$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft File: x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft (raw, json) Hash identifier: r519KLnzsLwMESnYIPYRR/qpNIDhK+ghS07jiaUj8Ko= Subject key identifier: 18:6E:1B:20:04:73:A9:70:9B:BE:7B:9E:74:7C:71:02:15:81:8B:4C Authority key identifier: C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD Certificate issuer: /CN=A91D8BB1/serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD Certificate serial: 2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft Manifest number: 2D Signing time: Thu 21 Aug 2025 07:57:07 +0000 Manifest this update: Thu 21 Aug 2025 07:57:06 +0000 Manifest next update: Thu 28 Aug 2025 07:57:06 +0000 Files and hashes: 1: x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl (hash: zMXp64ggBaY8k6ofXUoOT/he+mRfaNtq0vknvJJt1h0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 07:57:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45 (0x2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8BB1, serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD Validity Not Before: Aug 21 07:57:06 2025 GMT Not After : Aug 28 07:57:06 2025 GMT Subject: CN=68a6d153-470c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e3:af:fc:14:73:da:75:ad:87:4f:cb:f1:7f: e6:60:00:37:f9:8c:73:79:2a:24:c9:00:74:12:3f: 8a:db:87:05:dd:85:42:52:95:68:e7:5f:23:9e:ab: 9c:60:69:d5:b3:0b:4c:a7:f9:9e:60:b7:87:bf:92: b8:9e:fb:a3:2d:2c:a0:d5:3d:e5:68:c7:02:52:1d: ec:57:43:ae:62:bb:12:6a:50:8b:f3:e7:9b:9b:6f: 63:e8:b9:5c:9e:65:ef:76:80:8f:f9:1a:98:8b:cd: 81:6f:76:eb:a8:fc:d6:99:3d:88:ff:73:33:dc:79: de:ca:ba:ee:97:c1:8a:47:e0:3e:ce:93:c0:e0:a1: 27:d8:ac:bf:89:bb:af:a1:02:4a:61:13:4e:77:df: 8c:5d:57:29:4e:de:a6:1f:00:e0:06:be:75:75:4a: 39:32:e0:97:1e:ba:d4:81:c5:0b:83:f3:9c:e7:90: 69:df:cc:8b:84:19:8f:20:d6:d0:f1:a3:1f:7b:e9: 4e:f3:9d:48:1a:43:a9:52:ba:96:2a:b4:11:da:60: 09:b5:c0:5f:93:b0:1c:83:e4:28:ec:b8:6c:19:cf: 28:50:ca:36:62:79:d2:59:8c:6f:0a:a2:0b:c2:60: b5:f0:9a:9e:12:ff:89:1d:6b:f2:91:da:5d:25:d3: 70:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:6E:1B:20:04:73:A9:70:9B:BE:7B:9E:74:7C:71:02:15:81:8B:4C X509v3 Authority Key Identifier: keyid:C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:52:cf:44:ab:1c:bb:6d:a4:cf:62:f3:bd:45:b3:89:7d:bb: 13:e5:2d:cb:14:32:df:e1:59:13:79:57:47:ef:64:63:37:de: 4d:1c:cd:f7:7a:f0:da:d9:fa:7a:b8:0a:01:df:d6:27:1d:da: 52:94:a9:13:ca:55:43:5b:fa:0a:e5:b1:41:4b:fa:9c:0b:ff: c3:f7:31:07:9f:ca:32:9b:5a:c9:27:bb:00:a6:a6:61:8f:e8: 5a:86:42:3d:6a:f9:dd:cc:91:73:99:f1:a6:66:34:76:c1:a9: 21:2e:e9:0c:f4:20:60:5b:1f:e1:46:d4:c1:a5:6c:64:4c:b1: f5:cb:a9:52:b0:7f:e4:25:0d:70:3e:bf:39:72:05:23:08:be: 13:89:a0:a7:02:f5:07:45:a7:98:f3:30:63:0d:7c:2e:e7:be: e4:68:dd:bd:08:75:47:97:14:7b:45:46:cc:a4:d7:78:86:4f: 10:37:80:6b:f6:a8:3b:ce:30:27:41:c9:1b:26:79:de:56:a8: 7d:96:b9:9e:d0:76:b2:b7:c2:11:91:a9:af:7d:04:93:08:1c: 5e:8f:67:99:b6:6b:ee:4f:25:7f:b1:7a:e3:31:e0:7c:87:14: 89:64:48:82:3c:2c:3e:4b:66:81:07:68:46:75:8b:b7:1b:6d: 8a:7e:39:7c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OEJCMTExMC8GA1UEBRMoQzdGMDI4MzdEMjQ1Q0I4RkFCQ0Q0NzQxQ0ZBMkI0QTVB MkY3M0VBRDAeFw0yNTA4MjEwNzU3MDZaFw0yNTA4MjgwNzU3MDZaMBgxFjAUBgNV BAMTDTY4YTZkMTUzLTQ3MGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDg46/8FHPada2HT8vxf+ZgADf5jHN5KiTJAHQSP4rbhwXdhUJSlWjnXyOeq5xg adWzC0yn+Z5gt4e/krie+6MtLKDVPeVoxwJSHexXQ65iuxJqUIvz55ubb2PouVye Ze92gI/5GpiLzYFvduuo/NaZPYj/czPced7Kuu6XwYpH4D7Ok8DgoSfYrL+Ju6+h AkphE05334xdVylO3qYfAOAGvnV1Sjky4JceutSBxQuD85znkGnfzIuEGY8g1tDx ox976U7znUgaQ6lSupYqtBHaYAm1wF+TsByD5CjsuGwZzyhQyjZiedJZjG8KogvC YLXwmp4S/4kda/KR2l0l03DDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGG4bIARz qXCbvnuedHxxAhWBi0wwHwYDVR0jBBgwFoAUx/AoN9JFy4+rzUdBz6K0paL3Pq0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4QkIxLzVBRDc2OUIwM0Qy NTExRjA4MEM0ODk1NUM0RjlBRTAyL3hfQW9OOUpGeTQtcnpVZEJ6NkswcGFMM1Bx MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveF9Bb045SkZ5NC1yelVkQno2SzBwYUwzUHEwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 QkIxLzVBRDc2OUIwM0QyNTExRjA4MEM0ODk1NUM0RjlBRTAyL3hfQW9OOUpGeTQt cnpVZEJ6NkswcGFMM1BxMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH9Sz0SrHLttpM9i871Fs4l9uxPlLcsUMt/hWRN5V0fvZGM33k0czfd6 8NrZ+nq4CgHf1icd2lKUqRPKVUNb+grlsUFL+pwL/8P3MQefyjKbWsknuwCmpmGP 6FqGQj1q+d3MkXOZ8aZmNHbBqSEu6Qz0IGBbH+FG1MGlbGRMsfXLqVKwf+QlDXA+ vzlyBSMIvhOJoKcC9QdFp5jzMGMNfC7nvuRo3b0IdUeXFHtFRsyk13iGTxA3gGv2 qDvOMCdByRsmed5WqH2WuZ7QdrK3whGRqa99BJMIHF6PZ5m2a+5PJX+xeuMx4HyH FIlkSII8LD5LZoEHaEZ1i7cbbYp+OXw= -----END CERTIFICATE-----Generated at Fri Aug 22 16:18:19 2025 by rpki-client