$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: +M42L8teDWS1XU+t+I1dFgzWKwXUdbfojzAZxPuINLc= Subject key identifier: 67:46:41:B3:FE:8B:44:A4:2A:FE:FE:CA:2A:A1:1F:50:D5:A3:B9:7A Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 351C Signing time: Sun 24 Aug 2025 14:16:20 +0000 Manifest this update: Sun 24 Aug 2025 14:16:19 +0000 Manifest next update: Sun 31 Aug 2025 14:16:19 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: BwM64loqBK3IXogbng8seEy8vWzxFiWQ7M/mtB7JCNg=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 14:16:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13728 (0x35a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Aug 24 14:16:19 2025 GMT Not After : Aug 31 14:16:19 2025 GMT Subject: CN=68ab1eb4-a5a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:26:2c:66:6e:15:ce:8c:f1:bf:43:cc:a7:87: f4:9b:98:13:05:61:ca:8d:d1:76:0c:b9:e7:04:09: d0:07:6d:f2:32:1b:5c:da:38:b0:69:2c:0b:ac:7d: 4c:b8:47:24:e7:d6:73:e0:54:87:40:4a:66:82:0e: 1a:1d:07:f9:94:c4:ed:79:f6:6b:22:3d:3d:72:d5: 79:d9:1f:46:54:9e:1d:7a:b1:ad:c0:de:53:7d:17: d4:79:e9:a4:87:b1:e0:d5:ba:de:22:9b:c0:d2:0a: 88:33:ea:4a:13:21:f6:77:c3:12:4c:99:78:74:63: 4e:fe:cd:c2:96:dd:75:ef:5b:2c:a0:cc:fa:c0:32: d2:41:97:aa:21:59:a0:da:f9:2c:f1:70:94:b5:8d: db:d1:b0:84:b6:d3:fc:3a:f3:da:d0:ae:c3:e9:ce: d5:c8:58:47:4b:98:e9:31:9c:2f:7c:08:22:08:dc: 63:99:a4:df:cf:7f:a4:b8:51:56:dd:b1:94:11:e9: a8:65:f5:66:fe:c9:66:5a:4a:83:34:1e:db:e8:51: da:5e:b4:dd:c9:d6:78:e8:43:ac:af:0d:4d:f0:d9: d5:f7:06:b5:ad:ea:b3:da:fc:07:6e:b4:5e:f9:3a: 62:2a:1a:91:9e:71:d7:f6:5a:4d:bf:cb:03:70:bf: f4:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:46:41:B3:FE:8B:44:A4:2A:FE:FE:CA:2A:A1:1F:50:D5:A3:B9:7A X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:8c:59:ac:e1:e3:5a:3a:f2:ea:17:1e:bd:ed:29:ef:00:24: d7:64:54:50:8a:49:5c:34:76:12:52:44:20:80:87:6d:54:07: cc:fa:45:50:79:72:b1:cf:46:b3:a6:2c:02:f1:f2:a1:0e:49: 48:c0:09:73:cc:c7:2c:d3:40:a5:1b:c7:93:d6:39:c0:52:f7: 9c:b4:9a:fc:23:06:92:4a:aa:2b:81:f0:d2:1e:ca:cc:7b:15: d6:6f:24:fd:5d:22:80:7f:97:c0:09:00:52:80:0d:4a:43:32: d4:21:1b:c2:54:b9:70:41:10:14:ff:2d:7d:b2:8f:a6:f1:80: 47:dc:b8:62:7b:fc:f2:ca:46:5d:dc:80:94:71:55:f0:3d:74: c3:7a:9a:79:0d:8c:1f:a1:82:e9:38:1a:5e:c6:0c:36:a2:df: 4b:a6:5e:87:5e:9b:c4:e1:e0:35:e0:9d:9a:91:22:c0:cc:d1: c3:26:4c:f0:8e:cd:f2:b7:1e:16:4f:b8:e5:92:2e:dd:28:36: 50:5c:86:34:c7:e8:e6:9b:ef:6a:a5:f6:a3:5f:38:65:85:c0: 6d:51:ec:e6:4c:1a:85:af:bf:2c:58:57:77:19:69:ea:d7:44: 55:a3:71:1f:4f:6d:45:ea:ee:41:2e:ca:0b:49:a7:20:95:ac: 49:2b:a8:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwODI0MTQxNjE5WhcNMjUwODMxMTQxNjE5WjAYMRYwFAYD VQQDEw02OGFiMWViNC1hNWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlyYsZm4Vzozxv0PMp4f0m5gTBWHKjdF2DLnnBAnQB23yMhtc2jiwaSwLrH1M uEck59Zz4FSHQEpmgg4aHQf5lMTtefZrIj09ctV52R9GVJ4derGtwN5TfRfUeemk h7Hg1breIpvA0gqIM+pKEyH2d8MSTJl4dGNO/s3Clt1171ssoMz6wDLSQZeqIVmg 2vks8XCUtY3b0bCEttP8OvPa0K7D6c7VyFhHS5jpMZwvfAgiCNxjmaTfz3+kuFFW 3bGUEemoZfVm/slmWkqDNB7b6FHaXrTdydZ46EOsrw1N8NnV9wa1reqz2vwHbrRe +TpiKhqRnnHX9lpNv8sDcL/0HwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGdGQbP+ i0SkKv7+yiqhH1DVo7l6MB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6jFms4eNaOvLqFx697SnvACTXZFRQiklcNHYSUkQggIdtVAfM+kVQ eXKxz0azpiwC8fKhDklIwAlzzMcs00ClG8eT1jnAUvectJr8IwaSSqorgfDSHsrM exXWbyT9XSKAf5fACQBSgA1KQzLUIRvCVLlwQRAU/y19so+m8YBH3Lhie/zyykZd 3ICUcVXwPXTDepp5DYwfoYLpOBpexgw2ot9Lpl6HXpvE4eA14J2akSLAzNHDJkzw js3ytx4WT7jlki7dKDZQXIY0x+jmm+9qpfajXzhlhcBtUezmTBqFr78sWFd3GWnq 10RVo3EfT21F6u5BLsoLSacglaxJK6gg -----END CERTIFICATE-----Generated at Sun Aug 24 22:05:04 2025 by rpki-client