$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft File: LnNx4gZThK0R1DN9DS7NH2bSGco.mft (raw, json) Hash identifier: PXpzOX+q6dzWg8d+xK919bEU73MEt0ZWA6jS0XwanEo= Subject key identifier: 24:CC:D0:0B:CE:6C:80:94:69:4F:5E:8E:33:8F:8A:01:C4:88:E4:CC Authority key identifier: 2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA Certificate issuer: /CN=A91F5753/serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Certificate serial: 0284 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft Manifest number: 027F Signing time: Thu 21 Aug 2025 02:08:45 +0000 Manifest this update: Thu 21 Aug 2025 02:08:44 +0000 Manifest next update: Thu 28 Aug 2025 02:08:44 +0000 Files and hashes: 1: LnNx4gZThK0R1DN9DS7NH2bSGco.crl (hash: WyIavvuw2bWmQnE9nHSXE1qL+bihpVJqi8GZiqcRNBs=) 2: 68C425FC1BBF11ED9F87C083C4F9AE02.roa (hash: x9csIWd6s8afCMS1YmHZZTrl70IFmSCSA9MRca7TL7s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:08:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 644 (0x284) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5753, serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Validity Not Before: Aug 21 02:08:44 2025 GMT Not After : Aug 28 02:08:44 2025 GMT Subject: CN=68a67fad-24c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e2:a1:9f:a0:90:a3:90:ae:8e:d3:07:d4:55: 49:cf:e4:b6:25:7c:97:2d:f5:f7:ad:89:76:6c:e5: e1:90:64:da:43:b3:65:17:01:6b:02:8e:0a:2f:bb: 31:15:fd:d4:07:bb:57:2f:a1:d8:69:a6:7d:87:65: 9c:6d:6b:46:06:07:31:46:97:3c:4c:d8:b1:fb:51: 00:32:8e:6d:7f:0e:aa:d5:a2:e2:f7:c8:90:ae:c6: a5:87:db:0c:5e:87:f3:70:8f:57:73:0a:39:ec:48: b4:4e:77:1f:05:e2:09:bc:6a:f3:ea:ce:f6:11:d4: cc:a5:e3:3f:49:02:64:1f:43:ef:98:c1:65:b5:ff: f0:0d:8e:52:88:df:40:d8:28:69:74:f7:7d:fd:19: 76:23:a1:39:3f:e1:d3:f9:32:f4:c2:da:20:91:af: 8f:a5:c3:ca:f1:6a:83:dc:4e:9e:57:85:f2:17:2b: ba:ff:1a:ed:d1:6b:83:6f:6b:0a:cd:ca:fb:a6:a8: be:22:1d:a6:a7:75:cd:15:f0:c7:81:42:ec:88:59: 45:f7:47:5e:39:a1:3c:56:70:f2:3f:63:d7:6b:0b: a9:d1:37:e6:48:c4:8e:61:84:ea:13:d4:f5:35:d9: e6:a7:6d:04:6f:e3:7d:92:df:bd:6a:5e:b5:74:0a: 7e:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:CC:D0:0B:CE:6C:80:94:69:4F:5E:8E:33:8F:8A:01:C4:88:E4:CC X509v3 Authority Key Identifier: keyid:2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:68:fa:fc:e0:c4:fd:98:66:1a:df:5a:6e:64:fe:e7:d1:c1: 50:64:8f:b6:95:95:a2:c6:af:b5:b6:14:ec:43:f7:ec:90:13: 85:05:9c:00:21:04:d8:c9:94:4e:38:42:0c:24:b5:65:81:74: 79:46:04:33:44:b1:f7:12:0a:c9:42:de:36:d1:a5:29:f0:7c: d5:c3:ec:2a:57:26:a9:f8:74:8b:4a:b7:8e:82:59:f6:8f:11: e7:e7:1c:9f:cb:1b:2e:b7:c2:99:44:29:bf:95:0b:a9:68:4b: 39:d1:06:01:44:95:36:6a:57:94:7c:7a:b8:d3:00:a4:d3:a8: 4a:3b:9c:a7:13:02:1b:05:ce:90:18:cc:f3:a4:5b:6a:fe:42: 4f:67:45:19:94:9c:c3:f2:a7:19:5d:ed:64:ca:98:32:42:bd: f8:25:82:ad:18:b7:42:a8:ee:33:ed:ec:07:bd:5f:fe:9c:36: e5:65:1b:dc:74:29:49:c0:f1:b8:2d:41:fa:c2:59:27:40:c2: 66:e8:cc:98:14:17:d4:3d:7c:c7:f9:28:5f:ea:e0:d1:fd:f7: 7a:de:dd:f6:e3:d7:90:ad:f6:a8:74:a2:59:a8:3b:d8:89:12: 33:4a:3d:45:d3:18:e1:ac:38:9b:7e:41:15:a4:c6:e5:de:90: 98:50:02:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU3NTMxMTAvBgNVBAUTKDJFNzM3MUUyMDY1Mzg0QUQxMUQ0MzM3RDBEMkVDRDFG NjZEMjE5Q0EwHhcNMjUwODIxMDIwODQ0WhcNMjUwODI4MDIwODQ0WjAYMRYwFAYD VQQDEw02OGE2N2ZhZC0yNGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmuKhn6CQo5CujtMH1FVJz+S2JXyXLfX3rYl2bOXhkGTaQ7NlFwFrAo4KL7sx Ff3UB7tXL6HYaaZ9h2WcbWtGBgcxRpc8TNix+1EAMo5tfw6q1aLi98iQrsalh9sM XofzcI9Xcwo57Ei0TncfBeIJvGrz6s72EdTMpeM/SQJkH0PvmMFltf/wDY5SiN9A 2ChpdPd9/Rl2I6E5P+HT+TL0wtogka+PpcPK8WqD3E6eV4XyFyu6/xrt0WuDb2sK zcr7pqi+Ih2mp3XNFfDHgULsiFlF90deOaE8VnDyP2PXawup0TfmSMSOYYTqE9T1 Ndnmp20Eb+N9kt+9al61dAp+zQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTM0AvO bICUaU9ejjOPigHEiOTMMB8GA1UdIwQYMBaAFC5zceIGU4StEdQzfQ0uzR9m0hnK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTc1My83QjU2MjQ0NDFC QkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhLMFIxRE45RFM3TkgyYlNH Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xuTng0Z1pUaEswUjFETjlEUzdOSDJiU0djby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTc1My83QjU2MjQ0NDFCQkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhL MFIxRE45RFM3TkgyYlNHY28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoaPr84MT9mGYa31puZP7n0cFQZI+2lZWixq+1thTsQ/fskBOFBZwA IQTYyZROOEIMJLVlgXR5RgQzRLH3EgrJQt420aUp8HzVw+wqVyap+HSLSreOgln2 jxHn5xyfyxsut8KZRCm/lQupaEs50QYBRJU2aleUfHq40wCk06hKO5ynEwIbBc6Q GMzzpFtq/kJPZ0UZlJzD8qcZXe1kypgyQr34JYKtGLdCqO4z7ewHvV/+nDblZRvc dClJwPG4LUH6wlknQMJm6MyYFBfUPXzH+Shf6uDR/fd63t3249eQrfaodKJZqDvY iRIzSj1F0xjhrDibfkEVpMbl3pCYUAJC -----END CERTIFICATE-----Generated at Fri Aug 22 16:32:11 2025 by rpki-client