$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: 2GdR04qUZ9srcgVo9wcVf3LJFBCLZ3TYexTfee89dhM= Subject key identifier: 9A:DE:C2:FA:D6:FD:1F:5B:A5:2C:39:14:9C:36:33:E4:FA:30:F8:45 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 2A Signing time: Thu 21 Aug 2025 07:58:52 +0000 Manifest this update: Thu 21 Aug 2025 07:58:51 +0000 Manifest next update: Thu 28 Aug 2025 07:58:51 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: 6cHnIyPzZ0v2NUe13mD14b1xLtQWAYZTHnvBXyA2OO0=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 07:58:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Aug 21 07:58:51 2025 GMT Not After : Aug 28 07:58:51 2025 GMT Subject: CN=68a6d1bc-b3a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:19:df:54:ce:7e:19:7b:8c:24:17:5a:ed:0f: d5:97:d4:02:7a:8f:54:1e:dd:d0:68:e8:c4:49:ef: a0:7b:df:e5:41:84:38:78:ae:f1:58:81:98:f3:40: 97:12:42:34:24:e7:2c:07:b1:1c:ba:c6:6b:29:80: f5:29:ba:81:ad:5e:63:8f:e7:ec:35:e4:62:30:e5: 38:c3:fb:17:1a:a1:1b:e8:dd:88:2a:07:8c:9d:7e: f5:46:75:94:59:8b:4a:56:7c:4d:1f:ac:ec:17:5d: dc:3d:98:59:b4:48:31:51:f5:13:4e:d5:5d:13:24: da:52:18:7c:3d:0b:2a:91:ae:cb:48:ab:6e:62:f5: 9b:01:ed:b2:46:55:8b:3a:39:d5:74:64:0b:8b:c1: 31:1f:88:59:f0:3f:bb:50:c0:1b:1e:10:67:fc:12: 0e:5b:62:01:16:cb:c9:54:96:7d:32:ad:08:dc:04: b5:3c:2a:12:b4:6c:94:dd:7d:2b:cc:59:46:3a:b1: cf:07:8f:b6:27:60:c0:55:3d:ba:41:d1:a1:2f:7a: c3:dd:29:57:d3:85:f7:23:de:22:54:33:96:a9:d2: 1f:17:1a:7f:7e:4c:70:97:c1:16:3b:97:c3:eb:02: 18:d2:60:76:a8:96:2a:fb:1b:db:6f:6b:c3:f9:19: 29:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:DE:C2:FA:D6:FD:1F:5B:A5:2C:39:14:9C:36:33:E4:FA:30:F8:45 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:35:1f:85:b0:f3:52:b1:e6:06:f6:ba:ef:5a:31:08:24:44: 02:56:ab:c2:0b:3b:61:0b:7b:f2:69:4c:b1:03:3a:a9:a3:9f: ab:9e:ae:79:07:5f:81:ae:d9:12:64:b3:38:20:24:21:09:89: 42:05:ad:1c:12:5d:86:85:fe:60:b7:b7:5e:69:b0:ad:a1:6b: f8:a6:af:dc:8e:ec:0a:d9:db:8a:33:87:17:99:50:b2:51:b0: 15:80:00:ce:8c:19:3f:4f:82:85:97:b8:15:cd:f1:11:40:76: 65:de:09:a4:ef:ac:06:dd:6d:76:6a:30:4f:33:e5:43:4b:79: 94:d4:73:db:5e:c3:16:5f:1f:db:d9:ba:f7:fe:a9:9f:b6:00: aa:20:6e:31:60:68:23:2c:fa:66:00:2a:76:0c:fc:0f:5e:1d: 4f:1a:d3:b9:ef:ab:7e:5c:b0:69:0d:a5:31:7a:5d:b7:55:76: 0c:43:98:cc:18:78:2a:54:a4:4c:80:ab:df:96:c0:dd:a7:b5: 8f:d9:11:31:15:84:69:6c:49:8e:2f:1e:f9:9c:9d:72:0e:ca: 16:3b:44:41:43:1e:db:d7:06:f6:f5:4b:1a:1d:a0:90:81:8e: 6f:fc:cf:fd:83:f6:0b:61:72:1c:b4:43:7c:e0:96:dd:8a:9f: a9:8c:4f:e9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTA4MjEwNzU4NTFaFw0yNTA4MjgwNzU4NTFaMBgxFjAUBgNV BAMTDTY4YTZkMWJjLWIzYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDiGd9Uzn4Ze4wkF1rtD9WX1AJ6j1Qe3dBo6MRJ76B73+VBhDh4rvFYgZjzQJcS QjQk5ywHsRy6xmspgPUpuoGtXmOP5+w15GIw5TjD+xcaoRvo3YgqB4ydfvVGdZRZ i0pWfE0frOwXXdw9mFm0SDFR9RNO1V0TJNpSGHw9CyqRrstIq25i9ZsB7bJGVYs6 OdV0ZAuLwTEfiFnwP7tQwBseEGf8Eg5bYgEWy8lUln0yrQjcBLU8KhK0bJTdfSvM WUY6sc8Hj7YnYMBVPbpB0aEvesPdKVfThfcj3iJUM5ap0h8XGn9+THCXwRY7l8Pr AhjSYHaolir7G9tva8P5GSmPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmt7C+tb9 H1ulLDkUnDYz5Pow+EUwHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0VEMEYxMUY0NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0Umxj R1ZVdFN5OFZ2Ukp2RWJJay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKo1H4Ww81Kx5gb2uu9aMQgkRAJWq8ILO2ELe/JpTLEDOqmjn6uernkH X4Gu2RJkszggJCEJiUIFrRwSXYaF/mC3t15psK2ha/imr9yO7ArZ24ozhxeZULJR sBWAAM6MGT9PgoWXuBXN8RFAdmXeCaTvrAbdbXZqME8z5UNLeZTUc9tewxZfH9vZ uvf+qZ+2AKogbjFgaCMs+mYAKnYM/A9eHU8a07nvq35csGkNpTF6XbdVdgxDmMwY eCpUpEyAq9+WwN2ntY/ZETEVhGlsSY4vHvmcnXIOyhY7REFDHtvXBvb1SxodoJCB jm/8z/2D9gthchy0Q3zglt2Kn6mMT+k= -----END CERTIFICATE-----Generated at Sat Aug 23 03:26:15 2025 by rpki-client