$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft File: lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft (raw, json) Hash identifier: x7T06F0td1TEhg9kCVD77PRNkc2eI2IVht4oGFMscVw= Subject key identifier: 6A:21:31:F2:07:37:72:FD:23:0C:FA:0A:7C:8E:1C:C9:D9:1B:F4:14 Authority key identifier: 94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D Certificate issuer: /CN=A91E41C9/serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Certificate serial: 08B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft Manifest number: 08AA Signing time: Sun 24 Aug 2025 20:33:23 +0000 Manifest this update: Sun 24 Aug 2025 20:33:22 +0000 Manifest next update: Sun 31 Aug 2025 20:33:22 +0000 Files and hashes: 1: lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl (hash: 4JJOXwgKnZABtVB7lN8KoQqcgrzpUJqOXrjOXj2pnc0=) 2: 2C74B00CF70011EA8EFF4C67C4F9AE02.roa (hash: tCsERzsAtsk+5phQVU01aXCd1wv6EXGawIRg0i0oP6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 19:03:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2224 (0x8b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Validity Not Before: Aug 24 20:33:22 2025 GMT Not After : Aug 31 20:33:22 2025 GMT Subject: CN=68ab7713-4b65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:16:f0:b7:0b:62:0e:86:8a:46:55:4b:df:97: 5f:92:fb:78:c6:93:29:ae:89:b5:91:63:06:f5:9f: bb:db:41:89:5e:d2:73:1a:7a:1d:b1:85:e1:0f:8a: 3c:05:62:cd:c5:b0:e6:57:d1:ad:e2:95:83:87:53: 0d:83:93:87:59:5a:4a:7c:33:94:f1:e5:7a:3f:83: 4d:28:dd:d4:d8:bd:c4:d3:a0:b6:a7:0f:80:38:c0: 79:50:44:7f:d9:2c:03:87:06:a1:f5:9f:da:bc:7b: 67:4e:cb:57:08:e9:ce:fa:58:15:32:4a:46:c3:f5: d3:15:c7:41:7e:14:69:aa:7b:fe:a0:06:0e:3e:dd: 7d:18:9f:3a:2c:dd:e1:f0:8d:43:d3:83:d4:fe:2e: 02:47:b9:b9:ec:b2:bf:c0:c2:f9:2c:99:3d:15:81: a0:34:15:57:0a:c5:aa:ff:5b:b1:ed:bb:b9:c9:3c: 0b:e4:c4:b8:63:50:48:d3:e7:9c:7b:41:b3:40:a7: e6:ab:07:2b:a2:71:bc:40:d9:dd:c1:fa:d5:b9:aa: a1:18:1d:98:9e:78:27:9a:3c:f8:44:18:78:41:59: b9:06:48:57:15:b2:c8:50:63:a7:54:ee:5e:4f:6e: 42:9f:f4:fa:d6:6c:71:eb:14:be:0d:a8:de:3a:a1: 14:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:21:31:F2:07:37:72:FD:23:0C:FA:0A:7C:8E:1C:C9:D9:1B:F4:14 X509v3 Authority Key Identifier: keyid:94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:90:46:6e:63:8d:62:e4:5a:e2:11:6e:1f:58:13:47:ed:0c: 1c:85:d2:56:87:b5:d2:03:9b:4f:63:04:af:98:27:de:39:50: 6c:d4:1f:a3:59:7f:4e:e8:8e:86:aa:14:22:91:7b:14:36:6a: fe:b3:cc:46:0b:99:d4:4c:a2:68:fc:22:76:68:b9:cd:3f:c6: 6b:77:38:d3:7e:7f:90:41:b9:19:05:c1:2a:cd:da:4a:f3:f7: 1b:e0:7b:a7:3a:2d:0f:1e:28:b8:c7:2c:31:6d:bd:24:df:a9: f7:18:1f:56:a6:6c:e6:79:0a:ff:73:ff:04:a1:7a:72:99:04: 5e:b9:67:85:29:7d:32:1e:d2:50:2c:e0:9c:40:4a:b8:98:bc: 2e:d9:83:48:14:10:ac:55:46:ab:85:88:dc:4e:d9:23:95:bc: e2:c3:bc:0e:fd:ca:0a:04:55:01:4f:b2:14:22:e8:2b:71:43: 2c:de:a4:c4:cb:a7:46:32:eb:85:c8:e2:a5:03:47:09:42:45: ca:c5:c3:25:6f:dd:c5:50:6f:83:63:cf:a2:f3:7d:38:bf:a6: 1f:fa:6d:66:44:1c:7f:0b:26:09:57:91:3b:34:ae:86:99:18: 3e:db:d7:0a:6a:cf:f4:7b:b3:79:75:22:55:d0:04:9a:23:70: c4:25:10:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQxQzkxMTAvBgNVBAUTKDk0NzBFNzYxMDgwNjNFNEY3QzY0QUQ0M0QwNzZCQzEx QUUxRkRCNUQwHhcNMjUwODI0MjAzMzIyWhcNMjUwODMxMjAzMzIyWjAYMRYwFAYD VQQDEw02OGFiNzcxMy00YjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvhbwtwtiDoaKRlVL35dfkvt4xpMprom1kWMG9Z+720GJXtJzGnodsYXhD4o8 BWLNxbDmV9Gt4pWDh1MNg5OHWVpKfDOU8eV6P4NNKN3U2L3E06C2pw+AOMB5UER/ 2SwDhwah9Z/avHtnTstXCOnO+lgVMkpGw/XTFcdBfhRpqnv+oAYOPt19GJ86LN3h 8I1D04PU/i4CR7m57LK/wML5LJk9FYGgNBVXCsWq/1ux7bu5yTwL5MS4Y1BI0+ec e0GzQKfmqwcronG8QNndwfrVuaqhGB2Ynngnmjz4RBh4QVm5BkhXFbLIUGOnVO5e T25Cn/T61mxx6xS+DajeOqEUIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGohMfIH N3L9Iwz6CnyOHMnZG/QUMB8GA1UdIwQYMBaAFJRw52EIBj5PfGStQ9B2vBGuH9td MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDFDOS80OUJEOURBNkMw RjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1BrOThaSzFEMEhhOEVhNGYy MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIRG5ZUWdHUGs5OFpLMUQwSGE4RWE0ZjIxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1Br OThaSzFEMEhhOEVhNGYyMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIkEZuY41i5FriEW4fWBNH7QwchdJWh7XSA5tPYwSvmCfeOVBs1B+j WX9O6I6GqhQikXsUNmr+s8xGC5nUTKJo/CJ2aLnNP8ZrdzjTfn+QQbkZBcEqzdpK 8/cb4HunOi0PHii4xywxbb0k36n3GB9WpmzmeQr/c/8EoXpymQReuWeFKX0yHtJQ LOCcQEq4mLwu2YNIFBCsVUarhYjcTtkjlbziw7wO/coKBFUBT7IUIugrcUMs3qTE y6dGMuuFyOKlA0cJQkXKxcMlb93FUG+DY8+i8304v6Yf+m1mRBx/CyYJV5E7NK6G mRg+29cKas/0e7N5dSJV0ASaI3DEJRA/ -----END CERTIFICATE-----Generated at Sun Aug 24 22:16:15 2025 by rpki-client