$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: eEp8+49Hip1uUpKZEntGbuoQqGQawTUFf6FI+0NGHBs= Subject key identifier: 2A:DF:6E:96:59:99:30:FD:8B:4C:A9:19:56:72:77:68:30:BD:C8:C1 Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 14AB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 1497 Signing time: Tue 02 Sep 2025 17:05:10 +0000 Manifest this update: Tue 02 Sep 2025 17:05:10 +0000 Manifest next update: Tue 09 Sep 2025 17:05:10 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: Yt5njb/Vs8tJAJBky9T91ECb9HmyScSzef6ddw0rjxg=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 17:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5291 (0x14ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Sep 2 17:05:10 2025 GMT Not After : Sep 9 17:05:10 2025 GMT Subject: CN=68b723c6-f0ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:01:99:ad:48:58:ae:89:78:71:a4:14:d4:65: b5:7b:b7:42:24:0f:66:04:16:ee:16:b9:ac:d5:65: 36:49:ec:8e:a9:82:74:11:a6:c4:d5:98:a9:b5:6e: b9:bd:81:2f:04:95:cf:c8:f4:d4:41:46:00:4a:fc: c7:de:69:35:63:84:ff:a9:9a:0b:40:b9:93:99:57: ba:b9:08:b3:18:18:21:08:d5:f5:df:7e:69:a5:d2: d8:50:85:be:85:4f:8b:8b:f8:89:c1:06:d2:ce:39: 8a:9f:3c:6f:13:e5:88:57:f0:a4:ec:ea:cd:bf:e9: ba:13:ba:7c:49:ba:d6:58:8d:fe:b4:d1:59:4a:21: 49:0f:f3:ca:10:55:88:26:5d:ca:a2:de:71:21:90: a7:c7:8e:6b:23:4b:aa:d7:11:e9:88:eb:05:06:78: 73:85:47:a2:d1:fb:eb:13:7e:bc:cd:54:0e:fc:4d: 8e:22:95:e7:fb:6a:4d:cf:34:6e:46:d4:8b:fd:88: 1f:04:06:18:d3:7b:d9:8d:8f:2a:28:30:b4:74:e0: 58:af:7f:05:3d:eb:8b:66:c9:d8:87:0c:66:2e:38: 1e:d0:5c:df:ef:37:d4:00:5c:47:b3:89:fb:7e:75: 33:35:35:c8:fd:79:4e:30:5c:20:14:c2:f1:3f:a7: 07:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:DF:6E:96:59:99:30:FD:8B:4C:A9:19:56:72:77:68:30:BD:C8:C1 X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:60:2b:d4:ae:17:87:12:21:b7:b4:a8:f6:8f:23:d9:e2:cf: 1c:d0:58:8d:94:dc:66:10:3b:22:da:ec:af:38:3c:e2:3b:0e: df:75:13:4c:11:b2:cc:89:f2:aa:be:56:d3:cf:c1:8e:85:b5: a5:19:3e:d8:d6:1f:db:48:96:49:4e:f9:34:ae:12:50:e3:51: 5a:c5:1f:36:fa:79:d8:0c:c4:89:1b:c5:7f:76:36:d7:c4:e8: f3:eb:74:b6:3b:7d:73:37:ee:2e:1d:55:b4:d1:a8:8c:2a:2b: 36:4c:43:10:ce:df:dd:df:d5:cc:56:4e:41:61:70:fc:5c:0b: 2c:f1:42:6d:53:58:1c:e1:31:69:55:0c:e1:2b:1f:07:3c:25: ff:8d:2f:e7:99:e5:ac:f0:84:5c:80:dc:54:b7:75:ee:70:7a: db:e5:a3:5b:13:e4:e8:a8:78:b0:16:6e:df:43:8c:01:7b:e4: 38:d6:fd:40:be:e1:59:b3:a2:c3:08:4a:99:82:2e:79:27:d2: 5e:b9:11:c6:38:87:a0:47:ae:ec:bc:1d:7f:0c:9f:9f:0f:2f: 99:88:bb:1d:81:7c:73:4f:21:cc:7f:e5:d5:12:2f:f3:17:86: 7c:e2:d5:4b:1c:1a:72:9b:f1:4e:34:70:3c:63:61:99:c4:18: 68:bc:a7:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUwOTAyMTcwNTEwWhcNMjUwOTA5MTcwNTEwWjAYMRYwFAYD VQQDEw02OGI3MjNjNi1mMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0gGZrUhYrol4caQU1GW1e7dCJA9mBBbuFrms1WU2SeyOqYJ0EabE1ZiptW65 vYEvBJXPyPTUQUYASvzH3mk1Y4T/qZoLQLmTmVe6uQizGBghCNX1335ppdLYUIW+ hU+Li/iJwQbSzjmKnzxvE+WIV/Ck7OrNv+m6E7p8SbrWWI3+tNFZSiFJD/PKEFWI Jl3Kot5xIZCnx45rI0uq1xHpiOsFBnhzhUei0fvrE368zVQO/E2OIpXn+2pNzzRu RtSL/YgfBAYY03vZjY8qKDC0dOBYr38FPeuLZsnYhwxmLjge0Fzf7zfUAFxHs4n7 fnUzNTXI/XlOMFwgFMLxP6cHuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCrfbpZZ mTD9i0ypGVZyd2gwvcjBMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABYCvUrheHEiG3tKj2jyPZ4s8c0FiNlNxmEDsi2uyvODziOw7fdRNM EbLMifKqvlbTz8GOhbWlGT7Y1h/bSJZJTvk0rhJQ41FaxR82+nnYDMSJG8V/djbX xOjz63S2O31zN+4uHVW00aiMKis2TEMQzt/d39XMVk5BYXD8XAss8UJtU1gc4TFp VQzhKx8HPCX/jS/nmeWs8IRcgNxUt3XucHrb5aNbE+ToqHiwFm7fQ4wBe+Q41v1A vuFZs6LDCEqZgi55J9JeuRHGOIegR67svB1/DJ+fDy+ZiLsdgXxzTyHMf+XVEi/z F4Z84tVLHBpym/FONHA8Y2GZxBhovKcw -----END CERTIFICATE-----Generated at Thu Sep 4 15:53:24 2025 by rpki-client