$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.mft File: 5bHOHUU5GBlb61zZD22Hnv6ZEKI.mft (raw, json) Hash identifier: uxAWtdA6vSjrNsSKYNsguUcbzNzSpBQyq/jJaIImV3M= Subject key identifier: 89:E9:C8:9D:54:A8:85:FA:88:DB:BE:CB:A6:77:E2:25:18:8A:D4:62 Authority key identifier: E5:B1:CE:1D:45:39:18:19:5B:EB:5C:D9:0F:6D:87:9E:FE:99:10:A2 Certificate issuer: /CN=A91DE5E8/serialNumber=E5B1CE1D453918195BEB5CD90F6D879EFE9910A2 Certificate serial: 01EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bHOHUU5GBlb61zZD22Hnv6ZEKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.mft Manifest number: 01E5 Signing time: Fri 05 Sep 2025 02:55:54 +0000 Manifest this update: Fri 05 Sep 2025 02:55:53 +0000 Manifest next update: Fri 12 Sep 2025 02:55:53 +0000 Files and hashes: 1: 5bHOHUU5GBlb61zZD22Hnv6ZEKI.crl (hash: GSPTTBRNyoExoNMivSeq/k9lYqTr2WbEUNYF8PCd2FA=) 2: 785B44D6F2AF11EF97443030C4F9AE02.roa (hash: 3X8JQRJ56NXF/A25OQxe1Q8xkJiOt4/FMaPtZ+BwKik=) 3: B264EB66A30911ED99A82087C4F9AE02.roa (hash: tZEzhiKfHDteKh17cCbwci/tZYnVymPaW90yd5ZJ1q4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.crl rsync://rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bHOHUU5GBlb61zZD22Hnv6ZEKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 02:55:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 491 (0x1eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE5E8, serialNumber=E5B1CE1D453918195BEB5CD90F6D879EFE9910A2 Validity Not Before: Sep 5 02:55:53 2025 GMT Not After : Sep 12 02:55:53 2025 GMT Subject: CN=68ba5139-b9c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ab:2a:f8:6b:5b:20:8e:74:ad:27:45:af:72: 2b:e0:c7:07:62:a8:bf:66:da:60:d3:c1:86:37:a1: f4:b1:3b:a8:b1:0d:4e:65:7e:21:6b:97:9b:52:fc: df:30:3d:12:6d:bc:53:69:74:61:fe:48:52:05:01: a4:b4:f4:af:6b:4f:a4:48:3d:57:8c:5c:36:ad:fd: 43:24:1a:62:d3:eb:07:7f:7b:f4:16:b2:7b:b7:ec: 58:7a:cd:34:11:71:51:c3:a1:ee:8a:d7:2a:c2:5c: 5d:11:27:85:8d:87:17:0e:a8:6d:96:f9:5d:dc:3a: 78:d9:e2:0c:0e:c4:7a:d1:67:d7:65:5e:f5:61:15: 07:19:63:fb:e8:af:3d:c4:2d:79:5b:cd:1e:65:2c: 3b:f5:60:55:98:ec:b7:62:ef:4d:bf:ae:16:95:44: a7:cf:5b:10:ea:46:f8:dc:9d:7d:57:b0:01:fb:6c: 01:57:b4:90:bb:f6:b4:d3:80:7d:2b:80:02:68:3b: 99:35:59:69:d4:b9:9a:9f:45:0a:58:9c:12:28:8b: 8f:4c:3f:93:c8:77:78:b8:cf:fe:75:e9:86:8f:e5: dc:30:1e:28:f5:dd:a4:59:f9:86:ca:2b:dd:4b:7d: 39:a6:bf:5b:d5:a1:45:d8:dd:bf:a9:12:76:29:f3: 77:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E9:C8:9D:54:A8:85:FA:88:DB:BE:CB:A6:77:E2:25:18:8A:D4:62 X509v3 Authority Key Identifier: keyid:E5:B1:CE:1D:45:39:18:19:5B:EB:5C:D9:0F:6D:87:9E:FE:99:10:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bHOHUU5GBlb61zZD22Hnv6ZEKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE5E8/E9E1BF28A30511EDAC14EE6CC4F9AE02/5bHOHUU5GBlb61zZD22Hnv6ZEKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:91:53:1b:4e:46:ec:63:09:e5:80:f3:f9:29:92:3d:ca:af: ef:20:e5:c2:ec:1b:bd:6b:3f:cc:83:e7:ea:70:9f:3f:f7:f0: 3d:9d:88:43:ec:fa:16:1d:f4:2b:6e:55:ee:ac:a5:e7:bb:14: 5a:95:4e:4e:c9:3e:8a:70:e3:b3:63:a0:85:f6:d9:14:fb:c0: 4e:e4:19:76:56:90:bf:b7:23:8f:43:ec:6a:a3:29:32:d2:b0: c9:73:4c:71:38:9c:cc:03:1e:93:41:88:c3:01:84:f3:f5:39: 9c:6d:9d:fe:c9:b7:dd:7f:61:d5:c0:5e:24:de:79:57:0c:56: 70:2c:77:fa:eb:42:47:6f:ed:a3:a5:1e:e0:b4:a4:fe:e0:6f: 40:b9:5d:cf:e7:92:9e:92:d1:c7:b4:4a:69:59:35:80:36:da: 8d:9e:07:28:fb:fb:6f:d9:22:75:2f:69:8c:a9:43:68:6a:3d: b9:3a:80:35:b7:54:3c:ab:17:2c:da:a7:79:21:75:d7:b9:c5: 6c:8a:57:a0:be:7e:33:fe:be:b8:96:3a:fc:a8:71:95:d7:7c: 5d:a0:98:3e:17:ed:ef:ba:0d:61:c9:68:4b:62:ab:ec:c9:fb: 86:4e:f4:07:00:a0:d3:4a:32:e6:73:0c:1f:c3:84:e7:81:4b: ed:88:9e:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU1RTgxMTAvBgNVBAUTKEU1QjFDRTFENDUzOTE4MTk1QkVCNUNEOTBGNkQ4NzlF RkU5OTEwQTIwHhcNMjUwOTA1MDI1NTUzWhcNMjUwOTEyMDI1NTUzWjAYMRYwFAYD VQQDEw02OGJhNTEzOS1iOWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuqsq+GtbII50rSdFr3Ir4McHYqi/Ztpg08GGN6H0sTuosQ1OZX4ha5ebUvzf MD0SbbxTaXRh/khSBQGktPSva0+kSD1XjFw2rf1DJBpi0+sHf3v0FrJ7t+xYes00 EXFRw6HuitcqwlxdESeFjYcXDqhtlvld3Dp42eIMDsR60WfXZV71YRUHGWP76K89 xC15W80eZSw79WBVmOy3Yu9Nv64WlUSnz1sQ6kb43J19V7AB+2wBV7SQu/a004B9 K4ACaDuZNVlp1Lman0UKWJwSKIuPTD+TyHd4uM/+demGj+XcMB4o9d2kWfmGyivd S305pr9b1aFF2N2/qRJ2KfN3awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInpyJ1U qIX6iNu+y6Z34iUYitRiMB8GA1UdIwQYMBaAFOWxzh1FORgZW+tc2Q9th57+mRCi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTVFOC9FOUUxQkYyOEEz MDUxMUVEQUMxNEVFNkNDNEY5QUUwMi81YkhPSFVVNUdCbGI2MXpaRDIySG52NlpF S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzViSE9IVVU1R0JsYjYxelpEMjJIbnY2WkVLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTVFOC9FOUUxQkYyOEEzMDUxMUVEQUMxNEVFNkNDNEY5QUUwMi81YkhPSFVVNUdC bGI2MXpaRDIySG52NlpFS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqkVMbTkbsYwnlgPP5KZI9yq/vIOXC7Bu9az/Mg+fqcJ8/9/A9nYhD 7PoWHfQrblXurKXnuxRalU5OyT6KcOOzY6CF9tkU+8BO5Bl2VpC/tyOPQ+xqoyky 0rDJc0xxOJzMAx6TQYjDAYTz9TmcbZ3+ybfdf2HVwF4k3nlXDFZwLHf660JHb+2j pR7gtKT+4G9AuV3P55KektHHtEppWTWANtqNngco+/tv2SJ1L2mMqUNoaj25OoA1 t1Q8qxcs2qd5IXXXucVsilegvn4z/r64ljr8qHGV13xdoJg+F+3vug1hyWhLYqvs yfuGTvQHAKDTSjLmcwwfw4TngUvtiJ4j -----END CERTIFICATE-----Generated at Sat Sep 6 12:08:16 2025 by rpki-client