$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft File: MGcPYbflDgsLiOclHeh4TAPJ5GI.mft (raw, json) Hash identifier: IAeVZV4x5Gy2dvifHtPW0wuU2sC7U+H4KnIHaYyEqr8= Subject key identifier: 21:E6:76:36:30:02:FD:2C:79:60:67:6F:0A:AA:D5:AB:FB:68:C7:1F Authority key identifier: 30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 Certificate issuer: /CN=A91CE6EC/serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Certificate serial: EE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft Manifest number: EB Signing time: Tue 02 Sep 2025 15:53:09 +0000 Manifest this update: Tue 02 Sep 2025 15:53:09 +0000 Manifest next update: Tue 09 Sep 2025 15:53:09 +0000 Files and hashes: 1: MGcPYbflDgsLiOclHeh4TAPJ5GI.crl (hash: mL4BzaRGWTdjCdnqQxWjQF2ZDF+ZeNdm9vIa1EHgXsI=) 2: 038610FC2D1E11EFA25C6D16C4F9AE02.roa (hash: fWZETNQO/nq4+BYBCH9MSAL8N1aF88n2/dhae6ZuhiQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 15:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 238 (0xee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Validity Not Before: Sep 2 15:53:09 2025 GMT Not After : Sep 9 15:53:09 2025 GMT Subject: CN=68b712e5-d622 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a9:c1:5b:5d:b5:f3:97:20:ad:fa:eb:00:67: 2f:fc:6c:5e:79:af:f6:8e:c2:94:71:66:fc:20:1f: 45:af:84:5f:11:65:35:3d:bd:69:1b:a4:d2:11:42: 41:cf:3b:fe:b9:50:9a:6e:02:c9:a5:b8:b3:52:e4: e3:d7:3c:c7:5a:08:43:f3:c1:93:4a:d8:a3:ef:75: f9:cc:94:11:74:53:cb:6c:cf:ee:88:e1:88:63:5d: 2e:a0:9b:1f:3f:56:0c:65:8c:51:ac:21:21:f5:75: d1:c4:ee:56:e2:f7:8f:a1:c1:b1:1b:77:e1:b5:c9: e1:35:55:b9:c7:33:d7:95:25:6b:73:0a:b5:e9:77: c7:47:3d:2d:7c:4d:c7:3f:57:e6:c1:31:dc:7a:4f: a4:2b:89:b7:7d:80:ad:ba:fc:b6:c8:85:ba:e2:33: 04:ac:59:cb:5b:36:50:a0:7b:cd:a2:3b:3e:2d:07: b3:60:9f:8c:f9:4d:de:b4:df:f3:d1:57:84:98:e4: 83:07:29:99:25:89:16:aa:00:4a:96:a6:4f:1f:40: 11:58:bb:9f:65:64:9e:9d:f6:54:ce:03:9c:0e:a5: 70:1f:c9:90:eb:78:24:1f:fc:cc:8e:11:ce:cb:82: 37:7e:04:cc:70:4b:ab:2a:01:2c:ae:ee:5d:b7:90: bc:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:E6:76:36:30:02:FD:2C:79:60:67:6F:0A:AA:D5:AB:FB:68:C7:1F X509v3 Authority Key Identifier: keyid:30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e3:18:b3:a7:b9:b1:e5:e6:f4:aa:c9:ee:32:42:56:a3:05:f1: 55:ad:cf:86:44:98:e1:15:2f:9f:7b:29:53:fc:ed:1c:5a:a3: 29:24:d1:8a:6f:04:55:6a:ef:89:c8:ff:e0:3a:f8:7d:09:a2: 48:a6:50:d0:b0:f3:29:96:19:65:22:11:9a:49:bc:d3:d7:d6: ac:c6:f0:f9:20:0e:78:ba:57:3f:99:c8:59:09:26:5c:b3:5c: 66:e5:f6:ff:35:f1:73:7f:38:d9:4d:33:06:b8:78:f0:6c:e8: 05:0e:5b:c0:a0:25:b6:55:0f:18:21:47:2c:45:0f:d6:45:2a: 48:8c:71:6a:87:9c:0e:cb:17:27:37:f3:d2:14:f0:cf:e1:bf: 70:7e:3d:bd:1e:18:54:30:21:2a:5a:b6:46:6f:4f:ed:90:14: 84:9b:61:fd:f7:a0:86:70:59:13:3d:94:c0:5f:14:91:d2:0d: 2d:3b:93:0e:76:af:00:5c:75:f8:28:7c:2a:7f:44:6f:4d:a4: 40:cc:4d:ea:c6:09:6f:e4:0f:92:03:66:29:19:7f:61:03:23: b5:af:f9:08:52:96:3d:14:9b:e8:5a:5d:a2:ef:e1:95:b0:51: 4c:6d:6e:dc:ab:79:2e:c4:c4:50:04:4c:92:51:15:94:bb:dc: a0:5f:df:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKDMwNjcwRjYxQjdFNTBFMEIwQjg4RTcyNTFERTg3ODRD MDNDOUU0NjIwHhcNMjUwOTAyMTU1MzA5WhcNMjUwOTA5MTU1MzA5WjAYMRYwFAYD VQQDEw02OGI3MTJlNS1kNjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqqnBW12185cgrfrrAGcv/Gxeea/2jsKUcWb8IB9Fr4RfEWU1Pb1pG6TSEUJB zzv+uVCabgLJpbizUuTj1zzHWghD88GTStij73X5zJQRdFPLbM/uiOGIY10uoJsf P1YMZYxRrCEh9XXRxO5W4vePocGxG3fhtcnhNVW5xzPXlSVrcwq16XfHRz0tfE3H P1fmwTHcek+kK4m3fYCtuvy2yIW64jMErFnLWzZQoHvNojs+LQezYJ+M+U3etN/z 0VeEmOSDBymZJYkWqgBKlqZPH0ARWLufZWSenfZUzgOcDqVwH8mQ63gkH/zMjhHO y4I3fgTMcEurKgEsru5dt5C8lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCHmdjYw Av0seWBnbwqq1av7aMcfMB8GA1UdIwQYMBaAFDBnD2G35Q4LC4jnJR3oeEwDyeRi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy8wODJBODlGMDJB MjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERnc0xpT2NsSGVoNFRBUEo1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL01HY1BZYmZsRGdzTGlPY2xIZWg0VEFQSjVHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy8wODJBODlGMDJBMjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERn c0xpT2NsSGVoNFRBUEo1R0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDjGLOnubHl5vSqye4yQlajBfFVrc+GRJjhFS+feylT/O0cWqMpJNGK bwRVau+JyP/gOvh9CaJIplDQsPMplhllIhGaSbzT19asxvD5IA54ulc/mchZCSZc s1xm5fb/NfFzfzjZTTMGuHjwbOgFDlvAoCW2VQ8YIUcsRQ/WRSpIjHFqh5wOyxcn N/PSFPDP4b9wfj29HhhUMCEqWrZGb0/tkBSEm2H996CGcFkTPZTAXxSR0g0tO5MO dq8AXHX4KHwqf0RvTaRAzE3qxglv5A+SA2YpGX9hAyO1r/kIUpY9FJvoWl2i7+GV sFFMbW7cq3kuxMRQBEySURWUu9ygX9+6 -----END CERTIFICATE-----Generated at Thu Sep 4 13:59:05 2025 by rpki-client