$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft File: g4L2GIxKbdZpVNVxij2cz5uL-JU.mft (raw, json) Hash identifier: HSZYvOsvOmVJNWr/nqjxdFRYHiHd1UU72E+vLzYMzC0= Subject key identifier: 5C:BF:87:E5:66:86:18:B3:8B:DD:C6:88:F2:4E:FF:9E:6E:9A:32:F5 Authority key identifier: 83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 Certificate issuer: /CN=A91CB8BA/serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Certificate serial: 0813 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft Manifest number: 080D Signing time: Thu 04 Sep 2025 20:39:39 +0000 Manifest this update: Thu 04 Sep 2025 20:39:39 +0000 Manifest next update: Thu 11 Sep 2025 20:39:39 +0000 Files and hashes: 1: g4L2GIxKbdZpVNVxij2cz5uL-JU.crl (hash: MLa/dILLOFZjlsiOEq6ITM8dKdtP9wP1Kj3xlvDCa7g=) 2: 21B96F2E7BC911EBABCF472DC4F9AE02.roa (hash: jfAjvDFneg9TxfVOqlYPDujvfvVSOSgnFYEvXUOG5OY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 20:39:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2067 (0x813) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Validity Not Before: Sep 4 20:39:39 2025 GMT Not After : Sep 11 20:39:39 2025 GMT Subject: CN=68b9f90b-1a42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6e:87:f5:e8:81:3a:77:8f:ce:c9:e0:12:89: 94:d3:31:36:8a:6e:40:ab:18:54:1d:32:c8:b5:98: 84:18:67:d6:c3:ac:17:ae:52:c3:05:25:bc:59:92: 63:19:ce:f8:ff:89:61:03:05:d4:ff:8e:b8:93:7f: f1:8f:f1:77:26:34:83:c7:1b:62:49:d1:c3:a6:4f: 9d:37:98:02:88:52:a6:bb:1f:4e:22:c0:60:74:75: 12:b6:ca:1c:2b:51:c7:55:f6:10:e9:37:03:25:b6: 3c:57:14:9e:8c:e8:84:3b:57:d5:c8:f3:87:1b:03: 85:2c:f0:30:1a:c1:88:e6:f2:1f:fe:bc:23:c9:61: 84:d0:10:a8:74:10:60:4f:80:52:61:00:0a:73:b1: ac:a4:82:0b:50:77:2d:7d:79:92:27:3e:cd:ab:58: 9e:89:bb:e5:d1:86:76:b5:92:39:d8:a6:69:a1:e7: 32:ea:86:49:0f:ca:30:0b:1e:72:5a:8a:0d:ba:8e: e6:38:fe:ba:f6:52:d4:86:f2:ef:1e:ea:3d:40:8a: 01:72:98:d8:f9:5e:c1:72:21:95:5a:32:7b:a5:2c: 22:7b:b6:38:ae:ba:77:48:50:17:14:b4:35:1e:a8: f5:5f:92:52:b1:7f:b6:0e:aa:cf:f4:5c:2a:2e:71: 85:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:BF:87:E5:66:86:18:B3:8B:DD:C6:88:F2:4E:FF:9E:6E:9A:32:F5 X509v3 Authority Key Identifier: keyid:83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:a5:66:a7:53:15:b7:a3:c3:64:0b:04:ed:8a:ba:08:79:58: 27:cd:5e:6b:cb:4a:15:e3:14:1c:c7:82:44:c0:90:d3:df:aa: b8:79:4e:79:5e:7b:82:6b:8e:65:bf:6c:56:89:e0:0b:f2:7f: de:6c:47:93:58:50:a7:17:d7:fa:57:a2:cc:63:01:9e:05:fe: 50:ec:d9:ae:e7:dd:f3:c8:ed:6a:d4:ab:7b:5d:1b:ed:bf:d7: aa:ef:d2:e9:a1:5f:10:4e:96:d9:4c:1b:c7:71:a2:6c:c6:21: 3a:e8:b0:4c:31:b4:e0:cc:26:38:e4:75:84:35:70:4a:c1:1e: 1e:8f:59:7c:0c:e5:13:58:0e:55:87:a2:3f:91:fa:34:bb:76: 9d:b8:d1:6e:74:63:0d:55:8f:2c:14:27:44:7b:87:2c:1f:e7: 13:9e:8d:3d:53:6f:8f:ae:c7:62:a1:04:1c:97:e2:f1:fc:2e: 6d:18:44:4d:55:f5:de:b6:5a:9c:86:b1:d4:b6:c2:d2:f2:71: 46:d6:e3:35:68:c2:e4:a6:d7:a4:c7:f5:68:60:61:88:6e:df: a5:20:f8:3a:61:d0:ac:68:05:fb:f0:dd:6f:cb:ac:2b:a5:c5: a3:7d:f7:6a:59:1d:2b:f0:c2:c3:a7:a5:59:d5:cd:15:5d:50: db:75:35:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QkExMTAvBgNVBAUTKDgzODJGNjE4OEM0QTZERDY2OTU0RDU3MThBM0Q5Q0NG OUI4QkY4OTUwHhcNMjUwOTA0MjAzOTM5WhcNMjUwOTExMjAzOTM5WjAYMRYwFAYD VQQDEw02OGI5ZjkwYi0xYTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwW6H9eiBOnePzsngEomU0zE2im5AqxhUHTLItZiEGGfWw6wXrlLDBSW8WZJj Gc74/4lhAwXU/464k3/xj/F3JjSDxxtiSdHDpk+dN5gCiFKmux9OIsBgdHUStsoc K1HHVfYQ6TcDJbY8VxSejOiEO1fVyPOHGwOFLPAwGsGI5vIf/rwjyWGE0BCodBBg T4BSYQAKc7GspIILUHctfXmSJz7Nq1ieibvl0YZ2tZI52KZpoecy6oZJD8owCx5y WooNuo7mOP669lLUhvLvHuo9QIoBcpjY+V7BciGVWjJ7pSwie7Y4rrp3SFAXFLQ1 Hqj1X5JSsX+2DqrP9FwqLnGFQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFy/h+Vm hhizi93GiPJO/55umjL1MB8GA1UdIwQYMBaAFIOC9hiMSm3WaVTVcYo9nM+bi/iV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8yNTEwQjRFNkYw RkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2JkWnBWTlZ4aWoyY3o1dUwt SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2c0TDJHSXhLYmRacFZOVnhpajJjejV1TC1KVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjhCQS8yNTEwQjRFNkYwRkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2Jk WnBWTlZ4aWoyY3o1dUwtSlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCspWanUxW3o8NkCwTtiroIeVgnzV5ry0oV4xQcx4JEwJDT36q4eU55 XnuCa45lv2xWieAL8n/ebEeTWFCnF9f6V6LMYwGeBf5Q7Nmu593zyO1q1Kt7XRvt v9eq79LpoV8QTpbZTBvHcaJsxiE66LBMMbTgzCY45HWENXBKwR4ej1l8DOUTWA5V h6I/kfo0u3aduNFudGMNVY8sFCdEe4csH+cTno09U2+PrsdioQQcl+Lx/C5tGERN VfXetlqchrHUtsLS8nFG1uM1aMLkptekx/VoYGGIbt+lIPg6YdCsaAX78N1vy6wr pcWjffdqWR0r8MLDp6VZ1c0VXVDbdTUy -----END CERTIFICATE-----Generated at Sat Sep 6 07:01:07 2025 by rpki-client