$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.mft File: Ci5d8bLD15feoVNn-qncOITNGzM.mft (raw, json) Hash identifier: FgQol0I4mDK2/FKfkh4lvF9P/CFYBry9olxxFsP9RgY= Subject key identifier: 11:7F:1F:F0:7F:0D:45:E3:7B:48:95:4A:57:2E:D9:3C:F7:6F:7C:7B Authority key identifier: 0A:2E:5D:F1:B2:C3:D7:97:DE:A1:53:67:FA:A9:DC:38:84:CD:1B:33 Certificate issuer: /CN=A91CD096/serialNumber=0A2E5DF1B2C3D797DEA15367FAA9DC3884CD1B33 Certificate serial: 0DAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ci5d8bLD15feoVNn-qncOITNGzM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.mft Manifest number: 0DA1 Signing time: Sun 24 Aug 2025 17:53:08 +0000 Manifest this update: Sun 24 Aug 2025 17:53:07 +0000 Manifest next update: Sun 31 Aug 2025 17:53:07 +0000 Files and hashes: 1: Ci5d8bLD15feoVNn-qncOITNGzM.crl (hash: iAt3L/I1UFc1WKXrUZ1gYAlIlqvv9xWfoIkeWMs4VVY=) 2: 4EEE01FCE15611EF9560323EC4F9AE02.roa (hash: 9Nz/F+iPTsdfTjIzxhDauJBST5Z1hrA/MujlPAQ3LmU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.crl rsync://rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ci5d8bLD15feoVNn-qncOITNGzM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:53:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3501 (0xdad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD096, serialNumber=0A2E5DF1B2C3D797DEA15367FAA9DC3884CD1B33 Validity Not Before: Aug 24 17:53:07 2025 GMT Not After : Aug 31 17:53:07 2025 GMT Subject: CN=68ab5183-114b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:3d:e0:e6:56:5f:51:ca:c1:76:78:ce:0f:33: c6:cd:e8:70:d6:65:ee:bc:00:95:02:fc:20:cd:b3: 27:db:a0:8d:92:d5:5b:b6:b9:cf:b0:98:96:1c:ff: cf:9a:2c:72:19:12:57:1c:5a:32:c2:d3:c2:eb:7b: 01:3f:34:91:ae:a8:a9:d1:3e:61:da:28:c0:f6:80: 09:dd:dc:d8:cc:b8:77:63:94:ec:5e:83:ca:03:1d: 3c:e0:10:62:84:a2:df:8f:0e:d4:5a:b7:40:1f:cd: c9:88:25:10:f5:92:a9:4b:60:9a:9a:60:e6:45:ad: 29:f5:a4:95:a4:77:19:6b:46:21:89:53:a9:01:75: fc:f4:21:dd:e9:dd:0c:08:3a:fc:34:6b:32:7c:a6: fc:c2:d6:93:f1:69:10:4b:6c:95:8e:a9:eb:6b:79: 90:71:c9:55:f4:e7:78:84:3e:f1:99:b9:db:5f:78: fe:94:54:4e:13:9d:b8:86:e3:d5:96:8c:38:18:7a: d1:a1:8e:21:51:3b:d2:66:79:50:14:0f:79:f4:71: cc:9b:35:b0:14:f8:dc:fe:09:68:8e:45:64:ae:3d: 1b:f1:1c:4a:ce:d9:7c:34:ee:93:f3:29:6b:7c:6a: 3a:9b:e4:6c:12:f6:1a:72:b1:93:6e:7c:7d:de:01: 47:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:7F:1F:F0:7F:0D:45:E3:7B:48:95:4A:57:2E:D9:3C:F7:6F:7C:7B X509v3 Authority Key Identifier: keyid:0A:2E:5D:F1:B2:C3:D7:97:DE:A1:53:67:FA:A9:DC:38:84:CD:1B:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ci5d8bLD15feoVNn-qncOITNGzM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD096/E5042C2ACA3211E9A739B753C4F9AE02/Ci5d8bLD15feoVNn-qncOITNGzM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:fb:28:04:40:b0:3d:3b:d1:f0:50:bb:c5:50:45:4b:2d:46: f6:67:d1:2a:f2:39:d9:c3:bc:e6:66:0c:71:39:56:aa:ca:93: 7b:3c:2a:02:0f:8b:4d:9a:36:5a:bf:44:d2:95:93:84:f3:ce: 40:7e:02:2b:4b:6b:ba:e2:61:7f:99:0e:3c:97:19:ae:e8:7b: a9:1d:5f:6d:15:c2:19:88:5d:f7:ec:b2:89:52:0a:28:db:19: 09:6f:3e:e9:5b:43:79:74:69:b1:14:1f:30:3a:a8:ca:89:87: 2a:5e:90:3b:8a:75:d9:2f:57:c2:39:ba:31:2b:6a:de:4d:51: 67:6b:fe:57:0d:1a:ff:44:cc:ec:bf:79:80:a6:0b:10:5d:a8: 78:9f:a3:5d:81:67:8e:c6:32:ca:75:fa:aa:cf:41:b8:54:95: d3:e3:ed:94:f1:d0:be:fa:90:03:2d:29:a2:7f:eb:6e:bc:6e: 69:38:2c:ef:27:9f:a0:fc:02:1e:6b:0c:fc:85:85:49:fa:43: 97:81:b6:10:ce:72:e1:5d:08:11:c4:d4:92:38:29:a3:0b:f0: a9:92:00:9b:29:37:ae:00:03:5c:d7:7b:43:b0:5a:b7:7e:57: 41:b4:2f:fb:96:7a:ed:4a:45:37:16:4a:78:73:37:41:2f:2f: d1:cd:e8:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0QwOTYxMTAvBgNVBAUTKDBBMkU1REYxQjJDM0Q3OTdERUExNTM2N0ZBQTlEQzM4 ODRDRDFCMzMwHhcNMjUwODI0MTc1MzA3WhcNMjUwODMxMTc1MzA3WjAYMRYwFAYD VQQDEw02OGFiNTE4My0xMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyz3g5lZfUcrBdnjODzPGzehw1mXuvACVAvwgzbMn26CNktVbtrnPsJiWHP/P mixyGRJXHFoywtPC63sBPzSRrqip0T5h2ijA9oAJ3dzYzLh3Y5TsXoPKAx084BBi hKLfjw7UWrdAH83JiCUQ9ZKpS2CammDmRa0p9aSVpHcZa0YhiVOpAXX89CHd6d0M CDr8NGsyfKb8wtaT8WkQS2yVjqnra3mQcclV9Od4hD7xmbnbX3j+lFROE524huPV low4GHrRoY4hUTvSZnlQFA959HHMmzWwFPjc/glojkVkrj0b8RxKztl8NO6T8ylr fGo6m+RsEvYacrGTbnx93gFHEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBF/H/B/ DUXje0iVSlcu2Tz3b3x7MB8GA1UdIwQYMBaAFAouXfGyw9eX3qFTZ/qp3DiEzRsz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDA5Ni9FNTA0MkMyQUNB MzIxMUU5QTczOUI3NTNDNEY5QUUwMi9DaTVkOGJMRDE1ZmVvVk5uLXFuY09JVE5H ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NpNWQ4YkxEMTVmZW9WTm4tcW5jT0lUTkd6TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDA5Ni9FNTA0MkMyQUNBMzIxMUU5QTczOUI3NTNDNEY5QUUwMi9DaTVkOGJMRDE1 ZmVvVk5uLXFuY09JVE5Hek0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAs+ygEQLA9O9HwULvFUEVLLUb2Z9Eq8jnZw7zmZgxxOVaqypN7PCoC D4tNmjZav0TSlZOE885AfgIrS2u64mF/mQ48lxmu6HupHV9tFcIZiF337LKJUgoo 2xkJbz7pW0N5dGmxFB8wOqjKiYcqXpA7inXZL1fCOboxK2reTVFna/5XDRr/RMzs v3mApgsQXah4n6NdgWeOxjLKdfqqz0G4VJXT4+2U8dC++pADLSmif+tuvG5pOCzv J5+g/AIeawz8hYVJ+kOXgbYQznLhXQgRxNSSOCmjC/CpkgCbKTeuAANc13tDsFq3 fldBtC/7lnrtSkU3Fkp4czdBLy/Rzejv -----END CERTIFICATE-----Generated at Sun Aug 24 21:44:36 2025 by rpki-client