$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft File: IAAAWsWhdEBL07_CmUMyPpYGJbk.mft (raw, json) Hash identifier: rH3Dv+uIabt6pgKpBU7KR/Jzpv9XQO7qJnDJhwXz+5g= Subject key identifier: 8C:64:8C:F0:82:8E:52:05:70:1D:EF:C0:C9:F0:76:F5:B8:5C:DD:76 Authority key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 Certificate issuer: /CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Certificate serial: 0377 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft Manifest number: 036E Signing time: Thu 21 Aug 2025 01:04:57 +0000 Manifest this update: Thu 21 Aug 2025 01:04:56 +0000 Manifest next update: Thu 28 Aug 2025 01:04:56 +0000 Files and hashes: 1: IAAAWsWhdEBL07_CmUMyPpYGJbk.crl (hash: ARMSg0wt3W+6ze/dQg6be4ztRqxA4Ro6ndaHw6WSB7I=) 2: 09E46A74C07F11ECB0707F18C4F9AE02.roa (hash: eJqOfUXf9pyBvXqljah+FkA7bab4t5X+jzwwp1GzOds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 01:04:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 887 (0x377) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA590, serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Validity Not Before: Aug 21 01:04:56 2025 GMT Not After : Aug 28 01:04:56 2025 GMT Subject: CN=68a670b8-ec48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f8:d1:cc:4f:bd:16:4f:fa:03:cb:81:2d:83: 8a:06:7a:0d:3a:13:1e:2d:a0:80:de:ce:30:05:39: fc:a8:8e:f3:3c:93:f3:69:72:61:f2:9a:81:d4:97: 15:b9:30:b9:f0:4a:14:47:c9:74:15:29:80:8c:7a: 89:00:d7:90:7d:32:40:00:5b:b1:3b:99:ed:a5:f8: 79:6d:b2:5a:e7:5a:88:d3:c4:cc:cd:5d:8b:44:eb: ca:be:56:b2:7e:ac:0f:a1:46:31:df:90:d7:23:55: 8a:91:da:84:77:5c:e8:19:6b:a1:eb:9e:f5:de:74: 23:76:36:d1:ca:29:8f:b2:67:34:43:0c:09:88:ee: 2f:b8:3f:c7:37:87:3f:57:95:9d:e7:e4:d2:e3:31: 4c:d8:f1:a2:1e:55:a5:38:c4:a2:f3:27:52:e0:4b: 72:73:17:6b:fd:d1:6e:33:38:5c:0c:aa:e5:f1:5b: 93:41:dc:21:04:72:23:c3:18:13:c5:96:26:02:f0: 88:35:62:42:d1:dc:38:8a:2f:94:dc:95:28:7d:04: ba:c3:ec:70:ff:8d:ec:e1:bd:d9:a3:30:be:36:7a: a5:b2:52:65:54:18:f8:ca:9c:84:ac:8f:cc:0c:14: 97:ed:ea:3c:b3:cf:da:37:ca:49:8e:c1:79:6c:c0: a4:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:64:8C:F0:82:8E:52:05:70:1D:EF:C0:C9:F0:76:F5:B8:5C:DD:76 X509v3 Authority Key Identifier: keyid:20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:09:47:ac:45:b7:da:dc:dd:0d:b5:fb:ff:6b:e4:75:5b:07: 3f:ca:02:e7:5b:7a:e3:53:80:69:04:d6:dc:4c:a7:03:bf:c8: b3:d3:c6:c0:f8:ac:be:e0:f0:ac:e6:42:8b:84:4d:39:8e:66: e7:b1:e1:28:94:69:12:5b:6f:3d:b1:af:98:a2:49:b2:b8:ef: 84:ef:44:67:46:95:a3:a6:ca:29:48:99:e6:e6:08:1e:a1:48: d8:5c:2f:09:a6:c6:dc:40:2a:b1:d5:d1:99:20:5d:9b:23:08: 26:d3:e2:0c:40:e5:c0:2a:94:9e:f5:5e:80:70:d1:8f:49:55: a2:9c:6d:01:79:b7:58:24:93:0b:f6:b2:e4:da:54:02:f4:44: e4:dd:cd:0d:76:01:d9:7e:6d:e8:ab:93:8c:19:32:91:ec:da: 42:90:b8:33:4d:f4:ec:15:dd:4f:84:53:ec:c2:16:64:0d:27: ff:31:2b:5f:40:80:da:ca:3a:6d:a1:6f:61:07:84:5c:f6:c6: 15:7a:83:76:43:e0:22:24:07:a2:d7:ff:8b:02:4a:76:2a:be: d3:e1:35:92:75:c2:75:36:62:02:65:69:7a:72:e7:73:47:7c: 86:c8:26:14:f9:c4:da:18:c2:40:a1:51:07:67:c5:c8:5e:0f: c1:aa:ce:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZDMjk5NDMzMjNF OTYwNjI1QjkwHhcNMjUwODIxMDEwNDU2WhcNMjUwODI4MDEwNDU2WjAYMRYwFAYD VQQDEw02OGE2NzBiOC1lYzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1/jRzE+9Fk/6A8uBLYOKBnoNOhMeLaCA3s4wBTn8qI7zPJPzaXJh8pqB1JcV uTC58EoUR8l0FSmAjHqJANeQfTJAAFuxO5ntpfh5bbJa51qI08TMzV2LROvKvlay fqwPoUYx35DXI1WKkdqEd1zoGWuh65713nQjdjbRyimPsmc0QwwJiO4vuD/HN4c/ V5Wd5+TS4zFM2PGiHlWlOMSi8ydS4Etycxdr/dFuMzhcDKrl8VuTQdwhBHIjwxgT xZYmAvCINWJC0dw4ii+U3JUofQS6w+xw/43s4b3ZozC+NnqlslJlVBj4ypyErI/M DBSX7eo8s8/aN8pJjsF5bMCkSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIxkjPCC jlIFcB3vwMnwdvW4XN12MB8GA1UdIwQYMBaAFCAAAFrFoXRAS9O/wplDMj6WBiW5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5MC85NTEwRTg2QUMw N0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRFQkwwN19DbVVNeVBwWUdK YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lBQUFXc1doZEVCTDA3X0NtVU15UHBZR0piay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRF QkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuCUesRbfa3N0Ntfv/a+R1Wwc/ygLnW3rjU4BpBNbcTKcDv8iz08bA +Ky+4PCs5kKLhE05jmbnseEolGkSW289sa+YokmyuO+E70RnRpWjpsopSJnm5gge oUjYXC8JpsbcQCqx1dGZIF2bIwgm0+IMQOXAKpSe9V6AcNGPSVWinG0BebdYJJML 9rLk2lQC9ETk3c0NdgHZfm3oq5OMGTKR7NpCkLgzTfTsFd1PhFPswhZkDSf/MStf QIDayjptoW9hB4Rc9sYVeoN2Q+AiJAei1/+LAkp2Kr7T4TWSdcJ1NmICZWl6cudz R3yGyCYU+cTaGMJAoVEHZ8XIXg/Bqs4c -----END CERTIFICATE-----Generated at Fri Aug 22 16:19:04 2025 by rpki-client