$ rpki-client -vvf rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft File: x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft (raw, json) Hash identifier: UvfYL+IRPgICz8ylOzgjO2AITNwE4lv+3ihf6yCQO7s= Subject key identifier: B5:C1:BA:BE:27:DA:EC:AE:41:9B:D8:FE:C2:91:B1:B3:5A:FF:D9:B1 Authority key identifier: C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 Certificate issuer: /CN=A91C85E9/serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Certificate serial: 11CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft Manifest number: 11C0 Signing time: Sun 24 Aug 2025 17:09:13 +0000 Manifest this update: Sun 24 Aug 2025 17:09:13 +0000 Manifest next update: Sun 31 Aug 2025 17:09:13 +0000 Files and hashes: 1: x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl (hash: 0DQStfpyJBJZxFUCxLpAGJPMpC6f5PDZLDebllvKtog=) 2: 8446564EF96611E8BE431B17C4F9AE02.roa (hash: S4PonvpkLuqmrbtgnv8T9QMFORQi4oK8GF7Qf1Ow3ok=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:09:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4554 (0x11ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C85E9, serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Validity Not Before: Aug 24 17:09:13 2025 GMT Not After : Aug 31 17:09:13 2025 GMT Subject: CN=68ab4739-7704 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:95:3c:74:50:2b:79:70:ba:e9:ce:15:57:7b: 58:b3:a3:5a:12:1b:81:32:fe:dd:62:92:2c:d6:c9: 3f:d8:a3:f3:52:02:6e:49:99:80:e1:87:cf:1d:d7: 9a:7d:7c:ef:e6:16:d6:30:04:57:0d:73:45:c8:c9: 5e:28:50:58:26:bb:60:55:6e:28:5b:c3:26:9d:97: 9d:81:26:0b:6f:7c:88:ba:c4:ac:1a:bf:a0:71:cc: 26:74:82:40:1c:a7:c1:24:9f:3d:fd:23:37:a8:b5: c4:0f:bf:e8:f8:5e:2b:a4:83:86:5d:e8:fb:32:32: 5f:1c:2b:12:d7:b6:a1:b2:d7:c6:48:49:74:7b:c4: be:21:3b:6a:98:30:72:6f:4c:ad:3e:f7:d3:91:b8: f6:a9:02:dd:fa:4b:7b:b4:aa:34:7c:25:dd:e6:8f: ce:6e:85:d5:ae:dc:a4:4c:7a:b2:0e:ac:2a:c1:b7: 6a:cb:7d:d9:c6:27:c7:c9:0d:f3:e4:ea:c7:12:72: d5:fd:62:53:34:27:5c:35:8a:61:f1:59:69:5e:a4: 2a:c4:45:51:f3:93:90:82:6b:24:65:77:18:2f:ed: 7a:10:ca:5e:8e:4e:63:a6:07:eb:53:18:79:81:00: f3:88:76:c4:58:d5:16:70:7a:49:e6:c1:60:38:f8: 0c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:C1:BA:BE:27:DA:EC:AE:41:9B:D8:FE:C2:91:B1:B3:5A:FF:D9:B1 X509v3 Authority Key Identifier: keyid:C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:23:ec:7b:36:d7:2a:a1:a8:43:80:cb:b9:5e:6c:ac:71:7d: 60:a9:df:08:66:37:d5:78:c3:5f:70:91:a5:8b:49:cb:fe:d3: 01:68:80:e0:72:fa:3d:3e:23:53:3d:e7:f3:31:0b:89:54:c8: fc:dd:6c:44:b7:f8:85:b2:5e:fe:9a:9f:b9:bc:38:f8:7e:05: a9:43:6d:d1:89:10:62:db:74:47:22:42:cf:67:64:b6:be:63: 9a:91:32:2c:b1:54:76:5b:a3:d3:29:5d:78:e3:67:d0:00:a6: b7:1f:ef:eb:33:34:18:0a:6c:60:a0:3f:4a:77:35:05:b6:65: d2:d1:6d:d6:6d:ab:e0:b1:93:05:af:d1:53:85:d4:63:f5:14: b2:ff:f1:d1:54:85:ed:b2:35:7d:ce:b4:16:dc:04:da:95:1c: 40:32:42:c5:5c:f0:c0:3e:57:1c:2a:07:63:ce:fd:fa:30:3e: ab:ad:68:2b:fd:5e:80:b8:0b:8a:81:4c:4c:69:db:74:2a:36: 5e:8b:ba:d7:98:70:4c:d6:47:fb:02:3e:fb:be:1b:da:1a:1c: 27:62:d6:01:b0:39:5f:78:dc:f5:13:c8:da:22:51:6c:fe:b1: 6a:be:79:dc:e8:36:79:60:49:3d:97:f1:17:37:54:ca:86:8e: 42:69:cb:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzg1RTkxMTAvBgNVBAUTKEM3Q0Y5NDNFM0E3NjRGMzdDMDAzQ0Q0MzVBMkI4NTQz QkNFNDc2MDkwHhcNMjUwODI0MTcwOTEzWhcNMjUwODMxMTcwOTEzWjAYMRYwFAYD VQQDEw02OGFiNDczOS03NzA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6JU8dFAreXC66c4VV3tYs6NaEhuBMv7dYpIs1sk/2KPzUgJuSZmA4YfPHdea fXzv5hbWMARXDXNFyMleKFBYJrtgVW4oW8MmnZedgSYLb3yIusSsGr+gccwmdIJA HKfBJJ89/SM3qLXED7/o+F4rpIOGXej7MjJfHCsS17ahstfGSEl0e8S+ITtqmDBy b0ytPvfTkbj2qQLd+kt7tKo0fCXd5o/OboXVrtykTHqyDqwqwbdqy33ZxifHyQ3z 5OrHEnLV/WJTNCdcNYph8VlpXqQqxEVR85OQgmskZXcYL+16EMpejk5jpgfrUxh5 gQDziHbEWNUWcHpJ5sFgOPgMwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLXBur4n 2uyuQZvY/sKRsbNa/9mxMB8GA1UdIwQYMBaAFMfPlD46dk83wAPNQ1orhUO85HYJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODVFOS8wODI1MzhFQ0Y5 NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6ZkFBODFEV2l1RlE3emtk Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g4LVVQanAyVHpmQUE4MURXaXVGUTd6a2Rnay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD ODVFOS8wODI1MzhFQ0Y5NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6 ZkFBODFEV2l1RlE3emtkZ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYI+x7NtcqoahDgMu5XmyscX1gqd8IZjfVeMNfcJGli0nL/tMBaIDg cvo9PiNTPefzMQuJVMj83WxEt/iFsl7+mp+5vDj4fgWpQ23RiRBi23RHIkLPZ2S2 vmOakTIssVR2W6PTKV1442fQAKa3H+/rMzQYCmxgoD9KdzUFtmXS0W3WbavgsZMF r9FThdRj9RSy//HRVIXtsjV9zrQW3ATalRxAMkLFXPDAPlccKgdjzv36MD6rrWgr /V6AuAuKgUxMadt0KjZei7rXmHBM1kf7Aj77vhvaGhwnYtYBsDlfeNz1E8jaIlFs /rFqvnnc6DZ5YEk9l/EXN1TKho5CactM -----END CERTIFICATE-----Generated at Sun Aug 24 21:46:27 2025 by rpki-client