$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.mft File: iH554lttHTfvHzG8WgIy-OdlFUU.mft (raw, json) Hash identifier: +5/dPscrguqa2elrpRH4JpPTmA+s+SG2L5jvusNXleU= Subject key identifier: 15:D7:90:95:84:2A:D1:C7:6C:CF:CF:1F:AA:A9:0F:D1:73:97:55:55 Authority key identifier: 88:7E:79:E2:5B:6D:1D:37:EF:1F:31:BC:5A:02:32:F8:E7:65:15:45 Certificate issuer: /CN=A91D9F5A/serialNumber=887E79E25B6D1D37EF1F31BC5A0232F8E7651545 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iH554lttHTfvHzG8WgIy-OdlFUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.mft Manifest number: 07C0 Signing time: Wed 20 Aug 2025 21:22:04 +0000 Manifest this update: Wed 20 Aug 2025 21:22:04 +0000 Manifest next update: Wed 27 Aug 2025 21:22:03 +0000 Files and hashes: 1: iH554lttHTfvHzG8WgIy-OdlFUU.crl (hash: 1wOD+fktKV7xao9XOSALRWN5jebQWzKx9xVgjlgqIW8=) 2: CF6A89D86B3D11F0A0837D7FC4F9AE02.roa (hash: O05NjBwYNNvXC8JoMWk3EyZg7iktCjusVDBEEW7nGKc=) 3: CEFEDAB26B3D11F0A0837D7FC4F9AE02.roa (hash: cqaNGUAp+AM9Nk5TWMcE/5SRJKY4Makpxzc5uTKkH7g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.crl rsync://rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iH554lttHTfvHzG8WgIy-OdlFUU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 21:22:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9F5A, serialNumber=887E79E25B6D1D37EF1F31BC5A0232F8E7651545 Validity Not Before: Aug 20 21:22:04 2025 GMT Not After : Aug 27 21:22:03 2025 GMT Subject: CN=68a63c7c-2696 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:95:64:fa:af:a1:02:e0:cd:a9:b6:64:91:f9: 8f:59:ec:c4:ba:91:da:12:23:22:dd:e7:bb:ff:1e: eb:64:d8:02:0c:cb:9b:82:ca:89:4e:87:d3:ea:e1: 4c:86:c8:fa:57:bd:22:53:fb:24:65:28:ca:71:51: da:9c:e3:9e:df:c4:f0:bc:0e:b5:fa:30:4a:f0:b9: a9:a0:09:b7:61:fc:e2:77:f7:b9:19:ca:ee:f2:c0: 45:ba:9c:26:1a:3d:c7:39:da:2f:89:15:a8:02:ea: 54:fc:e9:ed:a3:6c:7c:da:d8:7b:1e:2e:8c:6c:8b: 4b:a9:f0:72:d6:86:19:6c:a3:91:b2:cd:dd:9c:ac: bb:df:e4:e0:79:20:38:61:d3:a8:3d:4e:ca:e3:27: a3:ca:f3:80:df:e4:b1:09:ee:72:2e:74:7c:d1:82: e9:c0:b0:4a:c5:a0:ca:4b:89:02:25:51:2a:0e:1c: 64:5d:3b:36:f4:45:46:c1:12:1b:2f:75:3b:9e:a5: 6a:bf:3c:50:86:cc:69:ea:47:d4:31:05:06:98:8d: af:ac:f7:2f:f1:10:47:78:b8:0a:5d:e2:47:6a:7b: 28:14:a5:53:ce:23:a8:bc:62:5f:da:1f:8b:91:91: 72:e5:7a:8f:f4:fa:65:f8:88:ba:da:a5:82:3b:43: 09:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:D7:90:95:84:2A:D1:C7:6C:CF:CF:1F:AA:A9:0F:D1:73:97:55:55 X509v3 Authority Key Identifier: keyid:88:7E:79:E2:5B:6D:1D:37:EF:1F:31:BC:5A:02:32:F8:E7:65:15:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iH554lttHTfvHzG8WgIy-OdlFUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9F5A/0898B23A11BA11EBBC1A584CC4F9AE02/iH554lttHTfvHzG8WgIy-OdlFUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:1d:93:11:16:8a:1b:20:0a:47:99:dc:5e:f5:bc:34:36:13: 99:a8:38:70:62:47:70:91:82:09:1e:ff:55:e2:7c:00:15:33: dd:4d:99:29:3b:53:af:2b:6a:56:a1:08:1e:4e:11:c6:4b:0d: 22:71:58:53:67:aa:34:25:e5:2b:98:27:5d:b6:5e:1c:a9:65: c9:a3:5e:70:6d:70:fe:46:b1:51:37:db:7b:87:78:a8:e9:9d: 7d:ab:d9:8d:13:4c:1c:eb:e4:44:1d:51:6b:e2:f6:e1:f5:1b: bb:1e:32:79:d8:07:47:32:38:63:2f:e5:ec:dc:63:cc:d7:aa: 4a:a7:b9:b4:fa:cc:cd:bd:e7:6c:48:8b:2a:71:99:6f:43:7c: 63:1c:29:b1:4b:23:5b:81:78:5f:50:6d:0a:d7:05:43:55:a8: cc:9d:92:55:af:c3:59:3e:4d:21:cf:7a:1e:4c:3a:c6:7a:18: 74:e8:52:6b:d6:43:02:35:c8:c1:bc:04:a5:b9:60:61:2e:a4: bc:ea:ef:77:b6:ca:6b:66:6a:1f:b2:ab:53:ab:ef:4f:55:ed: 3e:81:7a:3d:23:44:35:77:97:48:ad:f7:08:ac:05:0c:cc:84: 07:2f:a9:83:71:f5:74:a2:f0:bb:22:96:92:d0:1b:5a:b0:d5: 9a:bb:e9:f6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUY1QTExMC8GA1UEBRMoODg3RTc5RTI1QjZEMUQzN0VGMUYzMUJDNUEwMjMyRjhF NzY1MTU0NTAeFw0yNTA4MjAyMTIyMDRaFw0yNTA4MjcyMTIyMDNaMBgxFjAUBgNV BAMTDTY4YTYzYzdjLTI2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFlWT6r6EC4M2ptmSR+Y9Z7MS6kdoSIyLd57v/Hutk2AIMy5uCyolOh9Pq4UyG yPpXvSJT+yRlKMpxUdqc457fxPC8DrX6MErwuamgCbdh/OJ397kZyu7ywEW6nCYa Pcc52i+JFagC6lT86e2jbHza2HseLoxsi0up8HLWhhlso5Gyzd2crLvf5OB5IDhh 06g9TsrjJ6PK84Df5LEJ7nIudHzRgunAsErFoMpLiQIlUSoOHGRdOzb0RUbBEhsv dTuepWq/PFCGzGnqR9QxBQaYja+s9y/xEEd4uApd4kdqeygUpVPOI6i8Yl/aH4uR kXLleo/0+mX4iLrapYI7QwkfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFdeQlYQq 0cdsz88fqqkP0XOXVVUwHwYDVR0jBBgwFoAUiH554lttHTfvHzG8WgIy+OdlFUUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5RjVBLzA4OThCMjNBMTFC QTExRUJCQzFBNTg0Q0M0RjlBRTAyL2lINTU0bHR0SFRmdkh6RzhXZ0l5LU9kbEZV VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaUg1NTRsdHRIVGZ2SHpHOFdnSXktT2RsRlVVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 RjVBLzA4OThCMjNBMTFCQTExRUJCQzFBNTg0Q0M0RjlBRTAyL2lINTU0bHR0SFRm dkh6RzhXZ0l5LU9kbEZVVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGAdkxEWihsgCkeZ3F71vDQ2E5moOHBiR3CRggke/1XifAAVM91NmSk7 U68ralahCB5OEcZLDSJxWFNnqjQl5SuYJ122XhypZcmjXnBtcP5GsVE323uHeKjp nX2r2Y0TTBzr5EQdUWvi9uH1G7seMnnYB0cyOGMv5ezcY8zXqkqnubT6zM2952xI iypxmW9DfGMcKbFLI1uBeF9QbQrXBUNVqMydklWvw1k+TSHPeh5MOsZ6GHToUmvW QwI1yMG8BKW5YGEupLzq73e2ymtmah+yq1Or709V7T6Bej0jRDV3l0it9wisBQzM hAcvqYNx9XSi8LsilpLQG1qw1Zq76fY= -----END CERTIFICATE-----Generated at Fri Aug 22 16:25:13 2025 by rpki-client