$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.mft File: _D97sEVCVvMfJcoAhkvDpr11X5Y.mft (raw, json) Hash identifier: nIU7B0NC4e31VAWyOlm03g7EpaSsB2IYQoi7i7lj1YA= Subject key identifier: D1:66:8C:23:3D:19:01:B4:F0:C8:2A:B0:DD:A1:E5:F1:FC:42:06:54 Authority key identifier: FC:3F:7B:B0:45:42:56:F3:1F:25:CA:00:86:4B:C3:A6:BD:75:5F:96 Certificate issuer: /CN=A91CE2DE/serialNumber=FC3F7BB0454256F31F25CA00864BC3A6BD755F96 Certificate serial: 023A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D97sEVCVvMfJcoAhkvDpr11X5Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.mft Manifest number: 0236 Signing time: Thu 21 Aug 2025 02:03:47 +0000 Manifest this update: Thu 21 Aug 2025 02:03:46 +0000 Manifest next update: Thu 28 Aug 2025 02:03:46 +0000 Files and hashes: 1: _D97sEVCVvMfJcoAhkvDpr11X5Y.crl (hash: JP7c6bNFZHv2lH0JjvSuXZK1THuGPsgm72mS6MfFDuE=) 2: 97B4F5603B3D11ED822BB46CC4F9AE02.roa (hash: XDsE6Ddixa5A+mdde/4fTJzczS6XmbdyS2Na1+31tR8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.crl rsync://rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D97sEVCVvMfJcoAhkvDpr11X5Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:03:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 570 (0x23a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE2DE, serialNumber=FC3F7BB0454256F31F25CA00864BC3A6BD755F96 Validity Not Before: Aug 21 02:03:46 2025 GMT Not After : Aug 28 02:03:46 2025 GMT Subject: CN=68a67e82-cd1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e1:a9:55:0d:88:2f:ad:51:4a:31:ff:21:43: 39:48:fd:49:94:0c:37:71:36:96:38:5e:3e:ad:3d: 08:99:f6:61:8e:0d:d1:81:d5:b9:d7:1d:1a:8b:07: 4e:5c:dc:81:90:13:94:33:8b:d9:12:74:5c:d6:c2: cf:bd:c9:d8:d4:3b:4d:e8:8e:b2:c0:51:21:85:2f: 55:6a:b6:45:21:a0:ce:88:ce:b9:d7:5e:d5:43:8c: 4c:bf:07:87:5c:8d:da:1f:7a:f3:a4:2a:07:f6:c5: 32:a6:45:f9:59:33:3d:44:f2:d1:84:03:50:b7:f4: 6f:b6:b2:49:d7:0d:9c:cc:a2:3f:94:00:d0:ea:34: bc:ff:1a:07:85:8d:4e:56:a4:f1:b8:73:e3:42:38: ab:92:b8:b1:26:4a:1d:21:14:9f:3f:87:c9:53:f6: c6:c8:a6:8b:21:19:73:60:50:63:8d:23:ac:fd:bf: 84:c6:19:9e:83:2e:6c:99:38:90:71:fb:32:93:22: af:4a:10:00:7d:9d:cf:5b:6c:f0:40:5d:49:49:83: 32:50:94:a0:4c:7a:3e:74:81:31:2d:3e:ee:7b:d5: cb:e9:f0:1c:14:86:91:2b:75:d0:e2:c5:a4:31:95: 69:9f:10:8a:c7:5c:d5:b0:9a:61:be:53:29:d3:f5: e9:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:66:8C:23:3D:19:01:B4:F0:C8:2A:B0:DD:A1:E5:F1:FC:42:06:54 X509v3 Authority Key Identifier: keyid:FC:3F:7B:B0:45:42:56:F3:1F:25:CA:00:86:4B:C3:A6:BD:75:5F:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_D97sEVCVvMfJcoAhkvDpr11X5Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE2DE/ABDEE87A37E611EDB51E1D45C4F9AE02/_D97sEVCVvMfJcoAhkvDpr11X5Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:8c:f2:a4:1f:3f:82:14:06:12:bb:d8:8d:8b:f2:c3:d9:9f: dc:19:0e:71:fc:32:4f:d4:2c:9b:22:15:a2:aa:3c:04:af:7c: dd:96:23:b3:85:01:6c:95:3a:8d:1f:79:08:b9:6d:bb:d5:97: 4e:53:67:7a:d5:2f:42:5e:b3:79:23:f5:91:ac:95:f3:35:f8: bb:82:87:4e:c2:90:2b:7c:07:22:d3:56:6d:58:d1:45:81:d6: 5c:45:d1:20:73:0d:74:0d:b0:a0:f9:09:c9:06:07:80:57:61: c3:9c:23:a3:bf:50:2e:ac:dc:96:d1:83:df:a4:e1:00:d9:ea: 27:02:e7:54:15:b9:2b:a4:09:ed:2d:38:92:42:e7:45:53:f8: ec:dc:d0:45:b9:1d:a6:f7:7f:c9:f8:1a:4e:68:c0:f2:5e:f7: 43:58:8e:c3:af:cf:04:b6:ff:99:23:15:a0:6a:9d:cd:22:3d: 5a:8e:ad:ab:93:27:df:1f:56:9c:6a:0d:c9:8c:46:f6:87:91: 05:b6:f8:60:b6:dd:83:c9:40:dd:38:cc:9e:e7:bf:55:a8:6e: b5:8d:b7:bc:8c:4b:0c:2f:a8:49:3d:37:86:02:dc:20:f1:35: 47:ba:94:8c:dc:48:bf:b5:4d:b1:86:10:9d:da:2c:85:95:b5: c8:e1:31:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyREUxMTAvBgNVBAUTKEZDM0Y3QkIwNDU0MjU2RjMxRjI1Q0EwMDg2NEJDM0E2 QkQ3NTVGOTYwHhcNMjUwODIxMDIwMzQ2WhcNMjUwODI4MDIwMzQ2WjAYMRYwFAYD VQQDEw02OGE2N2U4Mi1jZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsOGpVQ2IL61RSjH/IUM5SP1JlAw3cTaWOF4+rT0ImfZhjg3RgdW51x0aiwdO XNyBkBOUM4vZEnRc1sLPvcnY1DtN6I6ywFEhhS9VarZFIaDOiM65117VQ4xMvweH XI3aH3rzpCoH9sUypkX5WTM9RPLRhANQt/RvtrJJ1w2czKI/lADQ6jS8/xoHhY1O VqTxuHPjQjirkrixJkodIRSfP4fJU/bGyKaLIRlzYFBjjSOs/b+Exhmegy5smTiQ cfsykyKvShAAfZ3PW2zwQF1JSYMyUJSgTHo+dIExLT7ue9XL6fAcFIaRK3XQ4sWk MZVpnxCKx1zVsJphvlMp0/XpuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFmjCM9 GQG08MgqsN2h5fH8QgZUMB8GA1UdIwQYMBaAFPw/e7BFQlbzHyXKAIZLw6a9dV+W MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTJERS9BQkRFRTg3QTM3 RTYxMUVEQjUxRTFENDVDNEY5QUUwMi9fRDk3c0VWQ1Z2TWZKY29BaGt2RHByMTFY NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19EOTdzRVZDVnZNZkpjb0Foa3ZEcHIxMVg1WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTJERS9BQkRFRTg3QTM3RTYxMUVEQjUxRTFENDVDNEY5QUUwMi9fRDk3c0VWQ1Z2 TWZKY29BaGt2RHByMTFYNVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxjPKkHz+CFAYSu9iNi/LD2Z/cGQ5x/DJP1CybIhWiqjwEr3zdliOz hQFslTqNH3kIuW271ZdOU2d61S9CXrN5I/WRrJXzNfi7godOwpArfAci01ZtWNFF gdZcRdEgcw10DbCg+QnJBgeAV2HDnCOjv1AurNyW0YPfpOEA2eonAudUFbkrpAnt LTiSQudFU/js3NBFuR2m93/J+BpOaMDyXvdDWI7Dr88Etv+ZIxWgap3NIj1ajq2r kyffH1acag3JjEb2h5EFtvhgtt2DyUDdOMye579VqG61jbe8jEsML6hJPTeGAtwg 8TVHupSM3Ei/tU2xhhCd2iyFlbXI4TGC -----END CERTIFICATE-----Generated at Fri Aug 22 16:19:31 2025 by rpki-client