$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: BD6c5DW7dBcJGdTKA5xEv1JzoEciGGo5ksqZnNIaCKM= Subject key identifier: 25:24:4C:B7:A4:1A:3A:77:C0:03:C2:F5:04:F5:30:18:66:A3:61:A8 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 0210 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 020C Signing time: Wed 27 Aug 2025 02:25:09 +0000 Manifest this update: Wed 27 Aug 2025 02:25:09 +0000 Manifest next update: Wed 03 Sep 2025 02:25:09 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: GumYjAdJv6ntl7rx+3z5T12RTrn3XrvWUpr2uKhzuJw=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: tX50rThQWeAbKIESIwrC0zdSKgD+i4OgX2qNIGi6fqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Sep 2025 02:25:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 528 (0x210) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Aug 27 02:25:09 2025 GMT Not After : Sep 3 02:25:09 2025 GMT Subject: CN=68ae6c85-33ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:79:01:7d:99:ef:28:e2:92:b2:22:e0:e6:ec: b1:11:16:1f:a9:ee:38:b4:82:e0:19:77:48:7e:07: 84:f3:19:b8:5c:65:8b:6e:77:6f:9d:0f:c0:5d:05: 68:3e:44:53:6c:94:5b:e2:cc:2a:3f:e3:f0:88:53: c2:93:c8:ad:05:38:7d:c1:cd:4a:77:df:8a:e2:24: 08:a9:c5:34:1f:91:16:c5:33:7e:cb:b5:ac:17:f8: 51:d6:38:25:08:5d:65:23:58:6d:ae:c2:7c:40:59: 8f:dc:bc:de:c7:5c:c5:7f:b7:e4:15:fd:6d:81:31: 13:a9:80:6b:ce:b0:bd:fc:04:54:3c:f0:68:ad:e4: a7:9f:46:0d:6b:44:ef:08:09:83:98:55:9c:c1:72: 6c:3e:c8:e7:f8:37:eb:39:d5:f1:d2:bd:28:3c:a1: 8b:6c:bd:1a:2d:fe:63:16:86:dc:32:68:c0:f7:5a: 1a:30:af:d5:f9:27:79:f5:ee:a1:7f:24:77:46:49: b3:1e:c0:35:1f:c9:5a:c2:78:30:5d:51:4f:2c:e5: f8:15:5e:72:b1:3a:65:96:0b:13:ad:d8:99:06:a7: dc:82:b7:e8:67:c5:37:f0:a4:f2:4f:a2:3a:9d:85: fc:0d:a1:c1:3a:06:b5:27:45:3d:1f:1c:b7:c7:b1: c0:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:24:4C:B7:A4:1A:3A:77:C0:03:C2:F5:04:F5:30:18:66:A3:61:A8 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:d2:0e:06:25:88:78:37:f7:50:dd:cb:2f:d5:ca:f8:dc:b3: 91:6c:fd:1f:b0:fc:8b:a0:21:98:ca:0b:39:31:24:83:bf:b8: ec:d0:54:06:da:27:23:5d:5b:cb:c8:7f:d2:78:f7:ee:ec:06: a1:91:94:20:1f:21:2a:23:33:48:e5:63:eb:78:75:1f:ec:e6: 80:d0:8e:58:02:2d:fa:46:fe:f3:34:81:55:1f:5c:b1:2b:4b: ef:c8:bc:5b:f1:36:1b:ad:7c:59:91:85:b2:3f:ba:ac:5c:b6: 50:7c:fd:0e:1a:1c:21:2b:ee:6d:6c:56:42:a0:da:cf:93:59: f0:f9:17:2b:aa:a9:71:27:4f:f9:b0:cb:a4:e5:8f:52:65:01: 21:13:1e:98:7f:ad:a3:4f:95:04:03:f2:96:c2:84:3c:48:f3: c8:0d:07:bf:85:ae:3e:39:c9:67:7f:f2:78:1d:8b:18:06:0b: 07:6b:2f:94:a3:95:25:82:cb:78:7a:28:bf:ae:38:b3:3a:13: 52:71:64:b2:83:7d:26:c1:c2:65:de:d4:f3:ae:ab:82:11:82: 00:dc:9e:10:35:1b:8f:42:81:1c:e2:23:e6:35:08:35:88:c9: f0:a7:23:f6:e8:a0:5b:90:29:07:48:a2:3c:7c:67:0f:0c:9d: c8:e1:b1:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUwODI3MDIyNTA5WhcNMjUwOTAzMDIyNTA5WjAYMRYwFAYD VQQDEw02OGFlNmM4NS0zM2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+XkBfZnvKOKSsiLg5uyxERYfqe44tILgGXdIfgeE8xm4XGWLbndvnQ/AXQVo PkRTbJRb4swqP+PwiFPCk8itBTh9wc1Kd9+K4iQIqcU0H5EWxTN+y7WsF/hR1jgl CF1lI1htrsJ8QFmP3Lzex1zFf7fkFf1tgTETqYBrzrC9/ARUPPBoreSnn0YNa0Tv CAmDmFWcwXJsPsjn+DfrOdXx0r0oPKGLbL0aLf5jFobcMmjA91oaMK/V+Sd59e6h fyR3RkmzHsA1H8lawngwXVFPLOX4FV5ysTpllgsTrdiZBqfcgrfoZ8U38KTyT6I6 nYX8DaHBOga1J0U9Hxy3x7HA2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCUkTLek Gjp3wAPC9QT1MBhmo2GoMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAz0g4GJYh4N/dQ3csv1cr43LORbP0fsPyLoCGYygs5MSSDv7js0FQG 2icjXVvLyH/SePfu7AahkZQgHyEqIzNI5WPreHUf7OaA0I5YAi36Rv7zNIFVH1yx K0vvyLxb8TYbrXxZkYWyP7qsXLZQfP0OGhwhK+5tbFZCoNrPk1nw+RcrqqlxJ0/5 sMuk5Y9SZQEhEx6Yf62jT5UEA/KWwoQ8SPPIDQe/ha4+Oclnf/J4HYsYBgsHay+U o5Ulgst4eii/rjizOhNScWSyg30mwcJl3tTzrquCEYIA3J4QNRuPQoEc4iPmNQg1 iMnwpyP26KBbkCkHSKI8fGcPDJ3I4bFZ -----END CERTIFICATE-----Generated at Wed Aug 27 11:20:17 2025 by rpki-client