$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: STPR0iJxiFB74R69hIMXIxr6P3ybPAAP1+xFuchdpSQ= Subject key identifier: C3:54:B0:A3:16:51:B5:87:C2:AC:50:A5:0E:CB:64:A5:9A:D9:15:72 Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 013B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 0139 Signing time: Tue 09 Sep 2025 04:32:56 +0000 Manifest this update: Tue 09 Sep 2025 04:32:56 +0000 Manifest next update: Tue 16 Sep 2025 04:32:56 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: WWlRnXj6uwxrSO96/rmZdQQ4mtJCQsaUk3S3J3kq15U=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 04:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 315 (0x13b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: Sep 9 04:32:56 2025 GMT Not After : Sep 16 04:32:56 2025 GMT Subject: CN=68bfadf8-3a1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1c:8f:d1:5e:12:87:ed:a4:d0:3d:77:68:09: 19:7e:54:90:80:5d:2d:ec:be:cd:b8:34:55:b3:37: f9:fc:06:02:a2:a5:db:a5:75:f3:eb:66:df:8d:1d: f3:68:ba:19:f6:54:44:51:65:38:02:cf:bc:2c:8a: 10:f3:9f:2d:4a:61:b2:61:1d:f2:82:31:df:f4:dc: 15:24:f6:2f:a1:45:45:3d:9f:40:38:e8:4e:de:73: 21:d8:69:63:83:54:4e:47:16:03:b0:67:83:47:f7: 42:bc:40:93:de:d0:2b:c0:17:f1:a9:22:6e:53:1e: f0:61:6c:cf:b6:f0:12:03:14:d2:09:3e:5d:02:f8: f8:d5:f2:fd:7f:35:82:53:ab:78:ed:b6:33:be:5e: 42:8c:49:dc:07:cd:1c:a5:7f:69:0d:6b:1b:90:3f: 11:df:56:f3:6f:c1:9f:96:d7:d8:80:6a:06:66:f1: e4:ad:4a:4b:6a:66:2a:f9:4f:b4:fc:84:68:dd:a3: b6:9f:81:57:8e:ad:d1:80:a0:b4:73:26:b8:6d:2b: 0e:8c:3e:99:3d:99:6b:64:bc:2b:dd:08:fe:25:94: c7:bc:19:6c:f2:47:c7:9a:8a:f5:41:1e:53:75:f7: 8a:b2:18:5c:a1:eb:8c:8b:27:8b:88:cb:ed:08:c1: 02:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:54:B0:A3:16:51:B5:87:C2:AC:50:A5:0E:CB:64:A5:9A:D9:15:72 X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:16:2d:20:44:05:49:94:d5:36:01:30:ed:29:2b:00:16:84: 34:17:31:8a:1e:59:76:57:e5:07:b0:41:c9:35:b4:dd:90:ef: 37:7f:42:31:aa:dc:bc:f2:27:79:b4:1d:47:7c:4b:44:11:6c: e8:f5:12:25:48:13:9c:32:9f:f7:3c:9f:35:bb:1d:40:22:f9: 59:1e:c8:8e:d7:ca:96:0a:21:3b:f4:4c:e5:f9:b4:7c:8e:b9: 35:77:05:09:25:0d:78:74:6c:6b:75:da:ed:cd:c6:da:8f:84: a6:65:7b:34:45:80:67:fe:06:e0:4e:c1:d8:3d:1e:bd:b1:31: 43:9a:36:2f:2b:77:5a:11:ef:9f:05:18:30:9b:7e:23:86:24: 8a:82:6f:91:07:4c:4c:2b:4b:3e:4a:6b:fe:8c:99:e5:32:02: d9:de:d1:dc:f8:9e:a7:2e:bc:73:de:4e:91:28:90:ca:55:ac: 5a:f9:e7:c6:51:bc:73:e3:bd:85:46:77:8c:2e:a4:b2:5c:12: b1:13:11:da:29:88:c1:8b:89:7a:05:11:a5:fe:a2:a2:1c:23: 35:4a:8b:51:0f:17:b9:fd:fb:df:1d:50:be:ef:4d:8b:f0:e7: 34:c7:f3:07:7e:6d:49:d5:1c:f5:d3:b5:60:e6:01:a7:26:26: e2:6f:05:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUwOTA5MDQzMjU2WhcNMjUwOTE2MDQzMjU2WjAYMRYwFAYD VQQDEw02OGJmYWRmOC0zYTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApByP0V4Sh+2k0D13aAkZflSQgF0t7L7NuDRVszf5/AYCoqXbpXXz62bfjR3z aLoZ9lREUWU4As+8LIoQ858tSmGyYR3ygjHf9NwVJPYvoUVFPZ9AOOhO3nMh2Glj g1RORxYDsGeDR/dCvECT3tArwBfxqSJuUx7wYWzPtvASAxTSCT5dAvj41fL9fzWC U6t47bYzvl5CjEncB80cpX9pDWsbkD8R31bzb8GfltfYgGoGZvHkrUpLamYq+U+0 /IRo3aO2n4FXjq3RgKC0cya4bSsOjD6ZPZlrZLwr3Qj+JZTHvBls8kfHmor1QR5T dfeKshhcoeuMiyeLiMvtCMEC0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMNUsKMW UbWHwqxQpQ7LZKWa2RVyMB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcFi0gRAVJlNU2ATDtKSsAFoQ0FzGKHll2V+UHsEHJNbTdkO83f0Ix qty88id5tB1HfEtEEWzo9RIlSBOcMp/3PJ81ux1AIvlZHsiO18qWCiE79Ezl+bR8 jrk1dwUJJQ14dGxrddrtzcbaj4SmZXs0RYBn/gbgTsHYPR69sTFDmjYvK3daEe+f BRgwm34jhiSKgm+RB0xMK0s+Smv+jJnlMgLZ3tHc+J6nLrxz3k6RKJDKVaxa+efG Ubxz472FRneMLqSyXBKxExHaKYjBi4l6BRGl/qKiHCM1SotRDxe5/fvfHVC+702L 8Oc0x/MHfm1J1Rz107Vg5gGnJibibwWY -----END CERTIFICATE-----Generated at Tue Sep 9 17:41:03 2025 by rpki-client