$ rpki-client -vvf rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft File: EhrxRNkD4_iJffD-0gcaFkd17U8.mft (raw, json) Hash identifier: xIE/LjIS+fwTzWQ7L7auWumB/2pusdXwmK2XQ6f4Xuk= Subject key identifier: 3E:3F:08:7A:1D:3F:87:E9:0E:C1:21:D3:27:EE:BD:39:53:AC:F4:CB Authority key identifier: 12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F Certificate issuer: /CN=A91E554A/serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F Certificate serial: AF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft Manifest number: AA Signing time: Sun 07 Sep 2025 06:42:58 +0000 Manifest this update: Sun 07 Sep 2025 06:42:58 +0000 Manifest next update: Sun 14 Sep 2025 06:42:57 +0000 Files and hashes: 1: EhrxRNkD4_iJffD-0gcaFkd17U8.crl (hash: 1nAArfQolJpAaeJuJkUggaLUZ3u+y86E6z05UlOXSRg=) 2: 7C304160FECB11EFB755BB45C4F9AE02.roa (hash: 96JJ4xS4XL/KIJ4tbueQ63oeM+4CMNy+gkgjGzK0Myk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 06:42:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E554A, serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F Validity Not Before: Sep 7 06:42:58 2025 GMT Not After : Sep 14 06:42:57 2025 GMT Subject: CN=68bd2972-c553 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6b:74:a9:19:94:47:df:fb:fc:ad:81:74:b6: 1f:c0:31:4a:ad:9f:f5:6a:9e:4d:73:e7:f5:24:92: b2:9e:09:c8:6c:46:70:f1:26:1d:8a:7d:ca:3d:d4: 8b:48:9c:da:9f:dd:fb:85:26:e9:e7:23:58:cf:2e: 00:1c:1f:58:74:1b:4c:7b:83:5f:6f:31:eb:b0:81: d6:f5:23:48:51:c5:ec:54:0f:0f:ad:10:f0:5b:a3: 0a:94:4f:f0:3a:36:b4:61:f9:f6:5b:8c:5d:46:78: d6:e9:c3:91:87:78:7c:7e:cb:e4:61:19:c6:49:d3: 8f:74:e9:44:4a:b6:69:63:54:80:07:67:06:02:ff: dd:ff:15:62:1e:a0:82:b9:44:46:f6:8d:b6:f1:67: 07:96:91:92:c0:00:8c:de:9e:a2:cd:2e:25:bb:5a: 30:27:e2:19:1b:be:b3:48:d8:a2:15:d1:05:c2:8d: e0:5b:90:cd:44:d1:fd:d3:0e:84:02:b3:7f:b1:10: 4a:af:ea:ae:99:d2:7e:8c:e7:d5:9b:01:00:f8:29: e2:29:d6:67:50:4a:18:f0:61:a1:a6:dc:65:5f:5c: ea:21:12:be:c7:e7:7d:a6:d4:7a:4f:6b:96:6d:c6: ed:06:e3:0a:90:16:79:cc:50:34:e7:3b:8c:71:26: 24:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:3F:08:7A:1D:3F:87:E9:0E:C1:21:D3:27:EE:BD:39:53:AC:F4:CB X509v3 Authority Key Identifier: keyid:12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:7e:d9:cb:a8:ed:ba:e3:52:e3:bb:77:c7:ff:14:3a:78:cf: 7f:b0:de:9d:a8:17:69:22:ba:2b:c3:a0:c3:7e:8a:55:3e:8b: 87:61:d2:3a:8e:20:c1:88:8b:2f:23:9c:66:d8:cf:a5:d4:41: a6:96:33:49:1c:b5:3c:ec:1c:08:35:be:16:8b:bd:65:ca:91: 2a:4b:78:06:41:04:ea:ff:85:8e:de:b4:2e:a3:f5:5e:4f:0c: f1:2d:49:33:17:67:84:c9:cd:28:a5:5d:d1:bb:49:30:1f:0e: 77:0a:d7:5b:27:70:f4:70:6a:2b:d1:b3:f9:2d:f2:fa:6f:20: 93:13:09:10:61:ce:ac:df:e6:b3:e1:95:41:53:33:cb:a5:6a: c4:14:ba:a3:1b:93:f9:58:d9:4d:29:ba:ee:aa:15:71:00:d6: 22:b5:87:86:a5:ba:98:02:30:60:30:0b:8a:08:03:db:b6:68: 33:c2:cd:72:c3:b4:14:6f:d1:29:7f:31:58:7f:d2:e3:02:fe: 54:49:92:e8:4b:25:cc:6b:b7:45:27:f8:65:fc:31:c5:76:8d: d0:a5:aa:5e:12:2e:1f:60:7a:66:16:13:87:20:bb:8f:20:ae: 84:ab:21:5a:a1:e9:8e:c4:9c:7d:0d:84:0f:d2:7b:d1:13:c6: ea:93:0e:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU1NEExMTAvBgNVBAUTKDEyMUFGMTQ0RDkwM0UzRjg4OTdERjBGRUQyMDcxQTE2 NDc3NUVENEYwHhcNMjUwOTA3MDY0MjU4WhcNMjUwOTE0MDY0MjU3WjAYMRYwFAYD VQQDEw02OGJkMjk3Mi1jNTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtWt0qRmUR9/7/K2BdLYfwDFKrZ/1ap5Nc+f1JJKyngnIbEZw8SYdin3KPdSL SJzan937hSbp5yNYzy4AHB9YdBtMe4NfbzHrsIHW9SNIUcXsVA8PrRDwW6MKlE/w Oja0Yfn2W4xdRnjW6cORh3h8fsvkYRnGSdOPdOlESrZpY1SAB2cGAv/d/xViHqCC uURG9o228WcHlpGSwACM3p6izS4lu1owJ+IZG76zSNiiFdEFwo3gW5DNRNH90w6E ArN/sRBKr+qumdJ+jOfVmwEA+CniKdZnUEoY8GGhptxlX1zqIRK+x+d9ptR6T2uW bcbtBuMKkBZ5zFA05zuMcSYkBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD4/CHod P4fpDsEh0yfuvTlTrPTLMB8GA1UdIwQYMBaAFBIa8UTZA+P4iX3w/tIHGhZHde1P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTU0QS83OTVFNzNEMDkx RjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRfaUpmZkQtMGdjYUZrZDE3 VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0VocnhSTmtENF9pSmZmRC0wZ2NhRmtkMTdVOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTU0QS83OTVFNzNEMDkxRjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRf aUpmZkQtMGdjYUZrZDE3VTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPftnLqO2641Lju3fH/xQ6eM9/sN6dqBdpIrorw6DDfopVPouHYdI6 jiDBiIsvI5xm2M+l1EGmljNJHLU87BwINb4Wi71lypEqS3gGQQTq/4WO3rQuo/Ve TwzxLUkzF2eEyc0opV3Ru0kwHw53CtdbJ3D0cGor0bP5LfL6byCTEwkQYc6s3+az 4ZVBUzPLpWrEFLqjG5P5WNlNKbruqhVxANYitYeGpbqYAjBgMAuKCAPbtmgzws1y w7QUb9EpfzFYf9LjAv5USZLoSyXMa7dFJ/hl/DHFdo3QpapeEi4fYHpmFhOHILuP IK6EqyFaoemOxJx9DYQP0nvRE8bqkw4O -----END CERTIFICATE-----Generated at Mon Sep 8 13:10:44 2025 by rpki-client