$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft File: xvdY7N3EybD3LwZcNa1UaXQycRs.mft (raw, json) Hash identifier: FWmeSf8NJqvms8SS0/X/dhBIHDQhCvi5OH8SDTRVnjQ= Subject key identifier: 32:6A:03:54:BB:D4:B3:04:14:3C:83:64:B3:FB:3A:6D:D0:61:27:F2 Authority key identifier: C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B Certificate issuer: /CN=A91E8DF5/serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Certificate serial: 57 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft Manifest number: 4E Signing time: Fri 25 Jul 2025 07:43:22 +0000 Manifest this update: Fri 25 Jul 2025 07:43:22 +0000 Manifest next update: Fri 01 Aug 2025 07:43:22 +0000 Files and hashes: 1: xvdY7N3EybD3LwZcNa1UaXQycRs.crl (hash: /CA6cYkT4RBQhGmntwsHD6cPMbD+os/iwJKD3R4ZX3Q=) 2: 8F9B067EF96011EF89D9E37DC4F9AE02.roa (hash: C4f1DGgr88zvtZI01sEk4X9+P0XVPyTaQ0X1w0t3gJE=) 3: 8F350932F96011EF89D9E37DC4F9AE02.roa (hash: EiButkFaJmxH2f9GmfvH+3lmi0BQDdaX71kUaJ4cIPE=) 4: 8EB1E9BCF96011EF89D9E37DC4F9AE02.roa (hash: ckgf3xD+pqJNwNoVSxIFNqkicDtbDleG9nDMcEDte9Q=) 5: 917D3A184BED11F0A2F7CC21C4F9AE02.roa (hash: IYpTiwoDdKk+DKwv65zZ7BTxOeFfDIMdePJWFd5JpGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 01 Aug 2025 07:43:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8DF5, serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Validity Not Before: Jul 25 07:43:22 2025 GMT Not After : Aug 1 07:43:22 2025 GMT Subject: CN=6883359a-1a34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f5:f0:6c:c1:e5:ec:1f:13:2c:18:4b:cc:f2: 87:b8:3c:04:a7:cc:06:49:20:ec:3c:10:01:fa:c4: 8b:c4:72:1d:ec:69:ac:c8:fa:4d:53:7b:2c:ee:f1: 63:01:81:0d:7a:e6:31:80:5f:ed:fd:07:92:52:64: c0:20:39:be:3a:d5:81:45:ef:d3:d8:11:e5:fa:8e: 90:a0:2a:da:26:1d:f0:87:c3:12:dc:4d:6e:36:ea: b7:21:51:5d:3b:9f:8b:13:7c:d3:92:73:2b:91:b1: 9f:e0:fd:03:a4:8e:0a:f8:89:27:c4:8b:68:5d:57: 7e:62:0e:ab:86:77:3a:06:46:55:12:62:de:cb:2a: 5a:9f:7a:07:0f:e1:81:97:2e:a7:98:bf:bb:23:22: ff:09:e7:c5:8e:04:ec:b1:04:18:74:86:85:c2:d5: 21:c1:0b:68:0f:6d:46:4e:21:81:49:b2:56:49:c9: eb:c9:62:6b:e8:2e:ff:a3:df:e5:c0:90:8c:7d:d1: bc:b4:2e:c6:ff:7f:19:ef:eb:2a:e3:f1:ec:27:e3: 08:eb:ab:06:13:11:db:9d:1d:fb:b1:5e:a5:6e:68: 44:f9:97:01:93:34:66:44:d4:8d:4b:5f:db:db:07: e4:83:13:04:6a:ca:09:6b:52:e0:79:d3:d0:55:fc: a0:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:6A:03:54:BB:D4:B3:04:14:3C:83:64:B3:FB:3A:6D:D0:61:27:F2 X509v3 Authority Key Identifier: keyid:C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:bf:a2:33:e4:c2:97:51:59:da:c9:74:ea:7b:f9:d2:73:35: 9b:2a:8e:c0:60:9d:3a:d2:20:13:cd:76:b0:f6:13:72:38:a7: 75:ca:0f:db:d7:59:a6:a1:6c:fa:6c:63:37:4d:e8:ef:de:c7: a3:2f:da:b0:f7:e2:38:67:92:3b:46:75:c5:6a:49:70:ce:fe: 13:14:54:bb:c0:a9:20:ba:ab:9c:16:40:2b:69:c4:b9:d8:9d: 9d:ee:95:30:07:e5:06:f8:a8:95:54:d6:57:fc:0c:f5:5f:6a: 29:ff:e3:d4:0b:ce:bc:dc:bf:5b:69:a5:30:ce:3e:49:68:c7: f1:66:e7:fa:6d:bb:06:31:ce:e0:3f:f0:4d:00:42:7a:bd:28: f4:20:32:35:9d:e5:16:1f:14:97:03:aa:a4:c6:b1:63:36:6e: 00:9d:8b:67:5e:ec:05:a5:f8:f8:f2:5d:86:86:66:79:19:6e: 63:54:89:ad:41:83:11:c5:39:25:2e:58:c1:e2:41:0d:2e:39: e6:25:12:87:f3:f3:77:64:09:b3:73:d6:ed:4a:d4:9d:48:f4: 56:ec:59:b0:8b:e8:41:fa:22:d7:8f:e4:17:60:7e:2e:0e:eb: a6:fb:bd:7a:bd:f6:20:ce:fa:8b:fd:8e:4f:c7:d1:78:05:50: a5:ca:3f:a9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OERGNTExMC8GA1UEBRMoQzZGNzU4RUNEREM0QzlCMEY3MkYwNjVDMzVBRDU0Njk3 NDMyNzExQjAeFw0yNTA3MjUwNzQzMjJaFw0yNTA4MDEwNzQzMjJaMBgxFjAUBgNV BAMTDTY4ODMzNTlhLTFhMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC39fBsweXsHxMsGEvM8oe4PASnzAZJIOw8EAH6xIvEch3saazI+k1Teyzu8WMB gQ165jGAX+39B5JSZMAgOb461YFF79PYEeX6jpCgKtomHfCHwxLcTW426rchUV07 n4sTfNOScyuRsZ/g/QOkjgr4iSfEi2hdV35iDquGdzoGRlUSYt7LKlqfegcP4YGX LqeYv7sjIv8J58WOBOyxBBh0hoXC1SHBC2gPbUZOIYFJslZJyevJYmvoLv+j3+XA kIx90by0Lsb/fxnv6yrj8ewn4wjrqwYTEdudHfuxXqVuaET5lwGTNGZE1I1LX9vb B+SDEwRqyglrUuB509BV/KC3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUMmoDVLvU swQUPINks/s6bdBhJ/IwHwYDVR0jBBgwFoAUxvdY7N3EybD3LwZcNa1UaXQycRsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1LzMxRTBGMTZBRjk2 MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJEM0x3WmNOYTFVYVhReWNS cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveHZkWTdOM0V5YkQzTHdaY05hMVVhWFF5Y1JzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 REY1LzMxRTBGMTZBRjk2MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJE M0x3WmNOYTFVYVhReWNScy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAG/ojPkwpdRWdrJdOp7+dJzNZsqjsBgnTrSIBPNdrD2E3I4p3XKD9vX WaahbPpsYzdN6O/ex6Mv2rD34jhnkjtGdcVqSXDO/hMUVLvAqSC6q5wWQCtpxLnY nZ3ulTAH5Qb4qJVU1lf8DPVfain/49QLzrzcv1tppTDOPklox/Fm5/ptuwYxzuA/ 8E0AQnq9KPQgMjWd5RYfFJcDqqTGsWM2bgCdi2de7AWl+PjyXYaGZnkZbmNUia1B gxHFOSUuWMHiQQ0uOeYlEofz83dkCbNz1u1K1J1I9FbsWbCL6EH6IteP5Bdgfi4O 66b7vXq99iDO+ov9jk/H0XgFUKXKP6k= -----END CERTIFICATE-----Generated at Sat Jul 26 02:00:19 2025 by rpki-client