$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft File: 5CHll4Srb9cADNFZcQHsNg3ZQGY.mft (raw, json) Hash identifier: 5WUvXOHYD7JgmSzBRQnHzH/zvL5sVCtE0B8fSe1ANBc= Subject key identifier: 22:DB:0D:AD:C7:AB:69:78:1C:F8:75:08:17:F1:28:6E:08:16:C3:74 Authority key identifier: E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66 Certificate issuer: /CN=A91A1E1C/serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066 Certificate serial: A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft Manifest number: 9F Signing time: Mon 25 Aug 2025 06:49:00 +0000 Manifest this update: Mon 25 Aug 2025 06:49:00 +0000 Manifest next update: Mon 01 Sep 2025 06:49:00 +0000 Files and hashes: 1: 5CHll4Srb9cADNFZcQHsNg3ZQGY.crl (hash: Ot2jzmhbrvsnpgr7mixn2LXlqtclzANbNANmnmWwhGs=) 2: 5BC18D6C9A6C11EF8C656668C4F9AE02.roa (hash: 1ljn9MSckdlGvWQ7HkpY2v8ly/0oxPt9z/n6V7MEeDM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.crl rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 06:48:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 161 (0xa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1E1C, serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066 Validity Not Before: Aug 25 06:49:00 2025 GMT Not After : Sep 1 06:49:00 2025 GMT Subject: CN=68ac075c-2396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:bd:b4:41:0b:41:03:06:e0:ef:5e:28:1d:0c: 80:f1:3c:5a:3b:e0:2c:5f:c7:b7:2d:ab:40:4b:06: 8c:99:ee:2a:5c:85:79:cf:b6:c6:7d:96:f6:01:ca: 4b:f3:03:94:9c:cf:75:f9:49:f1:53:32:b4:6e:67: ce:35:1a:ee:37:a2:d0:a8:21:4b:df:2d:ba:c0:c6: 2c:0e:d9:39:95:7b:0b:a2:fe:d5:cd:0f:f0:81:3e: 6f:23:62:9a:82:22:62:0e:37:4e:13:1e:12:a0:b0: 82:52:dd:50:48:08:38:a8:d8:3c:64:c5:a9:9f:21: c5:19:29:37:e2:7b:4b:6f:e4:c5:16:4b:a5:77:1c: d6:a3:9c:17:2d:d0:01:50:6e:28:98:f4:56:e3:40: a6:fb:0e:58:b7:76:dd:c2:4c:0a:bd:02:7b:1a:1f: 63:f2:01:7a:de:56:2a:b8:2b:42:ea:bb:4f:00:63: 79:0c:1a:4d:73:1b:1f:79:ba:13:e6:a2:3f:42:7c: e1:71:b5:c5:c8:39:aa:5f:8e:f1:4e:a6:bb:6c:9c: e3:ce:0e:9d:c4:6b:56:69:d7:4c:3d:d3:db:f3:a3: a2:ab:15:e7:b9:ef:4b:d6:28:d0:ed:e0:24:2a:76: db:dd:a0:bb:87:85:ff:c1:3b:40:02:fd:2f:82:13: 49:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:DB:0D:AD:C7:AB:69:78:1C:F8:75:08:17:F1:28:6E:08:16:C3:74 X509v3 Authority Key Identifier: keyid:E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:1f:cc:f1:53:60:f3:2a:3c:7f:a8:00:2f:26:8b:3d:b2:87: ee:4d:45:fe:d0:7d:1e:35:8c:1a:ba:89:41:5e:0b:a9:a9:f7: 26:41:2c:02:60:5a:ad:62:11:fa:a5:78:1b:e9:cf:1f:8e:1e: 0d:d9:7d:0b:2b:f4:5d:36:f2:d3:91:6f:35:b7:29:f5:79:5f: 24:3e:48:ef:4a:98:39:85:df:65:25:06:49:34:f4:ac:28:5b: 1c:5f:2f:80:ff:25:da:3f:0c:c7:1e:e7:4c:e8:b5:cd:4a:15: b9:54:0c:6d:3d:eb:a7:1d:9d:d5:fe:92:6e:b2:12:a3:50:b9: b4:83:2c:6c:18:b4:a1:17:c1:c8:cc:34:d3:67:74:7b:b7:03: 2f:29:27:8d:7b:a4:c5:f7:16:82:f7:4b:62:04:5e:c1:2b:2d: 32:f4:8d:8a:76:ea:38:07:ef:17:4d:62:07:b9:2c:3e:26:d8: b9:53:83:3f:7f:ac:49:79:9f:75:01:d0:09:f2:75:e1:f5:86: 73:46:d1:a3:b9:1f:9f:9d:76:ec:e7:88:a0:b3:7d:c2:67:93: 39:f4:d1:f4:7c:b6:56:30:c3:c6:5b:13:9f:13:53:1f:af:a6: dd:6c:bd:b7:85:c1:e9:28:0a:02:b0:d9:25:9d:59:b4:c7:ad: 11:fb:8b:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFFMUMxMTAvBgNVBAUTKEU0MjFFNTk3ODRBQjZGRDcwMDBDRDE1OTcxMDFFQzM2 MEREOTQwNjYwHhcNMjUwODI1MDY0OTAwWhcNMjUwOTAxMDY0OTAwWjAYMRYwFAYD VQQDEw02OGFjMDc1Yy0yMzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqr20QQtBAwbg714oHQyA8TxaO+AsX8e3LatASwaMme4qXIV5z7bGfZb2AcpL 8wOUnM91+UnxUzK0bmfONRruN6LQqCFL3y26wMYsDtk5lXsLov7VzQ/wgT5vI2Ka giJiDjdOEx4SoLCCUt1QSAg4qNg8ZMWpnyHFGSk34ntLb+TFFkuldxzWo5wXLdAB UG4omPRW40Cm+w5Yt3bdwkwKvQJ7Gh9j8gF63lYquCtC6rtPAGN5DBpNcxsfeboT 5qI/QnzhcbXFyDmqX47xTqa7bJzjzg6dxGtWaddMPdPb86OiqxXnue9L1ijQ7eAk Knbb3aC7h4X/wTtAAv0vghNJNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCLbDa3H q2l4HPh1CBfxKG4IFsN0MB8GA1UdIwQYMBaAFOQh5ZeEq2/XAAzRWXEB7DYN2UBm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUUxQy8yNTIyMkQ4MDky MDAxMUVGOUUwQzNENkJDNEY5QUUwMi81Q0hsbDRTcmI5Y0FETkZaY1FIc05nM1pR R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVDSGxsNFNyYjljQURORlpjUUhzTmczWlFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUUxQy8yNTIyMkQ4MDkyMDAxMUVGOUUwQzNENkJDNEY5QUUwMi81Q0hsbDRTcmI5 Y0FETkZaY1FIc05nM1pRR1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbH8zxU2DzKjx/qAAvJos9sofuTUX+0H0eNYwauolBXgupqfcmQSwC YFqtYhH6pXgb6c8fjh4N2X0LK/RdNvLTkW81tyn1eV8kPkjvSpg5hd9lJQZJNPSs KFscXy+A/yXaPwzHHudM6LXNShW5VAxtPeunHZ3V/pJushKjULm0gyxsGLShF8HI zDTTZ3R7twMvKSeNe6TF9xaC90tiBF7BKy0y9I2Kduo4B+8XTWIHuSw+Jti5U4M/ f6xJeZ91AdAJ8nXh9YZzRtGjuR+fnXbs54igs33CZ5M59NH0fLZWMMPGWxOfE1Mf r6bdbL23hcHpKAoCsNklnVm0x60R+4tB -----END CERTIFICATE-----Generated at Mon Aug 25 23:35:46 2025 by rpki-client