$ rpki-client -vvf rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft File: 0PiwBllsfAN8tUkwWzlpAACq6KQ.mft (raw, json) Hash identifier: y2mfMULMb5+e63BwDoogE4gBIMxjxLATHhFeEXEpUjM= Subject key identifier: 32:82:79:52:34:EF:A6:D8:D5:FC:B2:36:01:ED:E1:C0:0B:FA:B9:B1 Authority key identifier: D0:F8:B0:06:59:6C:7C:03:7C:B5:49:30:5B:39:69:00:00:AA:E8:A4 Certificate issuer: /CN=A91754C0/serialNumber=D0F8B006596C7C037CB549305B39690000AAE8A4 Certificate serial: 0121 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft Manifest number: 011D Signing time: Mon 25 Aug 2025 05:08:09 +0000 Manifest this update: Mon 25 Aug 2025 05:08:09 +0000 Manifest next update: Mon 01 Sep 2025 05:08:09 +0000 Files and hashes: 1: 0PiwBllsfAN8tUkwWzlpAACq6KQ.crl (hash: cesyniYLarqnDTzGS02vo8i7r0EXt1hdTHKALnpvpG0=) 2: D0CB00D4CCBD11EEAC4BCD4BC4F9AE02.roa (hash: tE5MO0yGqfdQRPhR9mD7EUVj7T64niX8BINnA3y1Amk=) 3: 6BA3FEA4CCBD11EEBADDFC4AC4F9AE02.roa (hash: qBQp3vvSD9elb8dQbwCPuGirBXWWVwR3GT0tS3LqEZA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.crl rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 05:08:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 289 (0x121) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91754C0, serialNumber=D0F8B006596C7C037CB549305B39690000AAE8A4 Validity Not Before: Aug 25 05:08:09 2025 GMT Not After : Sep 1 05:08:09 2025 GMT Subject: CN=68abefb9-1657 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:ce:b0:47:25:d2:b7:95:a5:89:8d:36:d3:38: ab:53:9b:ec:22:dd:d9:de:bf:29:16:ef:98:0a:f9: 53:ac:21:b0:5a:be:79:1c:6b:b4:a2:1e:38:94:d8: e6:4f:af:08:41:b5:59:fa:7e:c9:f4:6e:ce:4d:51: 38:c5:3c:90:44:46:08:ad:da:e4:3b:37:4c:ff:b9: 4d:51:75:41:3f:f1:0e:a4:73:28:45:2d:d8:c1:ec: 24:ee:ae:ff:b4:8b:25:3a:6b:0d:48:2c:30:2a:9e: 43:eb:86:41:47:e7:25:28:ad:f9:aa:10:79:95:04: 9e:69:4e:18:10:41:8e:cc:0b:46:3f:76:61:da:6f: ac:33:25:63:0f:84:6f:6f:cb:de:b0:49:60:e3:76: ad:ba:9e:e6:15:be:6d:b5:7f:31:4a:e6:ff:95:32: 3c:f9:72:78:59:0d:2e:f7:78:23:6e:ff:c8:0b:ab: 53:04:5e:94:94:75:64:2a:83:6a:a2:c2:0f:6a:64: ba:03:91:6a:7a:f9:d3:ca:87:de:84:bd:9a:21:28: 44:08:1c:0d:84:ab:f8:57:d8:ae:51:5b:c8:41:06: 1e:8f:a7:35:13:a4:42:cb:6e:8a:fb:bb:41:2c:15: 07:60:50:ce:35:f7:50:c2:8e:c9:81:1f:ef:9b:74: 41:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:82:79:52:34:EF:A6:D8:D5:FC:B2:36:01:ED:E1:C0:0B:FA:B9:B1 X509v3 Authority Key Identifier: keyid:D0:F8:B0:06:59:6C:7C:03:7C:B5:49:30:5B:39:69:00:00:AA:E8:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:34:af:2d:e0:f5:0e:9f:19:cc:76:0a:95:a2:4c:9a:2f:4d: b9:90:5b:d5:57:59:16:5f:98:61:93:16:3f:1f:95:37:dd:73: c5:56:aa:1c:2f:fb:93:d8:3b:67:14:2b:fd:e5:3d:4a:41:4b: 4b:40:2e:1b:de:54:f6:b0:b2:11:27:9f:2e:3d:2d:8e:3f:4b: 9a:66:16:6d:22:73:19:93:f4:22:89:dc:9f:54:05:e5:72:79: b9:5c:d0:25:64:e0:23:99:15:22:e0:39:2d:76:d6:8f:42:aa: ab:71:b5:59:b9:3d:a4:29:9b:f9:a0:ef:88:80:37:92:b6:98: ca:04:d8:2d:c7:d6:45:54:14:20:e9:85:07:13:5c:77:db:97: 81:b8:9d:bd:21:71:18:04:a6:1b:8e:00:59:b4:11:7f:90:2d: 95:b4:bc:c9:8c:0d:54:0f:a5:fb:17:16:ca:21:04:f3:22:e7: b4:4d:12:a6:5e:07:72:84:93:94:50:3b:8c:b6:e2:7e:f6:f2: a9:f1:61:61:56:93:29:4c:86:39:9e:72:11:3f:bd:db:f0:62: 5a:03:46:48:c9:69:c1:7f:ec:90:36:6c:a3:39:16:28:a1:52: 55:4e:8f:4a:10:0e:7d:ee:a9:54:d8:b8:b4:79:40:74:a7:0d: 16:fc:0e:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzU0QzAxMTAvBgNVBAUTKEQwRjhCMDA2NTk2QzdDMDM3Q0I1NDkzMDVCMzk2OTAw MDBBQUU4QTQwHhcNMjUwODI1MDUwODA5WhcNMjUwOTAxMDUwODA5WjAYMRYwFAYD VQQDEw02OGFiZWZiOS0xNjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7c6wRyXSt5WliY020zirU5vsIt3Z3r8pFu+YCvlTrCGwWr55HGu0oh44lNjm T68IQbVZ+n7J9G7OTVE4xTyQREYIrdrkOzdM/7lNUXVBP/EOpHMoRS3Ywewk7q7/ tIslOmsNSCwwKp5D64ZBR+clKK35qhB5lQSeaU4YEEGOzAtGP3Zh2m+sMyVjD4Rv b8vesElg43atup7mFb5ttX8xSub/lTI8+XJ4WQ0u93gjbv/IC6tTBF6UlHVkKoNq osIPamS6A5FqevnTyofehL2aIShECBwNhKv4V9iuUVvIQQYej6c1E6RCy26K+7tB LBUHYFDONfdQwo7JgR/vm3RBMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKCeVI0 76bY1fyyNgHt4cAL+rmxMB8GA1UdIwQYMBaAFND4sAZZbHwDfLVJMFs5aQAAquik MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTRDMC9GRURGNTcyRUND QkIxMUVFOEEwRjc3NDhDNEY5QUUwMi8wUGl3Qmxsc2ZBTjh0VWt3V3pscEFBQ3E2 S1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzBQaXdCbGxzZkFOOHRVa3dXemxwQUFDcTZLUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NTRDMC9GRURGNTcyRUNDQkIxMUVFOEEwRjc3NDhDNEY5QUUwMi8wUGl3Qmxsc2ZB Tjh0VWt3V3pscEFBQ3E2S1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkNK8t4PUOnxnMdgqVokyaL025kFvVV1kWX5hhkxY/H5U33XPFVqoc L/uT2DtnFCv95T1KQUtLQC4b3lT2sLIRJ58uPS2OP0uaZhZtInMZk/QiidyfVAXl cnm5XNAlZOAjmRUi4DktdtaPQqqrcbVZuT2kKZv5oO+IgDeStpjKBNgtx9ZFVBQg 6YUHE1x325eBuJ29IXEYBKYbjgBZtBF/kC2VtLzJjA1UD6X7FxbKIQTzIue0TRKm XgdyhJOUUDuMtuJ+9vKp8WFhVpMpTIY5nnIRP73b8GJaA0ZIyWnBf+yQNmyjORYo oVJVTo9KEA597qlU2Li0eUB0pw0W/A47 -----END CERTIFICATE-----Generated at Mon Aug 25 23:33:43 2025 by rpki-client