$ rpki-client -vvf rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft File: rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft (raw, json) Hash identifier: IvIzQLHekhuTbi5eJq5bF6U2n+U47Ymqjnnbap6wICY= Subject key identifier: DE:16:64:39:BE:D0:93:75:FF:79:4C:95:31:C1:3A:B5:11:14:F2:52 Authority key identifier: AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 Certificate issuer: /CN=A91B97DB/serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Certificate serial: 0C40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft Manifest number: 0C37 Signing time: Wed 20 Aug 2025 18:42:23 +0000 Manifest this update: Wed 20 Aug 2025 18:42:22 +0000 Manifest next update: Wed 27 Aug 2025 18:42:22 +0000 Files and hashes: 1: rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl (hash: OW7w95H1/PGBZzFNFs+YamUrwrCB0E/X/KUU3zHBOMA=) 2: 5A0FAE220F7011EAB8E21167C4F9AE02.roa (hash: TQZLfyrNNm4rH/joKuV/c0LtGb3rqWKsaid6lV6en3Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 18:42:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3136 (0xc40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B97DB, serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Validity Not Before: Aug 20 18:42:22 2025 GMT Not After : Aug 27 18:42:22 2025 GMT Subject: CN=68a6170e-edc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:5a:47:c9:a7:30:fc:6e:59:5e:87:26:35:d0: a4:55:6a:2f:f2:00:b0:61:e1:bf:79:b8:4c:4f:5a: 2e:79:45:14:e6:69:1d:f6:19:42:6b:20:f6:50:15: 46:9d:a0:f7:6e:b2:21:5b:6b:2b:40:06:7a:72:57: a9:fd:91:a1:f9:d0:b5:a2:fd:aa:32:b9:40:63:46: 31:e7:a8:a7:45:a2:c2:05:e4:52:93:b1:a0:01:39: fe:5a:bd:51:ae:68:85:31:15:3e:a6:b1:e1:d4:7b: cd:14:22:7e:ec:94:08:aa:74:00:dc:77:a8:09:60: 82:9c:b3:fc:3a:b5:3f:fb:37:42:ad:73:f8:f6:65: e2:7a:97:35:fa:ad:4e:be:c1:56:69:25:de:25:bf: a3:02:32:d8:27:f3:ff:f5:0e:6e:e4:d2:a2:d8:a1: fb:16:4d:2a:0c:01:ad:2e:90:6f:9a:16:ac:5d:72: 04:6a:4e:7e:fd:ef:79:27:ba:15:a4:97:21:58:fb: 56:98:3b:c7:44:a2:cb:c0:f9:af:87:8d:65:9b:92: ab:bd:2c:98:25:77:d5:18:a4:28:0c:0e:8c:94:2b: e9:cf:f6:67:59:6e:6a:58:f7:93:1f:d8:b8:7e:66: 93:b4:c8:ca:cd:19:6e:f5:1d:52:9f:a2:eb:fa:5e: ed:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:16:64:39:BE:D0:93:75:FF:79:4C:95:31:C1:3A:B5:11:14:F2:52 X509v3 Authority Key Identifier: keyid:AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:f7:c4:71:37:7f:ea:40:0f:69:8a:29:b6:63:fc:76:05:c0: d8:80:be:24:07:0c:ea:d8:bd:12:55:e6:55:ee:db:03:6e:56: 68:95:7d:7b:ba:d6:46:71:95:51:80:38:9d:79:70:70:ac:d1: 43:1f:84:01:aa:dc:bb:9c:9d:b4:0c:cb:82:b6:86:bd:d6:21: 28:5b:a5:e7:d6:13:3a:6a:24:57:32:ef:1f:bd:d5:3a:5a:5a: 45:df:a7:59:ea:14:70:7e:58:12:a9:0c:c3:26:81:36:f5:d8: c1:fd:17:73:1a:73:31:b0:ed:6c:b7:57:6f:42:bf:69:91:6e: 6f:fd:69:6c:08:b7:f8:94:bc:a1:7a:ed:a3:d2:fa:ce:f4:34: 09:46:c3:f1:84:1c:93:38:d2:69:8c:e3:4d:49:e5:9c:95:55: 9d:f2:d1:51:f9:b7:ab:fc:5a:f6:51:a3:f7:3f:95:c7:17:3d: 71:bc:f0:0b:5c:f3:82:f3:7c:29:bb:81:5a:b1:d3:76:be:8a: 0b:f4:c5:b6:db:e6:cb:5a:6f:65:ab:74:c6:d8:ff:03:56:46: a6:e7:42:ba:3e:ab:be:e7:03:64:d9:a5:7e:03:89:37:cc:b0: 08:80:6f:15:ed:0a:5d:10:63:2d:74:6e:c2:3d:7b:c4:b5:cb: 3b:d7:d6:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3REIxMTAvBgNVBAUTKEFEM0Q4NzAzODUwQjEyNzFFOEYzMUFFMDNFM0NDOUFD NDY2MEQ5NDIwHhcNMjUwODIwMTg0MjIyWhcNMjUwODI3MTg0MjIyWjAYMRYwFAYD VQQDEw02OGE2MTcwZS1lZGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7FpHyacw/G5ZXocmNdCkVWov8gCwYeG/ebhMT1oueUUU5mkd9hlCayD2UBVG naD3brIhW2srQAZ6clep/ZGh+dC1ov2qMrlAY0Yx56inRaLCBeRSk7GgATn+Wr1R rmiFMRU+prHh1HvNFCJ+7JQIqnQA3HeoCWCCnLP8OrU/+zdCrXP49mXiepc1+q1O vsFWaSXeJb+jAjLYJ/P/9Q5u5NKi2KH7Fk0qDAGtLpBvmhasXXIEak5+/e95J7oV pJchWPtWmDvHRKLLwPmvh41lm5KrvSyYJXfVGKQoDA6MlCvpz/ZnWW5qWPeTH9i4 fmaTtMjKzRlu9R1Sn6Lr+l7tBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN4WZDm+ 0JN1/3lMlTHBOrURFPJSMB8GA1UdIwQYMBaAFK09hwOFCxJx6PMa4D48yaxGYNlC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTdEQi80RTQxMEFDRTBG NkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVuSG84eHJnUGp6SnJFWmcy VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JUMkhBNFVMRW5Ibzh4cmdQanpKckVaZzJVSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTdEQi80RTQxMEFDRTBGNkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVu SG84eHJnUGp6SnJFWmcyVUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAR98RxN3/qQA9piim2Y/x2BcDYgL4kBwzq2L0SVeZV7tsDblZolX17 utZGcZVRgDideXBwrNFDH4QBqty7nJ20DMuCtoa91iEoW6Xn1hM6aiRXMu8fvdU6 WlpF36dZ6hRwflgSqQzDJoE29djB/RdzGnMxsO1st1dvQr9pkW5v/WlsCLf4lLyh eu2j0vrO9DQJRsPxhByTONJpjONNSeWclVWd8tFR+ber/Fr2UaP3P5XHFz1xvPAL XPOC83wpu4FasdN2vooL9MW22+bLWm9lq3TG2P8DVkam50K6Pqu+5wNk2aV+A4k3 zLAIgG8V7QpdEGMtdG7CPXvEtcs719Yq -----END CERTIFICATE-----Generated at Fri Aug 22 16:27:15 2025 by rpki-client