$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft File: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft (raw, json) Hash identifier: 3lHxBGfV09RqCARNQvcC5Zm0KHP0DVn08oFw3X/YC2o= Subject key identifier: F8:77:A4:6A:C2:A3:BC:9F:C5:5B:13:93:63:42:01:6C:C2:B3:19:8A Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2E03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft Manifest number: 2DEB Signing time: Sun 24 Aug 2025 15:27:53 +0000 Manifest this update: Sun 24 Aug 2025 15:27:53 +0000 Manifest next update: Sun 31 Aug 2025 15:27:53 +0000 Files and hashes: 1: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl (hash: fgaRZ4InOiqp4D7P4cZB2uW/lkiztPoSb4AAAkR0qFU=) 2: 611D8094B13D11E59299870AC4F9AE02.roa (hash: Ge8zFlpjpqEtuKQN0h56H1Urr1O0D0HMkBD9jJfCPmM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 15:27:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11779 (0x2e03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102, serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: Aug 24 15:27:53 2025 GMT Not After : Aug 31 15:27:53 2025 GMT Subject: CN=68ab2f79-d0c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:df:b0:ac:8f:28:59:3e:46:60:a5:7b:b4:00: c0:a6:47:1a:08:a9:37:dd:47:e6:0b:cb:4c:84:ef: f1:07:c5:02:21:ae:ed:1e:61:ee:c4:08:79:1a:25: 0d:85:e2:8b:6d:87:b0:2e:b6:3f:d5:27:95:7c:a7: de:a4:fc:d4:4d:29:3c:a8:c2:54:88:85:37:4c:44: 5e:cb:45:0b:eb:1c:3c:55:29:66:81:21:7b:10:95: 20:9f:d3:66:f6:2a:db:e7:40:21:9a:c4:7d:29:b8: 54:7b:9b:fb:1f:43:f5:38:88:74:35:66:5d:02:df: fd:a0:05:af:b3:dc:a9:d6:7c:8a:00:84:d2:8e:c5: dc:89:e1:57:27:84:a6:cd:11:d4:30:89:07:2b:37: 3b:12:fe:af:b7:9e:90:16:44:94:71:14:b0:32:15: 87:40:cf:23:c6:f8:67:5d:d4:18:c6:9d:5e:ce:32: 94:22:0d:a6:3e:0b:16:51:85:3d:56:f6:6c:d7:a6: 0b:f8:22:ff:96:e1:c9:0c:24:a0:4b:33:dc:31:b6: 30:f2:c5:0e:44:92:4f:2f:e4:a4:f0:f9:7b:17:e9: 2d:fc:5e:64:5a:b6:66:81:78:22:b9:04:41:74:62: f8:49:a1:bb:28:f2:06:5e:53:9b:13:8c:37:6e:86: 9e:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:77:A4:6A:C2:A3:BC:9F:C5:5B:13:93:63:42:01:6C:C2:B3:19:8A X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:b5:e3:fd:16:a9:99:3a:de:58:b9:32:5f:92:e0:38:ad:bc: d1:7b:7a:d8:f3:19:05:af:26:fc:e0:be:eb:9c:a4:24:67:ed: 1e:75:49:85:f6:8c:2c:69:43:0e:7c:c3:34:a2:17:2b:62:2b: 45:a5:40:c8:1d:18:54:f2:12:2c:43:7b:bc:03:22:25:40:01: c2:c8:3f:57:55:49:66:3c:8e:53:ce:bf:a0:45:ab:0b:b9:27: 07:a6:24:3e:aa:74:33:3d:c5:d7:ef:a7:c5:65:bb:99:2a:73: 5e:9d:46:70:b4:85:fc:24:4c:6b:29:4a:02:f4:b7:42:f8:84: 79:aa:0a:42:cb:64:20:3d:61:a4:b1:6c:50:55:0b:13:72:ff: 9d:2d:80:7b:1a:28:39:3a:2c:7a:60:e2:bd:d2:4d:50:dc:11: cb:8d:5d:85:e9:f7:59:6f:7e:2d:f3:79:66:9a:66:14:f3:bd: ba:9b:43:68:f7:ad:83:50:71:66:36:3a:9a:29:dd:12:49:f8: 1b:7e:a3:d5:5e:d5:48:05:95:d3:f9:dc:3e:9c:a4:6a:40:22: 29:15:ba:5b:c2:2a:f5:cd:29:fa:4c:e0:8c:b5:00:c3:50:3d: 8c:fb:0d:0d:71:21:11:82:79:77:f0:c1:88:8a:10:01:35:1b: e5:34:49:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjUwODI0MTUyNzUzWhcNMjUwODMxMTUyNzUzWjAYMRYwFAYD VQQDEw02OGFiMmY3OS1kMGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1t+wrI8oWT5GYKV7tADApkcaCKk33UfmC8tMhO/xB8UCIa7tHmHuxAh5GiUN heKLbYewLrY/1SeVfKfepPzUTSk8qMJUiIU3TERey0UL6xw8VSlmgSF7EJUgn9Nm 9irb50AhmsR9KbhUe5v7H0P1OIh0NWZdAt/9oAWvs9yp1nyKAITSjsXcieFXJ4Sm zRHUMIkHKzc7Ev6vt56QFkSUcRSwMhWHQM8jxvhnXdQYxp1ezjKUIg2mPgsWUYU9 VvZs16YL+CL/luHJDCSgSzPcMbYw8sUORJJPL+Sk8Pl7F+kt/F5kWrZmgXgiuQRB dGL4SaG7KPIGXlObE4w3boaecwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPh3pGrC o7yfxVsTk2NCAWzCsxmKMB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzEwMi9ENEFFRTJDODc2OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhN UURxUDhpcEZPOG9hTzZiTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApteP9FqmZOt5YuTJfkuA4rbzRe3rY8xkFryb84L7rnKQkZ+0edUmF 9owsaUMOfMM0ohcrYitFpUDIHRhU8hIsQ3u8AyIlQAHCyD9XVUlmPI5Tzr+gRasL uScHpiQ+qnQzPcXX76fFZbuZKnNenUZwtIX8JExrKUoC9LdC+IR5qgpCy2QgPWGk sWxQVQsTcv+dLYB7Gig5Oix6YOK90k1Q3BHLjV2F6fdZb34t83lmmmYU8726m0No 962DUHFmNjqaKd0SSfgbfqPVXtVIBZXT+dw+nKRqQCIpFbpbwir1zSn6TOCMtQDD UD2M+w0NcSERgnl38MGIihABNRvlNElY -----END CERTIFICATE-----Generated at Sun Aug 24 22:20:53 2025 by rpki-client