$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: F03QdUSTfhQqa5Me4PDPJmGnGEXu20yo9OFynwY+aUU= Subject key identifier: AE:43:CA:AF:D3:96:49:F3:96:9D:1F:B9:C3:67:47:53:EB:FE:CF:67 Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 20 Signing time: Fri 05 Sep 2025 08:23:22 +0000 Manifest this update: Fri 05 Sep 2025 08:23:22 +0000 Manifest next update: Fri 12 Sep 2025 08:23:22 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: J5OUzj7dauyP24SoyZ9sgZkouF6U3BMS4Jj9Hw0nSTw=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 08:23:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Sep 5 08:23:22 2025 GMT Not After : Sep 12 08:23:22 2025 GMT Subject: CN=68ba9dfa-2139 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:99:81:9d:50:9d:a9:d5:70:6e:30:4d:49: 61:55:a2:33:8a:1f:ea:0d:3e:e6:6c:c6:b5:a0:f3: f6:6f:7c:5c:97:b8:b4:ba:11:18:00:af:eb:a6:56: b6:8d:0e:7f:23:52:18:01:c3:d2:27:52:ae:cc:6f: 99:fd:ba:f5:d3:bb:10:53:2b:12:a3:69:03:47:a8: 09:67:da:a7:87:0c:ac:89:20:79:78:61:95:cd:33: 4d:b3:23:b5:30:f7:52:aa:eb:14:f8:b2:36:42:b5: a9:64:0c:0e:6c:32:7a:11:6f:90:67:f9:18:25:fa: 0e:0c:6e:7c:6c:05:e6:c5:e2:6c:25:60:f4:cd:67: eb:33:83:56:36:1e:b7:47:7a:25:ae:0d:05:f2:fb: 74:a6:dd:8c:b7:b8:52:96:c1:f1:c1:16:98:31:c0: 90:3d:85:0e:b7:f2:54:dd:b1:f9:59:d7:2c:12:a3: 64:70:1c:b7:08:c4:95:1f:ab:fb:17:e0:ed:69:e0: 27:27:49:05:77:50:d9:f1:c0:9e:14:fe:92:a5:7b: e4:39:3c:84:d8:2d:dc:d5:96:39:f0:bb:b0:0b:be: fa:3f:c0:2c:13:b3:ef:ce:fc:ca:d8:7e:8b:df:d9: 99:f9:cb:f6:b4:16:c5:15:4a:f3:6b:94:f2:b2:41: 10:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:43:CA:AF:D3:96:49:F3:96:9D:1F:B9:C3:67:47:53:EB:FE:CF:67 X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:db:53:68:82:40:ef:82:b4:b3:1b:1f:93:27:e5:d8:79:71: 11:f4:94:df:58:88:f3:93:e7:6a:73:d1:96:51:db:dc:41:f1: c2:57:82:9a:0e:0d:97:85:3f:c5:40:6d:69:c2:2e:c8:2d:97: 26:32:a6:98:d1:5f:3b:88:d2:0d:1d:45:28:0c:60:d5:c6:88: 46:e4:88:91:4f:fc:c9:3c:2b:dd:45:1b:03:f5:a6:3b:a4:aa: be:f3:a8:67:15:e8:dc:2c:fc:e0:d2:80:35:59:73:44:79:39: 21:44:af:b4:20:fe:1e:48:72:a0:b5:da:66:eb:ec:9c:1f:d8: b0:ed:d0:3a:d9:66:a5:cf:69:e0:56:c6:18:c2:23:f5:50:42: 65:5c:d4:42:86:98:81:9d:39:7b:76:e9:e6:16:4c:6d:3a:45: c1:90:21:db:7e:52:16:b3:6a:b0:5a:0c:39:c3:c7:7c:6a:f0: c9:90:df:4a:2c:0e:41:41:37:92:6c:a8:fc:4a:40:08:4d:ec: 1d:5e:ce:d3:a4:b7:86:25:16:84:b1:19:0c:03:3a:35:ec:11: 83:ef:6f:18:45:58:ac:d9:2a:2e:07:46:a4:76:1f:f1:ab:e0: 59:62:8f:68:66:fa:0a:47:ae:41:6f:26:5b:47:ca:fd:17:3d: 69:68:31:7e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTA5MDUwODIzMjJaFw0yNTA5MTIwODIzMjJaMBgxFjAUBgNV BAMTDTY4YmE5ZGZhLTIxMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCo9pmBnVCdqdVwbjBNSWFVojOKH+oNPuZsxrWg8/ZvfFyXuLS6ERgAr+umVraN Dn8jUhgBw9InUq7Mb5n9uvXTuxBTKxKjaQNHqAln2qeHDKyJIHl4YZXNM02zI7Uw 91Kq6xT4sjZCtalkDA5sMnoRb5Bn+Rgl+g4MbnxsBebF4mwlYPTNZ+szg1Y2HrdH eiWuDQXy+3Sm3Yy3uFKWwfHBFpgxwJA9hQ638lTdsflZ1ywSo2RwHLcIxJUfq/sX 4O1p4CcnSQV3UNnxwJ4U/pKle+Q5PITYLdzVljnwu7ALvvo/wCwTs+/O/MrYfovf 2Zn5y/a0FsUVSvNrlPKyQRC/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrkPKr9OW SfOWnR+5w2dHU+v+z2cwHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy NURGL0U2MTI0MDgyNUVENTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5 MnBWTHdhQWtUTU1XMTlUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB/bU2iCQO+CtLMbH5Mn5dh5cRH0lN9YiPOT52pz0ZZR29xB8cJXgpoO DZeFP8VAbWnCLsgtlyYyppjRXzuI0g0dRSgMYNXGiEbkiJFP/Mk8K91FGwP1pjuk qr7zqGcV6Nws/ODSgDVZc0R5OSFEr7Qg/h5IcqC12mbr7Jwf2LDt0DrZZqXPaeBW xhjCI/VQQmVc1EKGmIGdOXt26eYWTG06RcGQIdt+UhazarBaDDnDx3xq8MmQ30os DkFBN5JsqPxKQAhN7B1eztOkt4YlFoSxGQwDOjXsEYPvbxhFWKzZKi4HRqR2H/Gr 4Flij2hm+gpHrkFvJltHyv0XPWloMX4= -----END CERTIFICATE-----Generated at Sat Sep 6 21:13:19 2025 by rpki-client