$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft File: aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft (raw, json) Hash identifier: /9YlkIkX0z3iYe/toE1geoEPVFRVSFIhnNgaYBftrHU= Subject key identifier: E8:79:B4:D1:FA:40:47:6E:94:8D:3A:7E:5D:D7:E5:BC:81:75:E1:B3 Authority key identifier: 68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 Certificate issuer: /CN=A91EA9BD/serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Certificate serial: 30E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft Manifest number: 30E2 Signing time: Sat 06 Sep 2025 15:27:49 +0000 Manifest this update: Sat 06 Sep 2025 15:27:48 +0000 Manifest next update: Sat 13 Sep 2025 15:27:48 +0000 Files and hashes: 1: aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl (hash: er9aFd6J1K8oGCWqBRX9afs8YhwDlGTWjxSaQCJPbEI=) 2: 93C0837AA52911EC9D2DAE83C4F9AE02.roa (hash: +n1EkVjGqmRIN2F0mYDcDpolX9s17cHIyXg+OPTXZ6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 15:27:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12519 (0x30e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9BD, serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Validity Not Before: Sep 6 15:27:48 2025 GMT Not After : Sep 13 15:27:48 2025 GMT Subject: CN=68bc52f5-195d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:61:81:67:7a:22:67:c6:af:dc:9b:02:fa:b0: 23:8b:9d:dc:19:43:ef:cc:00:08:f3:27:11:86:61: 63:0a:94:4b:eb:37:37:bd:50:41:7a:c1:46:66:b5: 9c:fc:65:2b:be:e5:7a:01:91:09:3c:18:67:d1:79: 48:d8:ef:7f:e2:9f:34:38:06:9c:de:50:d9:3a:05: 9b:0e:49:80:37:f7:71:8e:c3:1c:fc:aa:c9:d4:b9: 85:48:cf:ca:71:a8:89:db:9e:76:95:18:47:a0:38: d2:e0:d5:86:e7:bf:5c:ef:c4:af:e3:51:bd:bf:8e: 01:91:a4:e1:6d:61:32:05:79:c6:b0:48:db:85:ea: 0d:8e:44:75:a8:2c:66:9d:39:51:aa:d7:05:51:73: 9e:be:69:b6:e3:46:39:26:32:49:f5:02:8e:a3:7e: f5:90:0c:03:1b:d2:ea:4f:11:9d:53:3f:ed:08:16: 33:d2:08:cf:ed:0b:1a:a9:47:a0:5d:53:0f:7d:35: d8:2f:5a:65:38:88:06:43:35:74:0a:32:ec:7f:f5: d0:72:90:8a:04:bc:7b:0b:9e:80:7c:b5:cb:71:22: 8e:e7:69:ce:1c:f2:44:b4:c7:90:50:a1:20:7d:be: dd:ba:64:4b:c3:8c:32:62:06:c6:03:bf:e0:ab:b0: 4b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:79:B4:D1:FA:40:47:6E:94:8D:3A:7E:5D:D7:E5:BC:81:75:E1:B3 X509v3 Authority Key Identifier: keyid:68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:4c:2f:eb:f5:58:b3:9f:3d:f5:6e:5f:5f:dd:6a:c6:55:4c: 95:71:d6:78:e0:3b:b5:dd:af:f1:42:ef:1e:fe:91:cd:07:4b: b1:69:58:9b:6c:85:bd:de:79:ef:b2:01:ed:a4:5e:10:72:b9: e5:c6:00:d9:8a:a3:f4:29:e0:e9:87:3d:23:de:c6:df:9b:94: 79:9b:78:d4:84:06:83:13:25:f1:36:40:c7:b0:91:a0:b6:f8: ba:8a:aa:62:e7:e8:d7:16:fb:18:31:dd:a6:7f:d5:79:3c:1d: 63:27:15:70:bf:ca:50:37:69:fc:5b:37:61:9d:95:48:0b:e7: 16:14:aa:12:e6:30:41:f0:e6:7d:5a:9d:b0:d7:df:68:ba:fe: 50:2c:2c:a1:90:4f:f9:5c:6f:04:03:fc:91:a3:a5:23:ff:a0: 3c:b3:8f:6a:3c:e9:e9:fc:8b:2f:7c:9c:f0:3c:df:7f:18:0d: d3:20:97:28:aa:4c:c3:63:0e:cf:3c:a2:6f:f3:18:57:da:31: 52:fc:b1:0a:cf:34:8f:c4:4f:c3:89:cf:91:2e:f1:66:9f:bd: fd:62:df:de:5f:d8:bb:e1:70:54:e9:4f:1f:a3:0d:7e:11:6c: db:67:e8:63:6b:62:cb:10:e5:6c:5c:d8:b6:a2:ab:4a:45:29: 65:e6:8f:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5QkQxMTAvBgNVBAUTKDY4NkEwMDU3MTY0RDE0MzhFQzU5NTg2REE4QkFBNTQ2 NUZEODI5QzcwHhcNMjUwOTA2MTUyNzQ4WhcNMjUwOTEzMTUyNzQ4WjAYMRYwFAYD VQQDEw02OGJjNTJmNS0xOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvmGBZ3oiZ8av3JsC+rAji53cGUPvzAAI8ycRhmFjCpRL6zc3vVBBesFGZrWc /GUrvuV6AZEJPBhn0XlI2O9/4p80OAac3lDZOgWbDkmAN/dxjsMc/KrJ1LmFSM/K caiJ2552lRhHoDjS4NWG579c78Sv41G9v44BkaThbWEyBXnGsEjbheoNjkR1qCxm nTlRqtcFUXOevmm240Y5JjJJ9QKOo371kAwDG9LqTxGdUz/tCBYz0gjP7QsaqUeg XVMPfTXYL1plOIgGQzV0CjLsf/XQcpCKBLx7C56AfLXLcSKO52nOHPJEtMeQUKEg fb7dumRLw4wyYgbGA7/gq7BLbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOh5tNH6 QEdulI06fl3X5byBdeGzMB8GA1UdIwQYMBaAFGhqAFcWTRQ47FlYbai6pUZf2CnH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wM0I4MEYzOERG NUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZEanNXVmh0cUxxbFJsX1lL Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FHb0FWeFpORkRqc1dWaHRxTHFsUmxfWUtjYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTlCRC8wM0I4MEYzOERGNUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZE anNXVmh0cUxxbFJsX1lLY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2TC/r9Viznz31bl9f3WrGVUyVcdZ44Du13a/xQu8e/pHNB0uxaVib bIW93nnvsgHtpF4QcrnlxgDZiqP0KeDphz0j3sbfm5R5m3jUhAaDEyXxNkDHsJGg tvi6iqpi5+jXFvsYMd2mf9V5PB1jJxVwv8pQN2n8WzdhnZVIC+cWFKoS5jBB8OZ9 Wp2w199ouv5QLCyhkE/5XG8EA/yRo6Uj/6A8s49qPOnp/IsvfJzwPN9/GA3TIJco qkzDYw7PPKJv8xhX2jFS/LEKzzSPxE/Dic+RLvFmn739Yt/eX9i74XBU6U8fow1+ EWzbZ+hja2LLEOVsXNi2oqtKRSll5o+M -----END CERTIFICATE-----Generated at Mon Sep 8 08:36:58 2025 by rpki-client