$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: 1CU3zmU20qd1yDIEFF/PTk1ZqbEd7Hh7gnq309azj6k= Subject key identifier: EC:FD:E6:F2:11:C2:9B:8A:60:51:7A:80:46:5B:33:6F:CE:26:99:62 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 081E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07E1 Signing time: Thu 04 Sep 2025 21:32:19 +0000 Manifest this update: Thu 04 Sep 2025 21:32:18 +0000 Manifest next update: Thu 11 Sep 2025 21:32:18 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: VF9uU6eguLjkEpOe5XmxZL9VXqqoyH/qohhdlZitvl4=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 21:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2078 (0x81e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Sep 4 21:32:18 2025 GMT Not After : Sep 11 21:32:18 2025 GMT Subject: CN=68ba0562-9fab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:63:5a:33:fa:1f:f9:c7:5d:54:fc:48:4d:f8: c9:bc:19:03:33:87:ee:25:1a:df:3e:60:e6:dc:89: 60:48:b5:19:00:d3:5a:5e:30:e3:ff:87:85:a2:14: d8:95:97:4d:95:7b:1f:f6:d0:6d:ae:4b:fe:51:c0: d9:d0:d7:f9:75:78:0c:51:b4:f1:c8:8f:15:df:b6: 2e:5b:f6:b4:b7:8b:19:1a:b8:eb:13:aa:38:d6:ea: 49:c4:ec:86:54:ca:2e:56:85:83:e1:c6:e0:b6:40: f7:21:59:e5:f7:97:e5:17:c0:b8:38:1d:63:7e:cf: de:86:e0:13:90:52:9a:cc:d1:4b:b5:e3:da:1b:a0: 02:01:d6:c1:ff:5f:34:43:32:29:ba:d3:08:8c:0b: a5:8c:3d:ac:91:24:f1:0f:c9:df:cb:e0:9b:77:e7: d0:94:e3:1b:9d:a6:9a:58:f7:e3:47:11:f4:6d:19: 1f:50:85:f7:65:d2:76:86:7e:71:f6:9c:a3:c8:18: 64:7d:1b:27:7b:6c:84:40:04:f2:76:ae:e5:44:2a: 88:83:a1:d6:12:e8:61:e8:04:38:a1:57:1b:70:f5: 37:e0:25:d9:af:00:9f:8f:35:38:53:29:1c:36:c7: 2c:8a:b2:c4:03:30:ea:9b:66:f3:d6:d3:21:09:ba: a6:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:FD:E6:F2:11:C2:9B:8A:60:51:7A:80:46:5B:33:6F:CE:26:99:62 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:ff:75:e1:fb:d7:77:28:7f:36:97:3f:16:9f:cb:86:db:8b: 13:cf:a2:0b:3e:6e:92:68:a4:15:4e:ef:16:a7:a8:40:39:7d: bf:f9:39:90:d8:9d:29:24:a1:3d:21:59:c3:8e:3c:90:4c:4f: 36:f3:76:9b:d2:17:22:ed:e4:93:de:5b:26:42:30:53:d6:82: a6:99:25:1e:cf:b5:de:01:8f:5a:5d:e4:12:52:3f:46:90:5d: 78:9b:16:b0:b0:33:8f:60:19:84:37:a4:83:0f:fc:21:4c:cd: 5a:5f:8b:e9:42:ee:ce:da:04:1b:50:c1:4f:4d:d4:e6:4f:2b: a9:54:a1:d9:19:2d:f9:7f:18:39:2a:66:f6:45:f2:5f:56:c6: 1d:87:fe:9d:e5:5a:cb:69:91:06:17:18:3a:4a:53:4a:a8:dc: 7f:07:37:78:c4:0f:13:f5:74:85:ca:91:0e:b4:59:9c:13:ba: 00:69:ae:42:ea:0e:34:e4:b5:25:3a:23:46:fd:f8:02:77:b6: de:0c:85:db:cf:38:db:0c:b8:50:6f:66:b0:40:57:52:e4:bd: 32:7d:5a:09:78:09:5c:b8:05:39:3c:f8:ad:f3:54:70:6d:68: 89:42:00:2a:22:fe:a4:cf:e5:6d:50:05:3e:c9:d3:ca:15:ea: 21:78:67:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwOTA0MjEzMjE4WhcNMjUwOTExMjEzMjE4WjAYMRYwFAYD VQQDEw02OGJhMDU2Mi05ZmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5mNaM/of+cddVPxITfjJvBkDM4fuJRrfPmDm3IlgSLUZANNaXjDj/4eFohTY lZdNlXsf9tBtrkv+UcDZ0Nf5dXgMUbTxyI8V37YuW/a0t4sZGrjrE6o41upJxOyG VMouVoWD4cbgtkD3IVnl95flF8C4OB1jfs/ehuATkFKazNFLtePaG6ACAdbB/180 QzIputMIjAuljD2skSTxD8nfy+Cbd+fQlOMbnaaaWPfjRxH0bRkfUIX3ZdJ2hn5x 9pyjyBhkfRsne2yEQATydq7lRCqIg6HWEuhh6AQ4oVcbcPU34CXZrwCfjzU4Uykc NscsirLEAzDqm2bz1tMhCbqmOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOz95vIR wpuKYFF6gEZbM2/OJpliMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBB/3Xh+9d3KH82lz8Wn8uG24sTz6ILPm6SaKQVTu8Wp6hAOX2/+TmQ 2J0pJKE9IVnDjjyQTE8283ab0hci7eST3lsmQjBT1oKmmSUez7XeAY9aXeQSUj9G kF14mxawsDOPYBmEN6SDD/whTM1aX4vpQu7O2gQbUMFPTdTmTyupVKHZGS35fxg5 Kmb2RfJfVsYdh/6d5VrLaZEGFxg6SlNKqNx/Bzd4xA8T9XSFypEOtFmcE7oAaa5C 6g405LUlOiNG/fgCd7beDIXbzzjbDLhQb2awQFdS5L0yfVoJeAlcuAU5PPit81Rw bWiJQgAqIv6kz+VtUAU+ydPKFeoheGe9 -----END CERTIFICATE-----Generated at Sat Sep 6 16:04:15 2025 by rpki-client