$ rpki-client -vvf rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.mft File: VXiaNBbn71Fc4I8Fo28d7YNETAk.mft (raw, json) Hash identifier: zObnOmIYdHAOGCSqvjCOxfuKX8icOqfcjnSheVSlFIc= Subject key identifier: 00:7B:B5:B8:53:86:9A:B3:25:E3:98:AE:48:9E:C5:D0:8B:2B:E2:FC Authority key identifier: 55:78:9A:34:16:E7:EF:51:5C:E0:8F:05:A3:6F:1D:ED:83:44:4C:09 Certificate issuer: /CN=A91F43F2/serialNumber=55789A3416E7EF515CE08F05A36F1DED83444C09 Certificate serial: 1D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VXiaNBbn71Fc4I8Fo28d7YNETAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.mft Manifest number: 1C Signing time: Wed 03 Sep 2025 08:37:00 +0000 Manifest this update: Wed 03 Sep 2025 08:37:00 +0000 Manifest next update: Wed 10 Sep 2025 08:37:00 +0000 Files and hashes: 1: VXiaNBbn71Fc4I8Fo28d7YNETAk.crl (hash: 0VNdXJg2XROvLLSXyNkU4UjPLBa2O+DJCbVp1u1bIko=) 2: A19F973C60C011F0A28C7F2CC4F9AE02.roa (hash: z6l4Kf7BBkbhNbxfRp+L0t7tdYphMHusFnOI/s0ajOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.crl rsync://rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VXiaNBbn71Fc4I8Fo28d7YNETAk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 08:36:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F43F2, serialNumber=55789A3416E7EF515CE08F05A36F1DED83444C09 Validity Not Before: Sep 3 08:37:00 2025 GMT Not After : Sep 10 08:37:00 2025 GMT Subject: CN=68b7fe2c-05c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:5a:8a:3b:db:49:b8:ed:22:83:d2:b5:5c:2c: 33:ef:bc:93:b1:b0:f7:af:37:8f:a0:b6:24:5f:ba: e3:32:d4:1c:9a:17:c2:4f:e5:24:d3:c6:5a:c1:5f: 5f:ad:b9:f1:d8:8b:ce:e8:d2:76:7b:87:47:0e:d9: a0:d1:a1:87:f9:6c:25:22:f6:91:59:24:ae:b0:c2: 55:86:18:93:13:86:63:00:0d:49:a4:6c:9e:d2:98: f2:4b:ae:68:76:e8:fa:4e:a4:d7:e3:a1:77:24:eb: ee:20:89:34:bd:d1:33:ba:e8:3e:5c:58:1b:eb:88: da:ef:05:b9:22:6d:00:e9:63:e6:fa:cd:2a:03:a2: 0e:70:95:9e:1c:71:b6:de:3b:da:43:b2:53:08:15: ef:96:99:1d:48:d1:0a:9e:ac:37:71:57:f7:d5:a7: 84:24:ef:ee:cf:e1:73:83:d2:d1:83:14:94:60:3a: 19:50:f5:c4:54:19:3b:c8:f6:4f:94:ba:c6:99:db: 1c:f8:73:af:80:c4:6c:23:c0:a2:3f:4f:b3:b5:41: b7:00:d5:e2:2c:00:52:d9:21:c7:bf:16:88:25:61: 75:e2:f4:03:58:fb:82:b4:70:a7:7c:ec:66:42:e1: de:1c:01:81:b4:78:de:13:32:00:1e:ad:f3:cd:b0: 20:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:7B:B5:B8:53:86:9A:B3:25:E3:98:AE:48:9E:C5:D0:8B:2B:E2:FC X509v3 Authority Key Identifier: keyid:55:78:9A:34:16:E7:EF:51:5C:E0:8F:05:A3:6F:1D:ED:83:44:4C:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VXiaNBbn71Fc4I8Fo28d7YNETAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F43F2/4180509460C011F0AFB4572BC4F9AE02/VXiaNBbn71Fc4I8Fo28d7YNETAk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:a6:51:bb:4c:46:a4:d3:84:e7:62:41:4d:7e:67:2a:2a:5b: 05:bd:89:88:ec:7f:07:df:a5:2f:1b:17:00:56:c1:c1:55:c7: 47:ad:2a:21:74:8b:09:35:7c:0e:f0:d5:8f:8a:cf:57:5b:f2: 0b:44:0b:40:b2:58:75:f4:06:1a:de:d0:3e:0c:66:04:15:f7: 57:fe:c6:9f:07:85:45:c3:29:f9:76:9a:3e:7e:2e:08:f7:49: 5e:e5:b7:5d:2a:01:08:8a:44:27:9f:80:c8:27:ab:9b:6e:9b: aa:39:16:e2:e3:47:54:59:05:42:ed:81:12:8e:d4:47:d8:e7: e3:f0:8f:70:34:79:b2:ef:a5:19:c0:12:ff:c8:41:97:bd:83: c4:0f:55:df:88:c2:81:1b:26:0a:93:a7:28:4f:ab:54:cb:e9: bf:65:79:7e:4b:b9:c2:e2:70:54:68:76:7e:db:bb:fa:20:b4: 28:8e:d4:50:7a:84:be:5e:2f:dc:dc:90:7c:3d:13:58:65:4f: 97:7c:ca:a4:72:9f:c8:79:1c:fc:f4:eb:5f:a9:62:cd:83:24: 18:1d:b4:02:84:db:6c:90:a2:79:f1:1c:0a:0d:d5:29:90:0e: 5c:58:2b:ef:f2:c0:9f:51:77:37:6e:68:97:10:93:a8:30:00: 9f:60:c2:0e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG NDNGMjExMC8GA1UEBRMoNTU3ODlBMzQxNkU3RUY1MTVDRTA4RjA1QTM2RjFERUQ4 MzQ0NEMwOTAeFw0yNTA5MDMwODM3MDBaFw0yNTA5MTAwODM3MDBaMBgxFjAUBgNV BAMTDTY4YjdmZTJjLTA1YzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHWoo720m47SKD0rVcLDPvvJOxsPevN4+gtiRfuuMy1ByaF8JP5STTxlrBX1+t ufHYi87o0nZ7h0cO2aDRoYf5bCUi9pFZJK6wwlWGGJMThmMADUmkbJ7SmPJLrmh2 6PpOpNfjoXck6+4giTS90TO66D5cWBvriNrvBbkibQDpY+b6zSoDog5wlZ4ccbbe O9pDslMIFe+WmR1I0QqerDdxV/fVp4Qk7+7P4XOD0tGDFJRgOhlQ9cRUGTvI9k+U usaZ2xz4c6+AxGwjwKI/T7O1QbcA1eIsAFLZIce/FoglYXXi9ANY+4K0cKd87GZC 4d4cAYG0eN4TMgAerfPNsCB7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAHu1uFOG mrMl45iuSJ7F0Isr4vwwHwYDVR0jBBgwFoAUVXiaNBbn71Fc4I8Fo28d7YNETAkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0M0YyLzQxODA1MDk0NjBD MDExRjBBRkI0NTcyQkM0RjlBRTAyL1ZYaWFOQmJuNzFGYzRJOEZvMjhkN1lORVRB ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVlhpYU5CYm43MUZjNEk4Rm8yOGQ3WU5FVEFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0 M0YyLzQxODA1MDk0NjBDMDExRjBBRkI0NTcyQkM0RjlBRTAyL1ZYaWFOQmJuNzFG YzRJOEZvMjhkN1lORVRBay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGymUbtMRqTThOdiQU1+ZyoqWwW9iYjsfwffpS8bFwBWwcFVx0etKiF0 iwk1fA7w1Y+Kz1db8gtEC0CyWHX0Bhre0D4MZgQV91f+xp8HhUXDKfl2mj5+Lgj3 SV7lt10qAQiKRCefgMgnq5tum6o5FuLjR1RZBULtgRKO1EfY5+Pwj3A0ebLvpRnA Ev/IQZe9g8QPVd+IwoEbJgqTpyhPq1TL6b9leX5LucLicFRodn7bu/ogtCiO1FB6 hL5eL9zckHw9E1hlT5d8yqRyn8h5HPz061+pYs2DJBgdtAKE22yQonnxHAoN1SmQ DlxYK+/ywJ9RdzduaJcQk6gwAJ9gwg4= -----END CERTIFICATE-----Generated at Thu Sep 4 15:49:47 2025 by rpki-client