$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft File: -W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft (raw, json) Hash identifier: vs3v4xYUMFYRZ5CpBmmKnniRbcLd9k+sM/PHA9bTbQ8= Subject key identifier: 43:BC:5E:3B:43:36:42:85:89:B6:E7:8B:AB:55:E1:42:13:9C:DB:23 Authority key identifier: F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 Certificate issuer: /CN=A91E5490/serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Certificate serial: 052C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft Manifest number: 0522 Signing time: Fri 22 Aug 2025 23:46:41 +0000 Manifest this update: Fri 22 Aug 2025 23:46:41 +0000 Manifest next update: Fri 29 Aug 2025 23:46:41 +0000 Files and hashes: 1: -W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl (hash: aYKEyOnbvWFwszQKKOYqbqCp8+wMD6iC/FRyvAqD43k=) 2: 8608449A356511EC9715F015C4F9AE02.roa (hash: clmx/oQr73cJ/dvXJjULbQlKZ0MXrmzLfgGRONsfwYo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:46:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1324 (0x52c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5490, serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Validity Not Before: Aug 22 23:46:41 2025 GMT Not After : Aug 29 23:46:41 2025 GMT Subject: CN=68a90161-ad80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:59:d7:ab:25:95:49:5c:b3:29:96:fb:35:b7: 22:ee:ca:c8:7e:c7:f4:fa:9f:3f:9f:17:e5:a5:4c: d9:55:49:27:d4:fa:15:c7:02:f8:14:8e:3f:3e:4b: 23:11:b5:3b:7e:bb:ff:cd:24:16:2d:b8:3b:0e:af: 82:ac:72:13:99:14:00:d8:64:38:25:11:b1:5c:46: de:12:2d:6f:b7:db:0b:96:09:65:d4:0f:df:ac:09: 62:80:b9:37:1c:c8:44:a8:57:97:e7:77:0b:08:81: 32:e2:92:56:83:a0:9d:a7:c8:84:a5:91:5e:32:ce: d2:97:5f:a9:5d:3d:d0:e6:12:9a:8a:fb:14:10:bc: 22:b0:2b:11:02:3b:d1:ab:b2:76:de:e6:e5:8f:6e: 82:e0:f0:49:d5:e9:66:58:8d:e5:44:46:66:f2:95: c9:a4:55:c7:21:65:b6:36:d5:3b:3c:e0:20:4a:42: b7:8e:27:c5:9a:f1:70:91:73:55:55:15:e0:52:fa: 72:c4:a3:43:4b:5e:0f:15:c0:75:5b:e9:0c:ee:16: 84:fe:b3:ce:2f:1e:72:5f:54:2e:7a:fc:bb:0c:d7: 5d:cf:50:18:50:e3:7f:33:50:1a:75:b9:dc:19:33: e1:94:58:ef:c9:3b:ce:c6:b0:3f:c8:ff:40:df:7e: f6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:BC:5E:3B:43:36:42:85:89:B6:E7:8B:AB:55:E1:42:13:9C:DB:23 X509v3 Authority Key Identifier: keyid:F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:3b:9d:5d:98:71:90:84:fe:2f:e0:ae:3c:29:fe:06:9c:23: 6d:36:4e:54:53:62:8f:d9:18:c4:84:ef:de:b6:50:96:7d:4e: 81:39:9a:45:ee:06:dd:7b:06:07:97:a9:07:76:4d:0d:57:6d: 15:2d:56:7b:42:0d:91:b3:1a:94:96:ba:1b:63:f3:8e:ac:83: d2:0b:58:9d:cf:3c:a6:ad:b8:80:ee:20:9e:d3:25:a7:f6:7d: 2a:e7:31:23:34:40:91:dc:4f:e0:d5:58:ac:3a:d9:ab:6e:65: d9:89:ae:bf:7a:d6:6b:7a:67:05:61:b2:da:95:e3:9c:e4:eb: ed:6d:ef:3e:d2:e1:66:14:8f:de:a1:78:33:91:e6:ef:b6:85: 2d:31:ca:ed:d5:05:7a:c0:1c:57:1c:54:b2:66:de:32:63:91: bd:36:7c:5e:93:bd:46:3b:ce:ce:3f:be:6a:da:a5:44:52:bb: ef:ff:d3:64:d6:a3:75:40:3f:37:ba:5a:fd:3e:d4:6d:49:ec: c8:b2:ff:45:00:d1:22:8d:4c:58:4f:5b:36:b3:58:37:e7:ca: 9f:bb:22:d8:0a:2f:d3:f2:9b:be:26:61:a4:fd:9a:24:d0:4f: 77:90:cf:9d:e4:ef:20:f3:8d:08:64:16:60:07:0a:ff:c6:09: 6b:bb:9b:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU0OTAxMTAvBgNVBAUTKEY5NkZBRTI4OEE2NDMwQURDQ0Y5NUUwRUE4OUYwODVC QjZFODI5RDQwHhcNMjUwODIyMjM0NjQxWhcNMjUwODI5MjM0NjQxWjAYMRYwFAYD VQQDEw02OGE5MDE2MS1hZDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx1nXqyWVSVyzKZb7Nbci7srIfsf0+p8/nxflpUzZVUkn1PoVxwL4FI4/Pksj EbU7frv/zSQWLbg7Dq+CrHITmRQA2GQ4JRGxXEbeEi1vt9sLlgll1A/frAligLk3 HMhEqFeX53cLCIEy4pJWg6Cdp8iEpZFeMs7Sl1+pXT3Q5hKaivsUELwisCsRAjvR q7J23ublj26C4PBJ1elmWI3lREZm8pXJpFXHIWW2NtU7POAgSkK3jifFmvFwkXNV VRXgUvpyxKNDS14PFcB1W+kM7haE/rPOLx5yX1Quevy7DNddz1AYUON/M1Aadbnc GTPhlFjvyTvOxrA/yP9A3372eQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEO8XjtD NkKFibbni6tV4UITnNsjMB8GA1UdIwQYMBaAFPlvriiKZDCtzPleDqifCFu26CnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTQ5MC8zMjFGNTkxRTE0 NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01LM00tVjRPcUo4SVc3Ym9L ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1XLXVLSXBrTUszTS1WNE9xSjhJVzdib0tkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTQ5MC8zMjFGNTkxRTE0NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01L M00tVjRPcUo4SVc3Ym9LZFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEO51dmHGQhP4v4K48Kf4GnCNtNk5UU2KP2RjEhO/etlCWfU6BOZpF 7gbdewYHl6kHdk0NV20VLVZ7Qg2RsxqUlrobY/OOrIPSC1idzzymrbiA7iCe0yWn 9n0q5zEjNECR3E/g1VisOtmrbmXZia6/etZremcFYbLaleOc5Ovtbe8+0uFmFI/e oXgzkebvtoUtMcrt1QV6wBxXHFSyZt4yY5G9Nnxek71GO87OP75q2qVEUrvv/9Nk 1qN1QD83ulr9PtRtSezIsv9FANEijUxYT1s2s1g358qfuyLYCi/T8pu+JmGk/Zok 0E93kM+d5O8g840IZBZgBwr/xglru5t+ -----END CERTIFICATE-----Generated at Sun Aug 24 22:16:09 2025 by rpki-client