$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: dCCbS7i/d9vw8cxNCER0ngNMRKTk2MW1w6ilHySM1Rc= Subject key identifier: 87:AF:5B:90:B1:3F:24:5F:DF:4E:7B:3E:CE:69:E0:59:BA:C1:1B:5A Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: 8A Signing time: Fri 05 Sep 2025 07:04:48 +0000 Manifest this update: Fri 05 Sep 2025 07:04:48 +0000 Manifest next update: Fri 12 Sep 2025 07:04:48 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: CtZf5G53VxdwpacRcAZ5AJjgTSXJO5X/JhPYAvHXL90=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 07:04:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Sep 5 07:04:48 2025 GMT Not After : Sep 12 07:04:48 2025 GMT Subject: CN=68ba8b90-3bd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c3:cd:5c:75:18:65:86:84:38:fb:c0:f6:f3: ea:bf:b9:14:d6:ea:da:34:84:90:b5:87:9f:c4:1a: b9:ac:32:8a:38:1b:e2:bc:9d:6a:b1:06:7e:f4:9e: c6:82:d0:2c:53:6e:48:63:61:bc:17:ec:ce:a9:1b: 51:8d:58:02:9a:b2:37:54:96:9f:ed:e2:a4:17:1f: 3a:30:b6:d8:5b:33:90:9c:6f:13:1f:ea:61:e2:39: e9:01:b2:26:ac:9b:e4:10:7b:64:73:b7:c1:8f:fc: eb:29:be:5f:84:e4:59:04:c7:ed:f1:ea:15:1e:09: 04:1a:04:c4:b5:8d:26:52:6a:60:fa:1b:5c:36:ce: 1f:f2:b0:15:92:9f:6a:06:74:a4:d7:90:f7:f2:00: 3a:fb:4a:43:db:86:c4:af:00:bf:4c:b0:54:9d:09: 31:44:84:b1:6c:3a:c1:ef:e3:09:a9:11:43:96:60: 47:16:44:e5:4b:cd:8e:6f:8a:38:16:98:57:1a:4d: ea:a2:58:de:cf:03:03:11:4d:c7:e8:63:ec:99:15: a2:9e:81:82:dd:05:8f:47:6a:6f:b0:18:89:27:0e: f3:ac:25:b1:e1:84:82:1b:67:be:ec:e4:e7:cc:6e: f3:b6:40:8a:46:6e:22:27:15:46:c6:cf:78:f5:c9: 88:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:AF:5B:90:B1:3F:24:5F:DF:4E:7B:3E:CE:69:E0:59:BA:C1:1B:5A X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:cc:a4:a3:b1:24:d2:12:aa:35:4a:9a:de:cc:72:50:0a:aa: 02:44:83:91:b4:37:e5:e2:de:ca:e8:3b:dc:81:4d:df:ca:4c: ea:b1:85:34:cd:b3:b6:81:fb:5a:b0:eb:84:4e:cc:b7:8a:ac: 2f:55:ff:d0:8e:33:5a:a3:8b:bc:41:be:02:f6:3f:e2:92:4a: ad:be:51:d2:fd:0d:bd:68:2e:fe:88:18:bb:2d:66:3a:b4:49: b4:d6:bf:15:dd:91:b9:44:94:74:7e:4d:bd:2b:ff:d3:17:02: af:35:5e:af:89:1e:4c:ca:c9:5c:32:5f:f4:6d:ba:af:98:27: 46:a4:0b:9e:b8:e8:be:d6:55:3f:b7:33:52:e9:62:50:70:a0: f6:3c:08:be:b6:1a:99:7a:fa:9b:3d:46:c7:af:ef:d9:13:55: 96:2a:9a:61:b4:e2:d3:39:79:ac:af:a0:09:e5:d8:43:08:d8: 3c:61:5a:e1:91:be:6d:2d:0c:26:08:39:94:c1:a1:09:23:1a: 1b:ea:1d:66:19:f9:63:6f:de:d4:60:74:ba:7d:0f:c7:13:6c: 70:aa:49:52:a5:be:60:4c:87:89:bc:90:71:73:de:8f:04:38: 80:94:fd:31:70:14:d8:d3:bb:e2:6e:cc:39:29:19:29:d5:c0: b9:8f:5a:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzN0IxMTAvBgNVBAUTKEZBMjI4MDFDNTJBRTJBNUZDNDkxQjdDQkVCRTY4RUZD QTJDOEQxRDkwHhcNMjUwOTA1MDcwNDQ4WhcNMjUwOTEyMDcwNDQ4WjAYMRYwFAYD VQQDEw02OGJhOGI5MC0zYmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArsPNXHUYZYaEOPvA9vPqv7kU1uraNISQtYefxBq5rDKKOBvivJ1qsQZ+9J7G gtAsU25IY2G8F+zOqRtRjVgCmrI3VJaf7eKkFx86MLbYWzOQnG8TH+ph4jnpAbIm rJvkEHtkc7fBj/zrKb5fhORZBMft8eoVHgkEGgTEtY0mUmpg+htcNs4f8rAVkp9q BnSk15D38gA6+0pD24bErwC/TLBUnQkxRISxbDrB7+MJqRFDlmBHFkTlS82Ob4o4 FphXGk3qoljezwMDEU3H6GPsmRWinoGC3QWPR2pvsBiJJw7zrCWx4YSCG2e+7OTn zG7ztkCKRm4iJxVGxs949cmIgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIevW5Cx PyRf3057Ps5p4Fm6wRtaMB8GA1UdIwQYMBaAFPoigBxSripfxJG3y+vmjvyiyNHZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODM3Qi8xNThEN0YzQ0I5 OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUtsX0VrYmZMNi1hT19LTEkw ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODM3Qi8xNThEN0YzQ0I5OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUts X0VrYmZMNi1hT19LTEkwZGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBzKSjsSTSEqo1SprezHJQCqoCRIORtDfl4t7K6DvcgU3fykzqsYU0 zbO2gftasOuETsy3iqwvVf/QjjNao4u8Qb4C9j/ikkqtvlHS/Q29aC7+iBi7LWY6 tEm01r8V3ZG5RJR0fk29K//TFwKvNV6viR5MyslcMl/0bbqvmCdGpAueuOi+1lU/ tzNS6WJQcKD2PAi+thqZevqbPUbHr+/ZE1WWKpphtOLTOXmsr6AJ5dhDCNg8YVrh kb5tLQwmCDmUwaEJIxob6h1mGfljb97UYHS6fQ/HE2xwqklSpb5gTIeJvJBxc96P BDiAlP0xcBTY07vibsw5KRkp1cC5j1pI -----END CERTIFICATE-----Generated at Sat Sep 6 21:04:33 2025 by rpki-client