$ rpki-client -vvf rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.mft File: AfBcfqXyou38GDiX9YNZgrLPA78.mft (raw, json) Hash identifier: 6PYJlmZYbZwy9kOqpMkXEW/cKJ5RQL025CoAPYugGK4= Subject key identifier: 20:CB:ED:92:9F:B3:41:E5:BC:30:19:F1:25:E6:75:92:68:7F:27:44 Authority key identifier: 01:F0:5C:7E:A5:F2:A2:ED:FC:18:38:97:F5:83:59:82:B2:CF:03:BF Certificate issuer: /CN=A91D09BC/serialNumber=01F05C7EA5F2A2EDFC183897F5835982B2CF03BF Certificate serial: 8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AfBcfqXyou38GDiX9YNZgrLPA78.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.mft Manifest number: 8D Signing time: Thu 21 Aug 2025 06:43:39 +0000 Manifest this update: Thu 21 Aug 2025 06:43:39 +0000 Manifest next update: Thu 28 Aug 2025 06:43:39 +0000 Files and hashes: 1: AfBcfqXyou38GDiX9YNZgrLPA78.crl (hash: XwBxSOqURA46Uf5PMkiIdY2k04bLed5QpgZ1y7m9P7E=) 2: A69DB4ACA70811EFB1511445C4F9AE02.roa (hash: ve1sSgZ6oct5AOmrySo9DC5xQlX3NPwVMFkq6CjA+1w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.crl rsync://rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AfBcfqXyou38GDiX9YNZgrLPA78.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 06:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 142 (0x8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D09BC, serialNumber=01F05C7EA5F2A2EDFC183897F5835982B2CF03BF Validity Not Before: Aug 21 06:43:39 2025 GMT Not After : Aug 28 06:43:39 2025 GMT Subject: CN=68a6c01b-7af4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:04:a1:51:e4:c8:b6:79:77:80:9d:e1:15:66: 5c:32:56:5c:5a:96:a3:42:95:d5:12:51:ac:58:96: 3d:e8:a7:98:13:97:db:80:eb:60:dc:2f:c2:33:ca: d0:e8:b5:70:7a:3c:57:8d:60:7f:bf:33:6f:78:0a: 55:60:4d:39:2e:ed:c4:6e:3d:71:c4:bf:ef:6b:23: 97:47:e3:67:19:70:5b:9e:b5:95:ea:5e:08:a2:be: 15:44:a7:b8:70:93:b6:11:35:04:26:cb:e9:92:3a: 15:9f:ea:92:d1:bc:87:85:b9:95:e4:15:bf:b3:2e: 53:3e:39:38:ba:e9:11:99:40:2d:58:5c:54:93:00: 84:ca:43:dd:9f:e9:22:fb:28:13:a5:f3:57:7e:33: 22:2f:69:a9:53:3b:97:57:34:45:15:a8:81:9f:47: a0:4b:1a:16:03:c2:fa:91:18:51:5b:2d:6d:18:66: 22:8f:58:1f:3c:bf:be:7a:12:54:f1:43:c5:a6:0a: 74:80:8f:16:39:e8:3e:c0:ed:6e:34:f6:0f:1b:72: 73:89:d4:ce:23:35:e5:a2:1e:af:4f:af:3f:89:24: da:8d:5d:a9:93:94:94:19:b4:8b:69:ad:62:ea:b1: 92:f1:15:70:08:54:98:2f:e9:a8:a5:9e:c4:7b:74: ba:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:CB:ED:92:9F:B3:41:E5:BC:30:19:F1:25:E6:75:92:68:7F:27:44 X509v3 Authority Key Identifier: keyid:01:F0:5C:7E:A5:F2:A2:ED:FC:18:38:97:F5:83:59:82:B2:CF:03:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AfBcfqXyou38GDiX9YNZgrLPA78.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D09BC/D35B082EA70711EF99A57741C4F9AE02/AfBcfqXyou38GDiX9YNZgrLPA78.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:25:65:56:8d:36:81:d9:06:86:dd:55:1a:ad:ee:79:89:d0: 48:15:fa:7c:30:ba:25:45:b8:a2:c5:8d:e4:71:cb:a3:0a:42: 21:81:bf:d9:28:91:26:aa:6e:88:d0:80:de:c2:07:ac:34:91: 8f:a1:2c:26:9f:4b:b8:81:b6:17:33:3e:2d:c9:6d:b6:c8:5e: 52:06:71:b6:bd:7e:dc:17:35:bf:2e:81:2f:f8:3c:8d:a2:c3: a7:6b:b4:d6:69:37:41:ff:ab:32:ce:f1:e9:44:5c:72:1a:ca: 8e:f5:59:00:14:52:7b:eb:3a:5a:44:2c:bf:ea:3c:a9:b3:0a: 97:da:2b:a6:59:54:8e:03:16:7f:2d:8e:32:1f:f7:ab:87:64: 99:35:4b:dc:40:d5:b7:5a:4b:c5:39:e0:71:14:8a:93:09:4f: 64:e4:2a:58:f9:c4:2b:9a:16:11:e2:e5:c6:ec:c7:b7:7b:39: b5:b7:9f:8d:33:9e:18:d9:be:b0:ff:f5:ef:9b:59:08:67:fa: e9:c9:37:40:c7:40:d8:10:97:f0:86:4a:32:b2:b1:29:cc:4a: 9d:83:07:b2:8b:dd:7b:42:4d:51:08:05:6f:55:60:cc:87:5d: ad:55:ed:cc:e8:f4:89:aa:c1:92:56:97:cf:23:3f:d1:7c:47: 37:81:02:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA5QkMxMTAvBgNVBAUTKDAxRjA1QzdFQTVGMkEyRURGQzE4Mzg5N0Y1ODM1OTgy QjJDRjAzQkYwHhcNMjUwODIxMDY0MzM5WhcNMjUwODI4MDY0MzM5WjAYMRYwFAYD VQQDEw02OGE2YzAxYi03YWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvgShUeTItnl3gJ3hFWZcMlZcWpajQpXVElGsWJY96KeYE5fbgOtg3C/CM8rQ 6LVwejxXjWB/vzNveApVYE05Lu3Ebj1xxL/vayOXR+NnGXBbnrWV6l4Ior4VRKe4 cJO2ETUEJsvpkjoVn+qS0byHhbmV5BW/sy5TPjk4uukRmUAtWFxUkwCEykPdn+ki +ygTpfNXfjMiL2mpUzuXVzRFFaiBn0egSxoWA8L6kRhRWy1tGGYij1gfPL++ehJU 8UPFpgp0gI8WOeg+wO1uNPYPG3JzidTOIzXloh6vT68/iSTajV2pk5SUGbSLaa1i 6rGS8RVwCFSYL+mopZ7Ee3S6IQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDL7ZKf s0HlvDAZ8SXmdZJofydEMB8GA1UdIwQYMBaAFAHwXH6l8qLt/Bg4l/WDWYKyzwO/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDlCQy9EMzVCMDgyRUE3 MDcxMUVGOTlBNTc3NDFDNEY5QUUwMi9BZkJjZnFYeW91MzhHRGlYOVlOWmdyTFBB NzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmQmNmcVh5b3UzOEdEaVg5WU5aZ3JMUEE3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MDlCQy9EMzVCMDgyRUE3MDcxMUVGOTlBNTc3NDFDNEY5QUUwMi9BZkJjZnFYeW91 MzhHRGlYOVlOWmdyTFBBNzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcJWVWjTaB2QaG3VUare55idBIFfp8MLolRbiixY3kccujCkIhgb/Z KJEmqm6I0IDewgesNJGPoSwmn0u4gbYXMz4tyW22yF5SBnG2vX7cFzW/LoEv+DyN osOna7TWaTdB/6syzvHpRFxyGsqO9VkAFFJ76zpaRCy/6jypswqX2iumWVSOAxZ/ LY4yH/erh2SZNUvcQNW3WkvFOeBxFIqTCU9k5CpY+cQrmhYR4uXG7Me3ezm1t5+N M54Y2b6w//Xvm1kIZ/rpyTdAx0DYEJfwhkoysrEpzEqdgweyi917Qk1RCAVvVWDM h12tVe3M6PSJqsGSVpfPIz/RfEc3gQJy -----END CERTIFICATE-----Generated at Fri Aug 22 16:33:59 2025 by rpki-client