$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.mft File: GGFTy5iIOKOm1IzwQjxbRiMAWeg.mft (raw, json) Hash identifier: XciAPny1BdMOmaJa1KnFlwQHzFkYyuu9oB8dZaeIExY= Subject key identifier: 03:C2:22:43:A2:F2:F4:E8:D7:01:A3:0C:39:94:DB:39:36:20:9A:43 Authority key identifier: 18:61:53:CB:98:88:38:A3:A6:D4:8C:F0:42:3C:5B:46:23:00:59:E8 Certificate issuer: /CN=A91AE69C/serialNumber=186153CB988838A3A6D48CF0423C5B46230059E8 Certificate serial: 029E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GGFTy5iIOKOm1IzwQjxbRiMAWeg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.mft Manifest number: 0299 Signing time: Sat 23 Aug 2025 01:50:57 +0000 Manifest this update: Sat 23 Aug 2025 01:50:57 +0000 Manifest next update: Sat 30 Aug 2025 01:50:57 +0000 Files and hashes: 1: GGFTy5iIOKOm1IzwQjxbRiMAWeg.crl (hash: iPU71RzK1mC+TZlay9I9i9oYMgA5o3CJ14jQnl5/gLA=) 2: DD1FEE48C77311EEA5076E2CC4F9AE02.roa (hash: e8WAY0Y3CoS5+B8mQdHDLApUCt8COdKCwX61EjEYzJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.crl rsync://rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GGFTy5iIOKOm1IzwQjxbRiMAWeg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:28:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 670 (0x29e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE69C, serialNumber=186153CB988838A3A6D48CF0423C5B46230059E8 Validity Not Before: Aug 23 01:50:57 2025 GMT Not After : Aug 30 01:50:57 2025 GMT Subject: CN=68a91e81-f09f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:12:56:8f:7b:b6:cf:3f:45:73:f7:d7:6a:ba: c6:a9:01:06:83:de:15:fa:cf:24:27:b8:f3:84:0f: 8e:d4:c9:09:c1:b0:84:29:4c:6e:ce:43:44:cf:7a: c3:e8:b0:0f:fb:18:7c:3c:51:6e:4c:98:18:7e:10: 8c:17:43:34:e3:0b:e6:38:3e:89:a5:61:1c:a6:d3: 89:49:22:36:30:74:82:e1:7e:31:48:37:4c:60:cb: 64:f6:e4:b9:7f:41:39:5a:d4:dd:da:6b:66:ea:c1: 70:b6:aa:45:3c:2f:14:ec:04:28:b4:76:47:4b:f9: 2f:89:ba:6b:4c:e3:02:28:c8:0d:98:8c:bc:49:84: 41:80:88:9f:80:8a:c6:e7:6d:2f:19:cc:b7:26:8c: d4:ad:7c:5e:1f:22:66:4f:bf:cf:2e:c3:ff:12:86: 86:3e:7f:db:7a:89:89:3d:bd:c3:f7:56:e4:cd:70: 0e:a3:1e:c5:77:88:bb:70:4a:57:d4:28:3c:f8:dd: 08:b3:3d:1c:90:26:d5:a3:31:df:f4:3f:f5:e7:60: 6e:6d:d2:56:1e:e5:8c:ef:50:46:38:45:c2:f3:c8: 77:03:5b:12:bc:57:37:cc:63:7a:d9:8c:9b:70:3f: e4:3a:22:11:88:36:fb:1b:4c:46:5f:dc:5f:3c:3a: 81:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:C2:22:43:A2:F2:F4:E8:D7:01:A3:0C:39:94:DB:39:36:20:9A:43 X509v3 Authority Key Identifier: keyid:18:61:53:CB:98:88:38:A3:A6:D4:8C:F0:42:3C:5B:46:23:00:59:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GGFTy5iIOKOm1IzwQjxbRiMAWeg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE69C/9EB07998127A11ED902DFE27C4F9AE02/GGFTy5iIOKOm1IzwQjxbRiMAWeg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:c3:89:c7:85:0f:11:92:d1:a2:60:b1:d7:f6:9b:1a:f0:f9: 7a:f1:2d:1f:33:a2:ec:4d:50:6b:12:08:47:57:f3:a3:29:3e: 6b:47:fe:45:48:d8:a4:3f:9e:0a:d0:75:fb:40:3a:c2:d7:c3: fe:d6:34:f3:03:49:39:41:2c:2c:e7:bb:9c:fe:77:d2:4a:c7: 8e:cc:6c:2d:b8:60:99:64:6d:09:0d:e6:08:03:9a:39:20:93: 0e:05:87:71:2d:67:75:03:1a:89:24:e7:e7:32:22:35:2e:d6: 84:f3:64:ba:12:09:80:82:53:f6:0d:25:a4:ff:1c:c7:23:84: 40:98:de:c1:bf:98:26:34:64:f6:a0:8d:6e:d9:db:0f:fa:b6: e1:e4:58:2a:f4:fa:03:50:c6:d4:96:1f:94:39:12:97:f5:8e: 0c:91:64:57:20:03:7c:08:61:60:30:3c:33:f1:bb:9e:f4:87: 54:21:fe:ef:b9:01:c5:8e:5f:4e:18:2f:0a:e1:98:6a:8a:17: 01:95:d3:2b:00:21:c0:d1:75:c2:1f:22:08:d9:cc:86:d7:05: ec:28:b2:3a:a0:ff:30:fe:48:da:96:e0:56:f2:a3:bb:0c:b5: 48:08:b4:2c:c6:aa:f7:0a:50:c2:bd:d0:52:65:61:5a:f8:46: f6:89:b2:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU2OUMxMTAvBgNVBAUTKDE4NjE1M0NCOTg4ODM4QTNBNkQ0OENGMDQyM0M1QjQ2 MjMwMDU5RTgwHhcNMjUwODIzMDE1MDU3WhcNMjUwODMwMDE1MDU3WjAYMRYwFAYD VQQDEw02OGE5MWU4MS1mMDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyhJWj3u2zz9Fc/fXarrGqQEGg94V+s8kJ7jzhA+O1MkJwbCEKUxuzkNEz3rD 6LAP+xh8PFFuTJgYfhCMF0M04wvmOD6JpWEcptOJSSI2MHSC4X4xSDdMYMtk9uS5 f0E5WtTd2mtm6sFwtqpFPC8U7AQotHZHS/kvibprTOMCKMgNmIy8SYRBgIifgIrG 520vGcy3JozUrXxeHyJmT7/PLsP/EoaGPn/beomJPb3D91bkzXAOox7Fd4i7cEpX 1Cg8+N0Isz0ckCbVozHf9D/152BubdJWHuWM71BGOEXC88h3A1sSvFc3zGN62Yyb cD/kOiIRiDb7G0xGX9xfPDqBgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAPCIkOi 8vTo1wGjDDmU2zk2IJpDMB8GA1UdIwQYMBaAFBhhU8uYiDijptSM8EI8W0YjAFno MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTY5Qy85RUIwNzk5ODEy N0ExMUVEOTAyREZFMjdDNEY5QUUwMi9HR0ZUeTVpSU9LT20xSXp3UWp4YlJpTUFX ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dHRlR5NWlJT0tPbTFJendRanhiUmlNQVdlZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTY5Qy85RUIwNzk5ODEyN0ExMUVEOTAyREZFMjdDNEY5QUUwMi9HR0ZUeTVpSU9L T20xSXp3UWp4YlJpTUFXZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmw4nHhQ8RktGiYLHX9psa8Pl68S0fM6LsTVBrEghHV/OjKT5rR/5F SNikP54K0HX7QDrC18P+1jTzA0k5QSws57uc/nfSSseOzGwtuGCZZG0JDeYIA5o5 IJMOBYdxLWd1AxqJJOfnMiI1LtaE82S6EgmAglP2DSWk/xzHI4RAmN7Bv5gmNGT2 oI1u2dsP+rbh5Fgq9PoDUMbUlh+UORKX9Y4MkWRXIAN8CGFgMDwz8bue9IdUIf7v uQHFjl9OGC8K4ZhqihcBldMrACHA0XXCHyII2cyG1wXsKLI6oP8w/kjaluBW8qO7 DLVICLQsxqr3ClDCvdBSZWFa+Eb2ibKg -----END CERTIFICATE-----Generated at Sat Aug 23 03:25:45 2025 by rpki-client