$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json) Hash identifier: sbqsp0e4RTYgjFEY9jmBakjnXNUnaIOjVO0N0EQblJk= Subject key identifier: B2:91:4D:EA:8B:50:B4:92:90:C6:F5:6A:0A:2D:B0:BB:19:A0:CC:62 Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Certificate serial: 34AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft Manifest number: 34AC Signing time: Wed 20 Aug 2025 15:17:52 +0000 Manifest this update: Wed 20 Aug 2025 15:17:52 +0000 Manifest next update: Wed 27 Aug 2025 15:17:52 +0000 Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: 5+LMZ+CgRAn6MXS2imMzLJmBM9AikQSMpnQzHBsMgRY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 15:17:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13484 (0x34ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD73B, serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Validity Not Before: Aug 20 15:17:52 2025 GMT Not After : Aug 27 15:17:52 2025 GMT Subject: CN=68a5e720-d4da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0c:a6:0c:41:e4:be:56:c9:b0:2a:5b:4e:a0: 0c:2d:97:2d:9a:0d:5f:c6:9b:c8:74:63:a4:7a:f9: 2d:bd:74:9a:57:df:0f:8f:c6:eb:39:af:c7:ea:5c: 9d:16:f8:81:8d:1c:02:80:f2:26:d1:73:3d:be:06: 9b:b6:47:15:44:68:2c:8a:fe:d7:9e:06:7a:a7:b5: 9e:b3:4c:e5:92:3f:86:55:2e:2b:c2:ae:fc:58:5f: c1:78:0e:a3:ac:fd:b1:d6:0c:9b:3a:18:63:5a:f0: 45:95:e3:ab:df:b2:d3:2a:d0:89:3a:50:99:f2:ce: 04:f7:e3:d9:9c:a5:93:21:7a:1f:0f:19:98:a4:ce: 73:9a:17:e2:29:f6:80:02:83:f1:56:90:20:30:31: e7:0e:21:e8:91:72:33:27:a4:e2:e6:27:ee:dd:b1: 32:e0:b5:26:db:60:94:79:09:9a:64:5f:f0:13:a7: 88:db:58:1b:e4:67:65:67:62:d8:9d:b5:eb:5d:7f: 3f:93:f4:f4:0f:89:c9:df:27:8b:97:57:aa:ac:a3: 7e:cd:7a:24:68:8b:f2:c0:d3:fa:b5:b0:e9:5b:e2: f0:de:5f:89:b5:be:03:b0:53:5f:82:83:82:bc:06: 48:6f:bb:d5:fd:fa:75:33:f7:fc:00:16:56:36:7f: e8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:91:4D:EA:8B:50:B4:92:90:C6:F5:6A:0A:2D:B0:BB:19:A0:CC:62 X509v3 Authority Key Identifier: keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:9a:9a:96:70:1b:3c:bb:cb:26:f2:b1:e3:ab:c2:2f:1f:ce: 00:89:3a:01:8c:94:4c:2f:c3:6e:33:ed:23:ef:a0:ae:f4:a4: c5:d8:4f:d7:82:26:f5:13:1e:7f:b6:71:78:59:d7:58:4a:25: 83:4b:26:96:fe:d6:f4:76:43:d9:c2:f6:f8:1b:44:f5:57:81: 7c:b4:67:d5:0e:94:ed:6f:e2:e7:cc:6d:55:90:82:7c:5d:23: 9e:51:01:0d:97:59:49:08:20:1d:0c:9c:ff:be:4a:f3:fe:81: 36:da:cd:18:af:4b:05:26:30:3b:15:80:b7:d8:dc:b4:bd:21: d8:98:67:7c:47:35:1e:78:92:26:b9:ba:ac:c2:ae:15:5e:38: a6:2c:b4:1e:34:8d:4e:9b:7b:d0:36:b8:fa:99:2b:f5:39:8c: ea:1e:4a:54:58:df:16:12:04:b1:86:74:75:3d:8a:f6:12:37: f9:74:ff:62:4c:f0:9d:bd:7e:5e:99:35:cf:3a:b8:2f:e9:6b: f0:89:27:3c:b4:ed:48:25:70:76:a2:d6:8c:58:a1:bf:2b:f5: 93:40:fe:8f:4d:ba:4c:0d:dd:92:47:61:f5:53:82:39:7d:69: b7:9b:9f:a3:d8:3d:f2:5f:7e:c3:d9:e9:1d:5a:44:8d:fa:50: 24:a1:91:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF NTlGQTg0RjYwHhcNMjUwODIwMTUxNzUyWhcNMjUwODI3MTUxNzUyWjAYMRYwFAYD VQQDEw02OGE1ZTcyMC1kNGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxwymDEHkvlbJsCpbTqAMLZctmg1fxpvIdGOkevktvXSaV98Pj8brOa/H6lyd FviBjRwCgPIm0XM9vgabtkcVRGgsiv7XngZ6p7Wes0zlkj+GVS4rwq78WF/BeA6j rP2x1gybOhhjWvBFleOr37LTKtCJOlCZ8s4E9+PZnKWTIXofDxmYpM5zmhfiKfaA AoPxVpAgMDHnDiHokXIzJ6Ti5ifu3bEy4LUm22CUeQmaZF/wE6eI21gb5GdlZ2LY nbXrXX8/k/T0D4nJ3yeLl1eqrKN+zXokaIvywNP6tbDpW+Lw3l+Jtb4DsFNfgoOC vAZIb7vV/fp1M/f8ABZWNn/ozQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKRTeqL ULSSkMb1agotsLsZoMxiMB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4 bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMmpqWcBs8u8sm8rHjq8IvH84AiToBjJRML8NuM+0j76Cu9KTF2E/X gib1Ex5/tnF4WddYSiWDSyaW/tb0dkPZwvb4G0T1V4F8tGfVDpTtb+LnzG1VkIJ8 XSOeUQENl1lJCCAdDJz/vkrz/oE22s0Yr0sFJjA7FYC32Ny0vSHYmGd8RzUeeJIm ubqswq4VXjimLLQeNI1Om3vQNrj6mSv1OYzqHkpUWN8WEgSxhnR1PYr2Ejf5dP9i TPCdvX5emTXPOrgv6WvwiSc8tO1IJXB2otaMWKG/K/WTQP6PTbpMDd2SR2H1U4I5 fWm3m5+j2D3yX37D2ekdWkSN+lAkoZF8 -----END CERTIFICATE-----Generated at Fri Aug 22 16:34:38 2025 by rpki-client