$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft File: mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft (raw, json) Hash identifier: rloRRVyaEcYceMOC3lG2U+mJNI1StXCQrWwaA593f34= Subject key identifier: D5:4F:6C:9B:DA:35:27:97:7F:20:5A:AE:4E:28:5A:6F:B7:1F:90:E3 Authority key identifier: 9A:58:7E:4E:CF:68:EC:77:29:D8:DE:43:5F:FD:AA:DC:EA:5B:49:39 Certificate issuer: /CN=A91E3E80/serialNumber=9A587E4ECF68EC7729D8DE435FFDAADCEA5B4939 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft Manifest number: 2A Signing time: Wed 03 Sep 2025 08:26:42 +0000 Manifest this update: Wed 03 Sep 2025 08:26:41 +0000 Manifest next update: Wed 10 Sep 2025 08:26:41 +0000 Files and hashes: 1: mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl (hash: zRB/zAToyQvXa6NTZXRqUxp3KrN4vAMgtXFD8sHgyVc=) 2: 1E008B864B7411F09B3DF33BC4F9AE02.roa (hash: ev5mDZ6XFmJ+ji01cNK3sq1eGbo1TIpqJN2vMLDyQBI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 08:26:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E80, serialNumber=9A587E4ECF68EC7729D8DE435FFDAADCEA5B4939 Validity Not Before: Sep 3 08:26:41 2025 GMT Not After : Sep 10 08:26:41 2025 GMT Subject: CN=68b7fbc1-5cf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:90:ea:85:dd:b4:7a:22:4a:44:4e:11:f6:82: 31:20:ba:59:01:48:1b:bb:ed:61:3d:4b:3f:cd:87: 83:0f:19:de:38:d6:03:6b:4e:0e:b5:76:6f:7c:90: 10:a9:6c:e8:8e:e3:12:39:a8:0e:4a:6b:a0:0f:7e: ca:ff:62:20:d9:55:cf:65:53:7a:7c:cb:94:2b:6d: f0:4c:33:7d:d1:16:59:25:a1:b5:54:52:74:71:1e: 11:0e:63:2d:16:4d:c4:5c:6a:fc:29:3d:77:fb:d9: 8a:74:d5:fb:da:21:bc:17:3c:28:bc:59:5d:6c:da: 96:6f:2a:c3:28:68:6b:da:d1:f8:ba:34:b8:c9:7d: 91:f5:a9:48:bb:0e:3a:95:26:95:31:6e:44:95:a4: b5:cd:b7:12:c9:b5:3a:f7:a3:cd:d9:06:77:29:96: d9:b5:2a:6a:20:7d:2d:c3:77:bb:6a:5a:b3:6d:4c: 3a:7c:2b:b3:40:6e:46:29:d2:f6:19:d0:ba:3b:7b: 18:bf:01:b4:70:f2:5b:43:11:93:96:a9:8a:b2:1f: 0d:03:06:79:10:6f:01:02:20:0b:5d:40:9e:e4:d1: e4:12:5d:3d:7a:7e:43:32:c9:85:a7:20:3e:0d:d9: e1:a6:99:33:6f:50:c0:84:55:70:ee:1d:bc:da:d8: d6:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:4F:6C:9B:DA:35:27:97:7F:20:5A:AE:4E:28:5A:6F:B7:1F:90:E3 X509v3 Authority Key Identifier: keyid:9A:58:7E:4E:CF:68:EC:77:29:D8:DE:43:5F:FD:AA:DC:EA:5B:49:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:cd:2c:6e:9d:e2:b3:3a:82:02:b4:58:7f:c1:93:5e:ca:b1: e5:fb:7f:69:fe:4d:a0:58:bb:71:39:18:83:94:8d:57:42:20: a4:34:0e:76:ee:43:14:d0:22:72:5e:b6:8d:ad:31:1e:b0:dc: de:0e:78:4e:20:73:79:b3:d8:36:a4:a7:12:51:95:31:db:7e: b1:5c:cf:c6:a3:4d:63:55:5c:f7:65:e7:6c:15:2a:c8:8a:f5: 20:7e:04:b1:7b:20:fa:69:b2:d4:e3:57:2c:a1:70:a7:27:24: 8a:07:05:02:41:cd:c3:a0:42:b8:ba:98:7b:10:77:fb:0c:79: ee:98:53:c0:32:c0:f8:62:c8:57:0b:59:24:76:38:d0:b2:e3: ef:61:13:0c:12:59:fa:e2:ca:67:2e:db:5b:26:bf:c2:b2:b9: 80:d6:ce:a9:3e:d2:be:34:09:97:5a:48:07:af:52:90:01:02: 7d:49:cd:10:cc:aa:ab:40:79:c1:10:b5:9a:11:41:33:ec:82: e4:c8:c2:84:2b:aa:4f:42:dd:37:52:2f:32:79:d6:c7:b0:39: c1:75:a9:7a:bd:45:c5:cb:18:6b:b7:d5:72:c3:f8:33:1e:61: ff:67:88:3c:d4:c2:ac:fa:2f:bd:33:7b:34:20:2b:3b:1f:94: 3b:2a:bd:e8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0U4MDExMC8GA1UEBRMoOUE1ODdFNEVDRjY4RUM3NzI5RDhERTQzNUZGREFBRENF QTVCNDkzOTAeFw0yNTA5MDMwODI2NDFaFw0yNTA5MTAwODI2NDFaMBgxFjAUBgNV BAMTDTY4YjdmYmMxLTVjZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQChkOqF3bR6IkpEThH2gjEgulkBSBu77WE9Sz/Nh4MPGd441gNrTg61dm98kBCp bOiO4xI5qA5Ka6APfsr/YiDZVc9lU3p8y5QrbfBMM33RFlklobVUUnRxHhEOYy0W TcRcavwpPXf72Yp01fvaIbwXPCi8WV1s2pZvKsMoaGva0fi6NLjJfZH1qUi7DjqV JpUxbkSVpLXNtxLJtTr3o83ZBncpltm1KmogfS3Dd7tqWrNtTDp8K7NAbkYp0vYZ 0Lo7exi/AbRw8ltDEZOWqYqyHw0DBnkQbwECIAtdQJ7k0eQSXT16fkMyyYWnID4N 2eGmmTNvUMCEVXDuHbza2NalAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1U9sm9o1 J5d/IFquTihab7cfkOMwHwYDVR0jBBgwFoAUmlh+Ts9o7Hcp2N5DX/2q3OpbSTkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRTgwLzM1NDMzRjIyNEI2 NjExRjBCODg1MjQzOUM0RjlBRTAyL21saC1UczlvN0hjcDJONURYXzJxM09wYlNU ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbWxoLVRzOW83SGNwMk41RFhfMnEzT3BiU1RrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RTgwLzM1NDMzRjIyNEI2NjExRjBCODg1MjQzOUM0RjlBRTAyL21saC1UczlvN0hj cDJONURYXzJxM09wYlNUay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABnNLG6d4rM6ggK0WH/Bk17KseX7f2n+TaBYu3E5GIOUjVdCIKQ0Dnbu QxTQInJeto2tMR6w3N4OeE4gc3mz2DakpxJRlTHbfrFcz8ajTWNVXPdl52wVKsiK 9SB+BLF7IPppstTjVyyhcKcnJIoHBQJBzcOgQri6mHsQd/sMee6YU8AywPhiyFcL WSR2ONCy4+9hEwwSWfriymcu21smv8KyuYDWzqk+0r40CZdaSAevUpABAn1JzRDM qqtAecEQtZoRQTPsguTIwoQrqk9C3TdSLzJ51sewOcF1qXq9RcXLGGu31XLD+DMe Yf9niDzUwqz6L70zezQgKzsflDsqveg= -----END CERTIFICATE-----Generated at Thu Sep 4 13:58:37 2025 by rpki-client