$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft File: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft (raw, json) Hash identifier: n/xK6UBSLWbguFP8S7aaVpsmfbLgDg7nL0j+Giox/pc= Subject key identifier: BB:10:93:E2:68:3B:76:D2:AA:7C:5D:29:88:9E:15:B9:36:00:5E:54 Authority key identifier: D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A Certificate issuer: /CN=A91F0AF0/serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Certificate serial: 0C98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft Manifest number: 1DD9 Signing time: Sun 24 Aug 2025 17:13:11 +0000 Manifest this update: Sun 24 Aug 2025 17:13:11 +0000 Manifest next update: Sun 31 Aug 2025 17:13:11 +0000 Files and hashes: 1: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl (hash: PECEId1ZW32cElGf657miV6DoqmBv/5pFr1MYQrh8M8=) 2: CE3C7EF66FEB11EB91967864C4F9AE02.roa (hash: Ecj4wTVjyUbe05JmkTHE3iJeDcHJFhB138/thNFleyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3224 (0xc98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0AF0, serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Validity Not Before: Aug 24 17:13:11 2025 GMT Not After : Aug 31 17:13:11 2025 GMT Subject: CN=68ab4827-8d90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bc:c4:69:55:a5:8c:d3:b4:46:82:86:68:5f: c3:55:2b:ea:46:65:1e:4f:8b:b7:1a:e8:16:32:e7: 8f:db:75:64:2a:d8:5a:0b:cb:aa:c3:d6:2c:62:d6: 95:da:58:3b:4e:80:14:09:17:c8:b4:08:4f:fe:07: 97:d8:93:a8:aa:33:65:31:5b:00:db:fc:5a:bc:6e: f9:a3:b8:f9:5a:75:9d:9a:27:4b:70:e4:ea:bd:74: ec:cb:dc:a7:2b:15:17:b7:ee:4b:63:b3:de:f2:33: fd:1f:a2:27:d9:2e:db:6e:6d:15:1e:a7:b9:37:cd: 88:e9:a4:f9:82:b6:36:0c:2f:56:fa:d1:89:d2:74: 8f:2b:5c:71:f5:db:50:d9:ec:cb:94:5f:5e:14:1a: 1b:f6:7f:bd:57:db:a6:39:9a:9e:5e:24:fe:10:22: 3e:1f:5c:a8:83:f3:2b:15:db:8e:e2:3f:0a:21:36: 23:e6:bd:00:3f:2d:08:c7:f1:76:4e:2e:69:21:ae: a9:2d:85:d8:52:51:76:9e:fc:71:5e:56:db:9d:00: c9:89:31:1e:8f:fb:38:c9:f1:b4:5e:3d:6a:fa:56: e4:74:83:74:9a:56:91:a5:53:0d:ae:a9:a8:fe:19: 82:2f:eb:f2:fb:4e:0d:96:7f:f6:4d:98:a3:fc:f6: b3:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:10:93:E2:68:3B:76:D2:AA:7C:5D:29:88:9E:15:B9:36:00:5E:54 X509v3 Authority Key Identifier: keyid:D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:24:08:19:36:99:73:86:b4:39:5d:6d:70:bc:7f:0c:f1:65: 8c:3f:b3:9a:19:95:dc:89:42:1b:07:34:33:39:73:0a:cc:45: 4a:f0:77:92:23:b4:2b:3d:8b:4a:7a:fa:9d:ba:85:e8:e8:7c: c5:3a:95:5c:82:85:17:a0:74:f5:70:75:42:31:19:f4:09:4a: 9d:04:50:6d:c4:79:ca:58:b3:ba:26:84:8e:b9:da:32:06:89: 68:e7:ea:a8:19:07:8e:50:7f:85:e1:eb:7b:5e:62:37:c5:a8: 88:58:d4:68:46:07:6a:ad:e6:3c:da:3c:0e:dc:8d:39:2d:bc: 18:a7:a9:06:c2:b1:57:bd:a4:7b:e0:c2:fd:b7:92:37:af:08: fb:50:50:4c:40:1d:bc:f9:a3:f6:a4:a1:e6:c8:55:4e:e4:94: 5a:c0:77:62:83:82:28:31:fa:b7:7a:ca:78:ab:83:1f:1b:95: 4c:2f:88:ed:ec:96:d4:eb:27:b0:43:47:ff:b0:41:01:cf:58: c7:4d:11:da:ef:16:80:13:44:6c:d9:47:71:25:17:1e:80:9f: 25:05:5b:d5:9e:0f:42:b3:45:92:77:31:07:7e:25:09:92:16: 26:79:da:e8:dd:7d:34:b6:f8:fd:07:d3:4b:59:0b:39:2a:f6: 56:23:e9:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBBRjAxMTAvBgNVBAUTKEQ5QkQ3MEU3NzdGODYxQUU1NDM4NTcxNDhFNjMzNTJG REE4NEMwN0EwHhcNMjUwODI0MTcxMzExWhcNMjUwODMxMTcxMzExWjAYMRYwFAYD VQQDEw02OGFiNDgyNy04ZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsrzEaVWljNO0RoKGaF/DVSvqRmUeT4u3GugWMueP23VkKthaC8uqw9YsYtaV 2lg7ToAUCRfItAhP/geX2JOoqjNlMVsA2/xavG75o7j5WnWdmidLcOTqvXTsy9yn KxUXt+5LY7Pe8jP9H6In2S7bbm0VHqe5N82I6aT5grY2DC9W+tGJ0nSPK1xx9dtQ 2ezLlF9eFBob9n+9V9umOZqeXiT+ECI+H1yog/MrFduO4j8KITYj5r0APy0Ix/F2 Ti5pIa6pLYXYUlF2nvxxXlbbnQDJiTEej/s4yfG0Xj1q+lbkdIN0mlaRpVMNrqmo /hmCL+vy+04Nln/2TZij/PazOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLsQk+Jo O3bSqnxdKYieFbk2AF5UMB8GA1UdIwQYMBaAFNm9cOd3+GGuVDhXFI5jNS/ahMB6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEFGMC9FMzc2Mjk1MDBG RkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlhNVVPRmNVam1NMUw5cUV3 SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJiMXc1M2Y0WWE1VU9GY1VqbU0xTDlxRXdIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEFGMC9FMzc2Mjk1MDBGRkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlh NVVPRmNVam1NMUw5cUV3SG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKJAgZNplzhrQ5XW1wvH8M8WWMP7OaGZXciUIbBzQzOXMKzEVK8HeS I7QrPYtKevqduoXo6HzFOpVcgoUXoHT1cHVCMRn0CUqdBFBtxHnKWLO6JoSOudoy Bolo5+qoGQeOUH+F4et7XmI3xaiIWNRoRgdqreY82jwO3I05LbwYp6kGwrFXvaR7 4ML9t5I3rwj7UFBMQB28+aP2pKHmyFVO5JRawHdig4IoMfq3esp4q4MfG5VML4jt 7JbU6yewQ0f/sEEBz1jHTRHa7xaAE0Rs2UdxJRcegJ8lBVvVng9Cs0WSdzEHfiUJ khYmedro3X00tvj9B9NLWQs5KvZWI+lV -----END CERTIFICATE-----Generated at Sun Aug 24 21:33:11 2025 by rpki-client