$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft File: z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json) Hash identifier: 64AUU2WGMyU5naQHELNFhQ1COZjsi+pzDmbEMm0NzVU= Subject key identifier: 9C:8D:FA:E5:38:9A:78:32:FC:89:D8:FF:D5:0B:E7:04:0B:FB:7C:44 Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE Certificate issuer: /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Certificate serial: 0894 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft Manifest number: 088A Signing time: Wed 20 Aug 2025 20:39:53 +0000 Manifest this update: Wed 20 Aug 2025 20:39:53 +0000 Manifest next update: Wed 27 Aug 2025 20:39:53 +0000 Files and hashes: 1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: 3VlQJdLAFadYQq73RnZZS/Z5ZpX/yN1Q1cy9+9uocSY=) 2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: jP9WQeUuHByQOgvhcc4yViwwc1IsiLi4j4kFeZuXSLA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 20:39:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2196 (0x894) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Validity Not Before: Aug 20 20:39:53 2025 GMT Not After : Aug 27 20:39:53 2025 GMT Subject: CN=68a63299-6d50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:74:30:c8:95:32:7d:2e:1a:51:50:c3:f2:88: 53:32:55:fd:f4:7d:dd:63:c9:c5:90:00:27:bc:d1: 99:ee:7e:92:c0:15:da:0e:ac:a4:40:8b:1e:f7:d5: f3:1a:24:86:bf:62:51:e7:23:f3:eb:19:70:1e:33: cb:eb:c3:0a:bc:b5:bc:1c:b4:c3:7b:b1:d2:aa:18: 3d:93:b4:19:27:31:74:11:33:35:f5:43:17:ba:21: b9:b0:0e:83:7d:b3:0f:81:cb:0c:21:df:2e:eb:bc: 85:74:fb:e3:25:0c:be:28:23:2e:cc:12:be:00:c9: cf:98:2f:d1:9c:1c:cb:0d:0a:7b:87:00:30:56:5b: 52:b6:76:c4:4a:03:38:41:9d:12:ba:7b:8e:69:b1: 23:5a:7e:fe:75:93:e5:e8:7b:f5:07:98:b8:03:c3: 73:c3:e8:9d:36:6b:bb:d2:6d:a1:fd:83:40:c1:cb: bf:ca:9e:e0:9d:15:97:8b:05:08:c2:6b:27:e5:21: b9:1d:a6:42:0e:ab:ad:ec:72:8d:43:1c:2d:e2:78: 0b:d0:29:4b:e4:c3:f2:ea:44:3c:c3:9a:77:08:05: bf:e4:44:95:db:06:1a:7e:7e:b8:72:f0:68:a1:0a: a7:ca:20:85:de:ed:f0:d1:37:64:34:9c:63:1b:62: 9d:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:8D:FA:E5:38:9A:78:32:FC:89:D8:FF:D5:0B:E7:04:0B:FB:7C:44 X509v3 Authority Key Identifier: keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:73:86:f7:6f:9a:30:4e:8d:6b:6f:09:5c:63:22:a2:2a:78: 01:25:fa:f6:34:00:1f:9a:be:26:c9:5b:9d:74:bb:0c:f5:a6: 3d:20:3e:5b:33:57:1d:1f:0e:78:f4:a5:8a:49:44:73:f3:29: 53:0c:a8:56:de:64:1b:63:6f:c6:52:a2:fa:b8:a2:5e:90:53: 01:7d:08:c2:de:b2:69:1b:09:89:aa:d1:2e:9e:51:99:55:c2: 69:4d:38:2a:71:03:da:3a:c9:c6:09:0f:11:4a:0a:b3:d1:fa: 76:11:bc:ce:15:f6:bd:09:52:a5:c5:5a:13:16:63:dc:09:02: 05:ef:70:cd:b8:a8:a3:dd:f5:f8:75:e1:d5:57:8a:75:15:ee: 4d:e1:9f:37:3d:b1:4c:ba:f3:ac:b6:5a:21:e6:bd:24:e8:52: a4:6d:b0:8a:49:f3:e6:12:e3:5b:23:c6:d5:44:97:ff:c7:f4: f3:2b:c6:73:c6:a8:b5:b6:7c:e0:58:d2:15:c7:21:77:3b:2e: 07:52:aa:c9:41:03:50:02:fb:02:02:d0:5b:5b:f7:7f:05:c9: 1c:cd:9c:c5:ef:22:57:d2:cc:38:6b:ca:37:8e:2f:d2:a6:69: d8:17:ac:33:44:81:6a:a4:9a:5b:ea:6f:e4:d7:f1:21:97:4b: 14:20:10:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3 MUNCQTQ3QUUwHhcNMjUwODIwMjAzOTUzWhcNMjUwODI3MjAzOTUzWjAYMRYwFAYD VQQDEw02OGE2MzI5OS02ZDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA13QwyJUyfS4aUVDD8ohTMlX99H3dY8nFkAAnvNGZ7n6SwBXaDqykQIse99Xz GiSGv2JR5yPz6xlwHjPL68MKvLW8HLTDe7HSqhg9k7QZJzF0ETM19UMXuiG5sA6D fbMPgcsMId8u67yFdPvjJQy+KCMuzBK+AMnPmC/RnBzLDQp7hwAwVltStnbESgM4 QZ0SunuOabEjWn7+dZPl6Hv1B5i4A8Nzw+idNmu70m2h/YNAwcu/yp7gnRWXiwUI wmsn5SG5HaZCDqut7HKNQxwt4ngL0ClL5MPy6kQ8w5p3CAW/5ESV2wYafn64cvBo oQqnyiCF3u3w0TdkNJxjG2KdiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJyN+uU4 mngy/InY/9UL5wQL+3xEMB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4 MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxc4b3b5owTo1rbwlcYyKiKngBJfr2NAAfmr4myVuddLsM9aY9ID5b M1cdHw549KWKSURz8ylTDKhW3mQbY2/GUqL6uKJekFMBfQjC3rJpGwmJqtEunlGZ VcJpTTgqcQPaOsnGCQ8RSgqz0fp2EbzOFfa9CVKlxVoTFmPcCQIF73DNuKij3fX4 deHVV4p1Fe5N4Z83PbFMuvOstloh5r0k6FKkbbCKSfPmEuNbI8bVRJf/x/TzK8Zz xqi1tnzgWNIVxyF3Oy4HUqrJQQNQAvsCAtBbW/d/BckczZzF7yJX0sw4a8o3ji/S pmnYF6wzRIFqpJpb6m/k1/Ehl0sUIBCF -----END CERTIFICATE-----Generated at Fri Aug 22 16:33:09 2025 by rpki-client