$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.mft File: mG5BZ9azgH9J98JgDWD5wmCacJY.mft (raw, json) Hash identifier: GQtlP+p2EOEvo+9SZlADNY67wxxkpbrz6u0l5zaj8o8= Subject key identifier: B9:B5:F8:97:21:C8:BB:7E:FE:3B:59:2D:BB:D2:39:93:C0:68:CB:1D Authority key identifier: 98:6E:41:67:D6:B3:80:7F:49:F7:C2:60:0D:60:F9:C2:60:9A:70:96 Certificate issuer: /CN=A91F3806/serialNumber=986E4167D6B3807F49F7C2600D60F9C2609A7096 Certificate serial: 0C4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mG5BZ9azgH9J98JgDWD5wmCacJY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.mft Manifest number: 0C47 Signing time: Wed 20 Aug 2025 18:38:08 +0000 Manifest this update: Wed 20 Aug 2025 18:38:08 +0000 Manifest next update: Wed 27 Aug 2025 18:38:08 +0000 Files and hashes: 1: mG5BZ9azgH9J98JgDWD5wmCacJY.crl (hash: +aRXRGK6962DmZMhHTr87TEx+QD/ZNSeJlz1FqFGgp4=) 2: 4E54AA4C0B7E11EA9D8BA43CC4F9AE02.roa (hash: w2KSsvNhZHM7vSx0ch62iXJXMI5bT8m3Td81LTUblUM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.crl rsync://rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mG5BZ9azgH9J98JgDWD5wmCacJY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 18:38:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3149 (0xc4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3806, serialNumber=986E4167D6B3807F49F7C2600D60F9C2609A7096 Validity Not Before: Aug 20 18:38:08 2025 GMT Not After : Aug 27 18:38:08 2025 GMT Subject: CN=68a61610-4230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:9b:9b:59:c4:b9:99:d8:20:84:f4:42:07:04: 15:df:89:08:fe:9f:e1:5f:eb:22:bd:bd:b3:75:08: bd:12:6a:ed:0a:51:06:cc:33:bb:6d:4e:a2:60:6e: e5:89:f7:d6:c7:d3:36:5c:0d:3f:0f:b0:02:f3:f5: 79:53:a1:04:1c:63:b8:11:8d:f4:b4:05:90:ee:30: c5:9f:01:e8:d2:16:8d:8a:79:80:9a:8f:d4:00:a6: bf:38:fc:dd:2f:49:56:a6:18:54:6e:df:98:36:c7: 8e:13:c5:56:93:82:b7:f2:23:48:51:b4:ed:ac:f6: 04:80:96:3d:5b:62:97:7d:da:84:fa:d7:e4:dc:32: 5f:29:8a:11:ad:f2:a2:7d:69:10:f8:63:da:db:d4: fe:8b:65:61:08:bf:8f:e5:6d:75:cd:23:60:f6:6e: 12:39:78:3f:5c:90:d7:61:4e:fc:cf:65:9d:ce:06: 56:1a:aa:fc:fd:1e:a3:41:d3:56:ed:f1:36:ba:8e: 21:f8:37:52:4f:e1:19:8b:f0:b5:7e:85:4a:5c:76: 4b:60:fa:9b:24:b4:0c:64:69:99:fe:03:d6:e6:a3: d5:ec:1c:d7:d1:cf:70:93:1a:2b:24:d7:84:e6:58: bd:0d:05:08:98:2f:d6:6e:07:65:cc:89:2a:43:85: 69:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:B5:F8:97:21:C8:BB:7E:FE:3B:59:2D:BB:D2:39:93:C0:68:CB:1D X509v3 Authority Key Identifier: keyid:98:6E:41:67:D6:B3:80:7F:49:F7:C2:60:0D:60:F9:C2:60:9A:70:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mG5BZ9azgH9J98JgDWD5wmCacJY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3806/B472FE2A0B7C11EA8083E936C4F9AE02/mG5BZ9azgH9J98JgDWD5wmCacJY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:6b:70:6f:c6:4e:1a:22:86:85:0b:65:d3:1a:b4:e4:2e:13: 9c:14:4d:69:e7:3b:78:f3:e1:87:7e:ce:d5:de:ec:5a:77:4c: 72:eb:a7:b0:90:31:bb:81:54:cc:c1:21:93:b1:04:13:b6:cc: eb:a2:14:1e:4b:bf:03:20:c0:3e:06:7b:9a:05:e5:e2:39:d1: f8:f0:fe:31:ad:fb:3c:16:e2:7c:70:cb:cd:72:52:d2:d7:49: f7:4a:dc:0e:ca:91:12:72:10:40:49:18:bd:d9:15:34:2d:b6: 9f:bd:a0:0d:4e:6f:13:80:d9:dd:88:ee:09:a3:58:e6:3f:c2: c8:d3:3f:0e:0b:8f:90:22:a7:6f:0a:e6:f5:f2:64:7a:31:4d: 5e:a6:4a:5f:48:72:2e:4c:8b:5a:2f:13:33:08:0d:d0:f2:8e: 8b:3f:b8:5a:3d:9e:9b:b7:3b:63:2d:2d:dd:06:c2:e0:ab:2a: 24:42:43:94:cd:ab:98:ca:e7:54:04:ae:ef:f5:0f:09:53:bb: 82:a0:fc:45:21:7d:fa:fb:27:d4:67:21:8e:05:b4:29:a1:90: 07:9a:a1:4b:5b:fb:59:1f:23:ad:d2:6d:6d:c6:34:11:85:4c: ee:ec:ea:d4:97:0c:a8:d7:cd:7b:7d:1d:65:b2:0a:e5:ae:0d: 27:21:8a:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjM4MDYxMTAvBgNVBAUTKDk4NkU0MTY3RDZCMzgwN0Y0OUY3QzI2MDBENjBGOUMy NjA5QTcwOTYwHhcNMjUwODIwMTgzODA4WhcNMjUwODI3MTgzODA4WjAYMRYwFAYD VQQDEw02OGE2MTYxMC00MjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAopubWcS5mdgghPRCBwQV34kI/p/hX+sivb2zdQi9EmrtClEGzDO7bU6iYG7l iffWx9M2XA0/D7AC8/V5U6EEHGO4EY30tAWQ7jDFnwHo0haNinmAmo/UAKa/OPzd L0lWphhUbt+YNseOE8VWk4K38iNIUbTtrPYEgJY9W2KXfdqE+tfk3DJfKYoRrfKi fWkQ+GPa29T+i2VhCL+P5W11zSNg9m4SOXg/XJDXYU78z2WdzgZWGqr8/R6jQdNW 7fE2uo4h+DdST+EZi/C1foVKXHZLYPqbJLQMZGmZ/gPW5qPV7BzX0c9wkxorJNeE 5li9DQUImC/WbgdlzIkqQ4Vp2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLm1+Jch yLt+/jtZLbvSOZPAaMsdMB8GA1UdIwQYMBaAFJhuQWfWs4B/SffCYA1g+cJgmnCW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzgwNi9CNDcyRkUyQTBC N0MxMUVBODA4M0U5MzZDNEY5QUUwMi9tRzVCWjlhemdIOUo5OEpnRFdENXdtQ2Fj SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21HNUJaOWF6Z0g5Sjk4SmdEV0Q1d21DYWNKWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MzgwNi9CNDcyRkUyQTBCN0MxMUVBODA4M0U5MzZDNEY5QUUwMi9tRzVCWjlhemdI OUo5OEpnRFdENXdtQ2FjSlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqa3Bvxk4aIoaFC2XTGrTkLhOcFE1p5zt48+GHfs7V3uxad0xy66ew kDG7gVTMwSGTsQQTtszrohQeS78DIMA+BnuaBeXiOdH48P4xrfs8FuJ8cMvNclLS 10n3StwOypESchBASRi92RU0LbafvaANTm8TgNndiO4Jo1jmP8LI0z8OC4+QIqdv Cub18mR6MU1epkpfSHIuTItaLxMzCA3Q8o6LP7haPZ6btztjLS3dBsLgqyokQkOU zauYyudUBK7v9Q8JU7uCoPxFIX36+yfUZyGOBbQpoZAHmqFLW/tZHyOt0m1txjQR hUzu7OrUlwyo1817fR1lsgrlrg0nIYoc -----END CERTIFICATE-----Generated at Fri Aug 22 16:36:07 2025 by rpki-client