$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft File: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft (raw, json) Hash identifier: 8TzYeJEFRUUEmErCV8aakCxiB7qM8PQvBnwcp2qnfsA= Subject key identifier: 27:AA:96:2B:7C:DE:0E:05:01:07:3C:0A:54:B6:84:25:A5:86:07:20 Authority key identifier: 66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A Certificate issuer: /CN=A91C146D/serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Certificate serial: 65 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft Manifest number: 5F Signing time: Wed 03 Sep 2025 07:50:27 +0000 Manifest this update: Wed 03 Sep 2025 07:50:26 +0000 Manifest next update: Wed 10 Sep 2025 07:50:26 +0000 Files and hashes: 1: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl (hash: 09cDC+QuZpG8xaiCx2AUFTGIRcC6BR3IYmnWiFa+gvQ=) 2: 992A7358004211F0AC90656CC4F9AE02.roa (hash: 6uK19EDHQqPyaVVXXtHQJXfGGnOJLngyIEFvwQHYfKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 07:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Validity Not Before: Sep 3 07:50:26 2025 GMT Not After : Sep 10 07:50:26 2025 GMT Subject: CN=68b7f342-ef88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:b8:8b:6e:8a:9a:12:bc:be:e9:02:c0:a6:3d: 92:47:ab:fe:89:85:20:c9:77:74:49:fe:8b:65:0c: 52:7f:35:ee:5e:6e:66:1b:90:6e:14:f8:f7:db:b3: e3:75:a1:6e:32:32:76:ff:ed:ce:2c:bd:bd:d8:46: 86:6d:1a:0b:86:04:f2:ef:f3:e0:7a:d5:82:5e:e1: 7f:65:a7:01:ad:3b:fa:31:96:82:6f:c9:b7:6b:3a: 3a:b5:67:33:2d:e7:ae:35:ba:61:c3:c4:cf:9b:f1: 46:d5:b4:ed:a7:3d:7b:15:fd:be:69:87:ac:53:ce: 2d:1c:25:d3:2c:46:c8:8f:fc:7a:e3:61:56:d5:52: 40:45:3f:38:3c:b6:34:01:99:06:a0:55:a0:fc:bf: 88:02:e5:41:68:67:96:ea:94:14:fe:cc:87:60:93: 0b:38:50:8b:91:06:ef:8f:7a:60:e8:d5:d6:2e:c7: b3:d9:75:02:c9:35:66:22:7b:00:5b:2c:bb:f9:c5: bb:46:60:fb:ed:1c:c9:2c:cf:e4:c6:d5:6a:8e:1b: 05:98:9d:be:93:aa:4d:11:b3:fc:f9:b4:0f:b3:e5: 0a:48:94:92:a5:f1:ed:07:b0:94:82:e7:7e:4f:b0: b0:22:01:8b:74:4d:6b:fc:35:c1:3b:22:95:77:1f: d6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:AA:96:2B:7C:DE:0E:05:01:07:3C:0A:54:B6:84:25:A5:86:07:20 X509v3 Authority Key Identifier: keyid:66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:6c:06:5f:d6:82:22:39:19:7c:f2:8d:f1:19:f3:b1:a7:45: 13:71:fb:22:6d:6e:26:92:a5:f9:40:03:62:4b:39:c8:30:22: 8b:bf:45:aa:2a:81:14:75:8c:4a:61:53:ad:fd:e0:a1:4f:01: 07:c2:5b:84:ea:3c:fd:ab:a8:22:27:13:14:72:14:35:cf:cf: 43:9a:ea:0b:d9:5d:26:c9:18:17:6c:28:8e:23:99:3f:48:73: 0f:40:2a:a1:0c:c4:0d:58:dc:1a:06:5a:25:f4:be:66:64:a3: b7:21:fc:f2:1a:b4:bc:06:69:bc:d5:ec:23:1b:02:cd:1a:60: 52:fc:cc:6d:46:70:66:a0:39:f6:86:64:59:a6:f4:2c:75:34: 2f:f7:96:69:0a:85:33:2f:4a:74:e4:1f:2a:cf:e5:62:0c:0f: 5e:1c:42:82:7f:09:d9:72:f7:8a:43:2a:f8:08:c0:b7:dc:f8: ac:b2:f2:42:45:32:cc:ad:3a:e5:e0:5d:41:34:19:f6:5d:c1: c3:e7:2b:66:3b:01:21:41:a4:08:3e:d5:a5:99:d0:ea:00:52: c7:45:1a:4d:4c:57:a0:16:1c:08:ed:af:57:ea:8e:57:71:9c: 5e:24:9c:bb:f9:dc:cd:b8:61:62:8f:a4:61:e4:b4:f5:23:a8: 37:9c:bd:8a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoNjY0RTU5QTAwMEI5MUU3MkY4MDNFNkQ4Njg0MTE1NEM4 MDU2Qjg4QTAeFw0yNTA5MDMwNzUwMjZaFw0yNTA5MTAwNzUwMjZaMBgxFjAUBgNV BAMTDTY4YjdmMzQyLWVmODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDjuItuipoSvL7pAsCmPZJHq/6JhSDJd3RJ/otlDFJ/Ne5ebmYbkG4U+Pfbs+N1 oW4yMnb/7c4svb3YRoZtGguGBPLv8+B61YJe4X9lpwGtO/oxloJvybdrOjq1ZzMt 5641umHDxM+b8UbVtO2nPXsV/b5ph6xTzi0cJdMsRsiP/HrjYVbVUkBFPzg8tjQB mQagVaD8v4gC5UFoZ5bqlBT+zIdgkws4UIuRBu+PemDo1dYux7PZdQLJNWYiewBb LLv5xbtGYPvtHMksz+TG1WqOGwWYnb6Tqk0Rs/z5tA+z5QpIlJKl8e0HsJSC535P sLAiAYt0TWv8NcE7IpV3H9afAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJ6qWK3ze DgUBBzwKVLaEJaWGByAwHwYDVR0jBBgwFoAUZk5ZoAC5HnL4A+bYaEEVTIBWuIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0VDQjAwQjQyMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5MNEEtYllhRUVWVElCV3VJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWms1Wm9BQzVIbkw0QS1iWWFFRVZUSUJXdUlvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0VDQjAwQjQyMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5M NEEtYllhRUVWVElCV3VJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIpsBl/WgiI5GXzyjfEZ87GnRRNx+yJtbiaSpflAA2JLOcgwIou/Raoq gRR1jEphU6394KFPAQfCW4TqPP2rqCInExRyFDXPz0Oa6gvZXSbJGBdsKI4jmT9I cw9AKqEMxA1Y3BoGWiX0vmZko7ch/PIatLwGabzV7CMbAs0aYFL8zG1GcGagOfaG ZFmm9Cx1NC/3lmkKhTMvSnTkHyrP5WIMD14cQoJ/Cdly94pDKvgIwLfc+Kyy8kJF MsytOuXgXUE0GfZdwcPnK2Y7ASFBpAg+1aWZ0OoAUsdFGk1MV6AWHAjtr1fqjldx nF4knLv53M24YWKPpGHktPUjqDecvYo= -----END CERTIFICATE-----Generated at Thu Sep 4 13:59:04 2025 by rpki-client