$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft File: nTwzrLEQPnH6H_PmAT6dwxEiafw.mft (raw, json) Hash identifier: qR1WB1Dm2ya8IX99PNp/XoRLa/jTZzZtBX+95dhCz1s= Subject key identifier: 5F:5C:4C:C4:B9:5B:DC:BE:C7:2B:57:D4:C0:33:67:05:43:4D:3F:97 Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft Manifest number: D6 Signing time: Fri 05 Sep 2025 06:01:56 +0000 Manifest this update: Fri 05 Sep 2025 06:01:56 +0000 Manifest next update: Fri 12 Sep 2025 06:01:56 +0000 Files and hashes: 1: nTwzrLEQPnH6H_PmAT6dwxEiafw.crl (hash: hYu0sz38SOCTd2UNU0VrPMwn5kwW3885TrigqkTislQ=) 2: DD76C09AB16711EFBD483568C4F9AE02.roa (hash: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Validity Not Before: Sep 5 06:01:56 2025 GMT Not After : Sep 12 06:01:56 2025 GMT Subject: CN=68ba7cd4-ca49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:31:33:c7:57:e3:41:b8:a0:b7:15:d8:e4:3d: 71:c2:df:b9:b7:0f:57:3e:8b:01:ec:6c:8a:79:d0: d0:69:9b:a2:90:e4:dd:f0:d4:bb:2b:d0:07:31:38: fc:c2:b4:90:83:9c:70:d8:a1:6a:a3:75:d9:e5:d9: 7c:c3:6b:7a:60:92:87:9f:e8:7a:3c:47:b5:47:7a: 75:47:d5:4a:57:04:2f:4b:8e:2d:fd:0e:4f:5a:7a: 90:f9:1e:7f:48:34:90:c0:29:5b:70:e1:36:55:24: 4a:83:9e:89:d4:56:7f:94:a5:d1:54:56:3e:ac:d8: 8a:2f:27:6b:8f:43:e4:c4:da:bd:02:52:25:40:5e: cc:cc:fc:67:00:1a:54:c6:6a:0a:1f:f2:ba:c5:2f: 25:4f:89:17:f3:ff:61:4b:da:39:da:f3:74:7f:63: fc:db:02:61:ed:2b:91:fb:36:f4:b4:53:38:ee:6f: b1:8c:c3:1c:f4:f9:b9:73:5f:e8:d0:1c:3b:73:82: 3c:c5:eb:58:78:86:f6:f8:4e:2c:e1:2c:9a:b6:10: 5a:60:8d:c2:f1:60:47:ac:96:9a:18:a1:2d:cc:98: 9d:f5:50:31:76:6c:90:b2:59:46:9a:99:98:4f:3e: 79:aa:a7:ea:70:63:4f:72:8a:2e:b3:15:1c:12:71: 5f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:5C:4C:C4:B9:5B:DC:BE:C7:2B:57:D4:C0:33:67:05:43:4D:3F:97 X509v3 Authority Key Identifier: keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:df:f1:dc:41:8e:bb:ff:1e:c9:8b:c1:fd:63:86:93:ad:80: ca:34:16:82:e5:14:5a:48:db:89:f5:fc:28:0a:22:f4:82:f0: df:42:78:d9:49:93:07:66:21:67:47:14:52:1a:cd:40:bd:bb: fa:51:42:36:d9:00:89:0b:f4:bc:52:f2:16:c7:8f:d1:47:89: 8b:41:56:3f:48:de:40:2d:d1:cc:aa:5e:b1:f5:81:e3:1b:9d: 96:00:1a:60:4e:31:63:52:df:a5:5a:19:eb:75:50:4f:14:e8: f2:08:05:d7:ed:ac:09:cf:28:cb:73:51:a0:fe:6e:8e:91:f7: ac:a8:a6:76:71:2b:56:a5:8b:f2:a6:33:3c:aa:97:37:89:70: e4:cb:d8:86:ed:c2:28:d8:43:f1:9f:16:65:bf:db:91:67:62: f4:d5:64:6c:3c:9c:85:2e:8a:41:45:7c:79:83:c2:2a:c4:ec: fc:1c:1a:5a:dc:56:7c:8e:9f:53:a8:dc:5e:c7:b8:a5:09:f4: 2f:f8:95:2f:e5:e2:e2:f4:1e:64:e4:ac:e9:b7:b2:f7:fd:ab: 07:07:8f:09:11:da:f0:8d:e3:5d:71:04:d2:b6:0f:1e:75:60: e5:96:8d:34:9e:df:e4:40:01:56:1a:5d:54:f2:d6:cc:e6:8e: 0e:97:74:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDlEM0MzM0FDQjExMDNFNzFGQTFGRjNFNjAxM0U5REMz MTEyMjY5RkMwHhcNMjUwOTA1MDYwMTU2WhcNMjUwOTEyMDYwMTU2WjAYMRYwFAYD VQQDEw02OGJhN2NkNC1jYTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7TEzx1fjQbigtxXY5D1xwt+5tw9XPosB7GyKedDQaZuikOTd8NS7K9AHMTj8 wrSQg5xw2KFqo3XZ5dl8w2t6YJKHn+h6PEe1R3p1R9VKVwQvS44t/Q5PWnqQ+R5/ SDSQwClbcOE2VSRKg56J1FZ/lKXRVFY+rNiKLydrj0PkxNq9AlIlQF7MzPxnABpU xmoKH/K6xS8lT4kX8/9hS9o52vN0f2P82wJh7SuR+zb0tFM47m+xjMMc9Pm5c1/o 0Bw7c4I8xetYeIb2+E4s4SyathBaYI3C8WBHrJaaGKEtzJid9VAxdmyQsllGmpmY Tz55qqfqcGNPcoousxUcEnFfWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF9cTMS5 W9y+xytX1MAzZwVDTT+XMB8GA1UdIwQYMBaAFJ08M6yxED5x+h/z5gE+ncMRImn8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82MjkxNzY0NDQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBuSDZIX1BtQVQ2ZHd4RWlh ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBu SDZIX1BtQVQ2ZHd4RWlhZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl3/HcQY67/x7Ji8H9Y4aTrYDKNBaC5RRaSNuJ9fwoCiL0gvDfQnjZ SZMHZiFnRxRSGs1Avbv6UUI22QCJC/S8UvIWx4/RR4mLQVY/SN5ALdHMql6x9YHj G52WABpgTjFjUt+lWhnrdVBPFOjyCAXX7awJzyjLc1Gg/m6OkfesqKZ2cStWpYvy pjM8qpc3iXDky9iG7cIo2EPxnxZlv9uRZ2L01WRsPJyFLopBRXx5g8IqxOz8HBpa 3FZ8jp9TqNxex7ilCfQv+JUv5eLi9B5k5Kzpt7L3/asHB48JEdrwjeNdcQTStg8e dWDllo00nt/kQAFWGl1U8tbM5o4Ol3QN -----END CERTIFICATE-----Generated at Sat Sep 6 20:59:10 2025 by rpki-client