfHFXF1Eo5QCizpF nVmgX2g7hFo87zuojgHYAyQ8JwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJipMBQ7 9vt6Mb1Lp27muAi8iiR3MB8GA1UdIwQYMBaAFGjCtYjRaFpYdC2KLhiIZdsxEDz3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQURBRi84NzE1OUM5NjhD RjMxMUVGOUYzRUE0MEZDNEY5QUUwMi9hTUsxaU5Gb1dsaDBMWW91R0lobDJ6RVFQ UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FNSzFpTkZvV2xoMExZb3VHSWhsMnpFUVBQYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QURBRi84NzE1OUM5NjhDRjMxMUVGOUYzRUE0MEZDNEY5QUUwMi9hTUsxaU5Gb1ds aDBMWW91R0lobDJ6RVFQUGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvnyzCNWmLJRH7ELZeq5Dk78/3QjmB1io5I+knmwW/yGBdMQBMwJBL z0bZbnf1NiYYiJP9pcB8LeYOkpPRIShak5lwhxMhSJhlyN5zsXapO/EftD2tlRgE tTJYS+8Vya36uEH0GeUo+HymOJ15/xq54XRM530N8lXDZJCIHFq6zvv/OXOC5ReP 0wndeh7Qwq6NYKhhbef2153CM8xb1aFD5f3lT40oVnEqlSaJrlomNQSKRep/kBO+ 2fsTzeWDn07Cz5sFRLqbWRGvy6K1a/z/4Pzxl5etwe4UIC4wqfvxTRtuiof+CL2I Q21Ssq9oVL65G9gb2TOwobpQC5Ty+xe5 -----END CERTIFICATE-----Generated at Sun Jul 20 18:46:33 2025 by rpki-client