$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: vb1NE7COb0h2iIxUIV3ExdjGQOv9M786mQKY6T4wzwc= Subject key identifier: 21:43:74:1D:AD:3F:B3:DD:91:04:82:D5:A0:0C:29:87:7D:A4:DE:9A Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 01CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 01C6 Signing time: Sat 23 Aug 2025 03:04:07 +0000 Manifest this update: Sat 23 Aug 2025 03:04:07 +0000 Manifest next update: Sat 30 Aug 2025 03:04:07 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: tKhgXf9MBxwZU8ECwrrx8MSEyCkMB19XssGVg8NS0Zg=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:04:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 458 (0x1ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Aug 23 03:04:07 2025 GMT Not After : Aug 30 03:04:07 2025 GMT Subject: CN=68a92fa7-7405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:19:01:5a:ac:8f:25:fd:44:7e:13:83:6a:27: 2d:0a:81:53:1d:0f:c5:f1:ae:10:07:2b:76:f5:55: d6:1f:b7:58:8f:4c:e2:7b:c6:07:cd:03:ee:29:28: 66:9c:d6:e6:5b:49:b0:fd:84:76:13:a9:75:83:20: 7a:fc:87:02:f3:f1:5b:86:e4:1c:f2:84:97:e8:f5: 32:56:6b:e6:cf:14:a2:d8:91:0a:10:ec:35:23:fa: bd:7f:f3:3a:50:c4:4d:17:ae:9b:60:14:69:ad:9b: 19:10:51:ce:96:5f:05:0a:a2:8a:f8:80:b6:3f:a9: 03:d0:25:87:4e:1a:16:29:28:ed:b0:d8:4f:90:7a: c3:e0:d3:e2:28:d6:73:b2:0b:99:db:e7:bf:85:50: df:76:62:44:6c:52:a8:2e:6e:dc:7c:c4:8f:8e:1a: 02:5d:7e:f0:4d:cf:33:13:37:03:47:1f:3a:a7:a3: ce:27:cf:fe:b3:e3:ad:64:19:9c:13:bf:c2:ee:ec: b7:82:0a:af:13:7a:6f:e5:55:cc:7a:32:a2:1a:35: 1a:9d:dd:98:57:a3:07:0e:a0:26:01:5d:dc:65:e6: d1:95:3a:12:28:92:42:e7:64:26:ca:4c:17:4b:3f: 1c:1d:ca:f4:8c:e5:fc:51:49:91:d5:e2:af:c0:d9: f3:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:43:74:1D:AD:3F:B3:DD:91:04:82:D5:A0:0C:29:87:7D:A4:DE:9A X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:bf:00:1a:aa:d0:73:2f:2c:ef:cb:74:df:ac:26:20:55:b7: a3:29:fa:6c:6e:70:d8:19:93:e1:70:20:16:2a:94:bd:0e:aa: 6e:27:d6:1e:ec:17:92:3a:5b:9d:49:c6:09:d8:f7:e5:bd:d6: dd:ff:fe:42:2f:d8:e2:fe:6e:c8:8d:f2:a2:32:d9:a4:6e:7d: 31:58:aa:d4:71:39:52:1d:2a:21:8b:cb:b9:be:f6:a2:fb:4f: f9:0b:c1:c8:af:b2:da:63:59:0e:55:f2:3d:2d:6d:f4:1c:e4: 25:f0:c9:3b:42:2e:96:fa:25:42:dc:1a:7e:f0:df:15:69:db: 0d:5b:cc:15:56:0a:bf:48:62:a3:f9:04:66:ec:4e:e7:99:4f: 23:be:8a:71:01:e8:e7:4c:38:59:fd:bf:f0:68:90:16:64:91: 9e:03:c0:f1:72:38:83:0c:31:c1:43:5f:3d:d3:3d:4f:ba:2a: c4:79:4f:f6:62:45:15:5f:11:3d:54:cc:f1:32:b0:b9:bf:b2: c7:df:65:b3:09:88:cf:29:21:25:51:c0:29:2e:52:61:7d:81: 40:94:c7:8b:bf:2c:31:1c:11:05:0f:0a:b3:fb:e5:77:17:af: 3b:b5:83:33:59:30:48:78:21:7f:d7:1b:a6:b1:95:35:06:14: f1:73:d6:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUwODIzMDMwNDA3WhcNMjUwODMwMDMwNDA3WjAYMRYwFAYD VQQDEw02OGE5MmZhNy03NDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzxkBWqyPJf1EfhODaictCoFTHQ/F8a4QByt29VXWH7dYj0zie8YHzQPuKShm nNbmW0mw/YR2E6l1gyB6/IcC8/FbhuQc8oSX6PUyVmvmzxSi2JEKEOw1I/q9f/M6 UMRNF66bYBRprZsZEFHOll8FCqKK+IC2P6kD0CWHThoWKSjtsNhPkHrD4NPiKNZz sguZ2+e/hVDfdmJEbFKoLm7cfMSPjhoCXX7wTc8zEzcDRx86p6POJ8/+s+OtZBmc E7/C7uy3ggqvE3pv5VXMejKiGjUand2YV6MHDqAmAV3cZebRlToSKJJC52QmykwX Sz8cHcr0jOX8UUmR1eKvwNnzkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFDdB2t P7PdkQSC1aAMKYd9pN6aMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcvwAaqtBzLyzvy3TfrCYgVbejKfpsbnDYGZPhcCAWKpS9DqpuJ9Ye 7BeSOludScYJ2Pflvdbd//5CL9ji/m7IjfKiMtmkbn0xWKrUcTlSHSohi8u5vvai +0/5C8HIr7LaY1kOVfI9LW30HOQl8Mk7Qi6W+iVC3Bp+8N8VadsNW8wVVgq/SGKj +QRm7E7nmU8jvopxAejnTDhZ/b/waJAWZJGeA8DxcjiDDDHBQ1890z1PuirEeU/2 YkUVXxE9VMzxMrC5v7LH32WzCYjPKSElUcApLlJhfYFAlMeLvywxHBEFDwqz++V3 F687tYMzWTBIeCF/1xumsZU1BhTxc9Y/ -----END CERTIFICATE-----Generated at Sun Aug 24 22:16:08 2025 by rpki-client