$ rpki-client -vvf rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft File: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft (raw, json) Hash identifier: XER7szppdAyHqKU7MVEXoXmeABI3Vlm6nNBLGVanxTc= Subject key identifier: 95:F8:8E:D2:A7:CB:FE:80:82:1D:3D:AD:3B:9F:50:AD:08:BC:F1:FB Authority key identifier: F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 Certificate issuer: /CN=A91329C1/serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Certificate serial: 02BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft Manifest number: 02BA Signing time: Thu 21 Aug 2025 01:38:22 +0000 Manifest this update: Thu 21 Aug 2025 01:38:21 +0000 Manifest next update: Thu 28 Aug 2025 01:38:21 +0000 Files and hashes: 1: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl (hash: VakwNHBrB7CXOekTi2zK5WFvTd6g5nhThFHrwnHOblA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 01:38:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 702 (0x2be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91329C1, serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Validity Not Before: Aug 21 01:38:21 2025 GMT Not After : Aug 28 01:38:21 2025 GMT Subject: CN=68a6788e-6a49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:55:e6:10:5b:db:90:8f:1d:e6:98:87:58:2c: c8:1e:33:56:33:13:74:a7:46:35:21:df:2e:44:a4: 2e:c9:26:96:3e:05:c5:85:f8:85:e1:7c:ec:cd:9e: c2:95:04:3f:8c:5a:89:f3:d8:d4:29:7d:cf:2a:39: 88:62:e8:17:ad:fd:c0:17:2c:77:e3:20:34:d8:39: 06:a5:18:f4:d6:4f:d4:62:65:65:be:69:66:06:d5: ea:64:4b:5d:b5:57:06:fd:94:8e:81:be:98:dd:80: d0:9e:f7:a2:89:1d:f7:98:58:e9:29:a0:99:78:a6: a1:7c:7e:24:3d:2f:a1:b3:2f:6c:98:0e:81:55:6e: fe:5c:5b:09:b1:b5:47:b7:0b:56:01:c2:1c:a2:5d: 0e:32:4f:94:50:71:ca:09:0f:4e:34:4c:4f:6a:d7: 3c:a5:e3:47:be:c5:43:91:d8:2b:0c:11:d1:81:f8: 90:96:fa:db:50:bc:9b:48:be:36:44:83:c4:87:a2: 3b:0b:77:3e:fa:72:ea:e7:74:64:77:71:7d:1e:cc: 7c:38:26:63:1e:d6:15:df:b6:15:05:89:9b:75:c6: 08:31:ce:d4:7c:1e:c3:97:43:da:ef:c1:e6:3b:67: cd:d0:f1:3c:a9:f4:e8:8e:76:95:ea:31:67:e1:78: e4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:F8:8E:D2:A7:CB:FE:80:82:1D:3D:AD:3B:9F:50:AD:08:BC:F1:FB X509v3 Authority Key Identifier: keyid:F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:d0:0a:df:4a:b5:48:c6:5a:17:0f:4f:92:22:bd:1b:ed:ca: 37:91:20:83:95:01:48:eb:a7:ce:0a:04:dc:ee:54:f3:91:b4: f0:8c:99:3c:1b:ab:3f:d0:ed:64:b4:52:92:2d:89:13:bf:1a: e5:67:44:24:1e:e5:c1:71:93:cb:51:82:92:d3:57:56:d4:b6: da:d5:ac:0e:aa:41:15:ae:62:d5:23:93:71:12:89:17:15:97: 98:82:26:4c:d5:bd:c1:c3:1a:71:af:d8:4d:7f:af:56:86:ec: 68:ff:52:24:c6:2e:bd:15:d1:03:10:8b:a8:32:52:ed:40:02: 10:49:a2:e8:e3:7e:34:b0:79:51:92:90:ed:57:64:65:c1:ee: ae:df:81:f6:27:ce:5e:11:f3:6e:34:a8:f4:8d:58:69:80:f9: ec:43:55:d8:70:07:d5:65:5f:ae:5a:a5:92:30:fd:9d:85:80: 5c:f6:72:d1:47:e0:9a:b3:74:a9:3a:06:5c:0b:a4:87:60:d7: cc:83:0e:b8:4a:ce:69:1e:08:3e:cd:92:be:80:87:da:6a:4b: 2d:a3:bf:e0:dd:0c:64:9d:ce:94:79:26:a6:ca:4e:1d:42:40: 47:97:08:93:3d:1f:bb:d6:f0:39:a1:fa:66:ab:93:c2:9a:59: a4:08:51:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzI5QzExMTAvBgNVBAUTKEYyNTlCOEFDOUNGNDNCRDdDNTk0NTRFNUM4M0VDRjQ4 RjlGQjg3MTcwHhcNMjUwODIxMDEzODIxWhcNMjUwODI4MDEzODIxWjAYMRYwFAYD VQQDEw02OGE2Nzg4ZS02YTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9VXmEFvbkI8d5piHWCzIHjNWMxN0p0Y1Id8uRKQuySaWPgXFhfiF4XzszZ7C lQQ/jFqJ89jUKX3PKjmIYugXrf3AFyx34yA02DkGpRj01k/UYmVlvmlmBtXqZEtd tVcG/ZSOgb6Y3YDQnveiiR33mFjpKaCZeKahfH4kPS+hsy9smA6BVW7+XFsJsbVH twtWAcIcol0OMk+UUHHKCQ9ONExPatc8peNHvsVDkdgrDBHRgfiQlvrbULybSL42 RIPEh6I7C3c++nLq53Rkd3F9Hsx8OCZjHtYV37YVBYmbdcYIMc7UfB7Dl0Pa78Hm O2fN0PE8qfTojnaV6jFn4XjkFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJX4jtKn y/6Agh09rTufUK0IvPH7MB8GA1UdIwQYMBaAFPJZuKyc9DvXxZRU5cg+z0j5+4cX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjlDMS80NDIzNkYwNDA1 QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85ZkZsRlRseUQ3UFNQbjdo eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhsbTRySnowTzlmRmxGVGx5RDdQU1BuN2h4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MjlDMS80NDIzNkYwNDA1QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85 ZkZsRlRseUQ3UFNQbjdoeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCa0ArfSrVIxloXD0+SIr0b7co3kSCDlQFI66fOCgTc7lTzkbTwjJk8 G6s/0O1ktFKSLYkTvxrlZ0QkHuXBcZPLUYKS01dW1Lba1awOqkEVrmLVI5NxEokX FZeYgiZM1b3Bwxpxr9hNf69Whuxo/1Ikxi69FdEDEIuoMlLtQAIQSaLo4340sHlR kpDtV2Rlwe6u34H2J85eEfNuNKj0jVhpgPnsQ1XYcAfVZV+uWqWSMP2dhYBc9nLR R+Cas3SpOgZcC6SHYNfMgw64Ss5pHgg+zZK+gIfaaksto7/g3Qxknc6UeSamyk4d QkBHlwiTPR+71vA5ofpmq5PCmlmkCFGA -----END CERTIFICATE-----Generated at Fri Aug 22 16:24:16 2025 by rpki-client