$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft File: l85Wj2RoJWRz-Es4s84D6jVJ64k.mft (raw, json) Hash identifier: bNUR8J8/MQpXbjaF0lne81iFPm4HoceuVYHxNoZkh7Y= Subject key identifier: 9D:73:7F:D8:4C:6C:A3:0C:3A:87:50:83:37:E0:C1:66:BA:6E:A2:7C Authority key identifier: 97:CE:56:8F:64:68:25:64:73:F8:4B:38:B3:CE:03:EA:35:49:EB:89 Certificate issuer: /CN=A91FCABC/serialNumber=97CE568F6468256473F84B38B3CE03EA3549EB89 Certificate serial: 01AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft Manifest number: 01A6 Signing time: Fri 05 Sep 2025 03:34:01 +0000 Manifest this update: Fri 05 Sep 2025 03:34:00 +0000 Manifest next update: Fri 12 Sep 2025 03:34:00 +0000 Files and hashes: 1: l85Wj2RoJWRz-Es4s84D6jVJ64k.crl (hash: rY+gDVCw0+W+ZaPacwdGfa1bKeyYc3eUIMYiGVcY2ec=) 2: 35BBCFB005C111EEA3A8584CC4F9AE02.roa (hash: r5pIAbK8kOI15XkP+OMpWTYz9FMauuzr/FnyF6gxDgI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.crl rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 03:34:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 426 (0x1aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCABC, serialNumber=97CE568F6468256473F84B38B3CE03EA3549EB89 Validity Not Before: Sep 5 03:34:00 2025 GMT Not After : Sep 12 03:34:00 2025 GMT Subject: CN=68ba5a28-8328 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6e:cc:fa:40:ac:7a:59:b0:11:99:98:51:ac: 5c:19:4b:72:7f:50:e0:b1:2f:ca:c6:19:5b:e4:74: 1d:7d:cb:75:dc:9a:3e:4f:7f:1c:b9:e6:25:3b:f1: 2e:d5:e1:ac:90:05:a1:92:e0:f5:59:6a:8f:b1:71: 35:2b:6e:39:91:23:70:14:9a:29:87:7d:ff:3e:ea: 03:82:91:85:58:79:34:d7:ea:86:e8:84:cf:67:da: 70:e0:ea:88:a7:ec:fb:d6:f1:6b:65:2a:ed:7b:34: fb:c0:ff:30:62:23:37:fa:a8:73:8b:e9:0a:cf:90: 2e:db:5a:f6:19:3f:56:b4:24:e7:f6:d2:bf:ba:36: fc:a7:09:a8:92:c5:f8:ca:99:2d:46:dd:0d:3e:8e: 46:ad:97:cb:bc:c1:80:31:33:a9:19:a0:5f:a0:23: f6:93:da:48:57:0a:27:cc:92:50:8c:fe:99:7b:fb: 82:32:34:62:ac:54:4c:dc:4b:e6:d7:ce:1c:11:43: a8:c8:44:d3:e2:7d:41:d7:00:38:34:47:9a:15:4b: 23:b3:de:59:3b:ef:04:58:f3:74:e6:99:21:9c:9d: d8:3c:20:61:5d:97:df:4c:90:76:df:8e:10:05:ce: af:8c:e7:51:63:2e:80:16:4d:74:d3:ed:36:dd:b2: 8c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:73:7F:D8:4C:6C:A3:0C:3A:87:50:83:37:E0:C1:66:BA:6E:A2:7C X509v3 Authority Key Identifier: keyid:97:CE:56:8F:64:68:25:64:73:F8:4B:38:B3:CE:03:EA:35:49:EB:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:f8:16:2c:02:af:84:a5:55:e5:3e:e7:10:b3:d1:29:8c:14: e9:73:30:20:96:9b:6a:33:bc:05:10:6b:55:6d:2c:f1:f0:d8: 03:0c:63:53:5b:37:30:b7:e1:5c:8d:4f:f5:3a:56:49:28:32: d7:6e:ef:6a:8b:cd:30:d7:84:11:71:b7:70:5c:e9:60:8b:9f: f5:36:ce:ed:61:3a:9d:90:00:f5:80:dc:d7:97:65:aa:7d:28: 2d:d2:16:08:1b:21:d7:aa:c5:21:d9:19:b9:29:bd:3a:15:cf: 8f:31:d9:cc:18:b9:86:0b:b9:2f:a2:60:45:03:1b:c4:19:0c: 50:f2:d3:42:fc:2c:4b:0b:dc:b4:0d:b2:39:21:c8:13:0c:40: e6:ed:71:6f:cc:96:0b:10:81:c0:a6:9e:03:e0:3b:c3:d6:8a: f6:49:0a:09:51:3c:b1:8d:eb:2a:a1:cb:71:3d:1c:52:8c:37: 15:46:2e:80:30:57:f2:01:c3:85:9a:0d:79:50:87:3e:0d:0a: eb:3a:49:9a:ce:30:19:da:e4:fd:85:8c:97:39:d4:a5:e5:94: d4:8a:a9:54:95:55:bd:6e:98:b5:59:3a:9a:4d:e7:cd:3e:73: 32:db:5e:93:17:24:50:ed:bc:d7:5a:f0:61:aa:1c:12:bc:ec: b4:09:22:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNBQkMxMTAvBgNVBAUTKDk3Q0U1NjhGNjQ2ODI1NjQ3M0Y4NEIzOEIzQ0UwM0VB MzU0OUVCODkwHhcNMjUwOTA1MDMzNDAwWhcNMjUwOTEyMDMzNDAwWjAYMRYwFAYD VQQDEw02OGJhNWEyOC04MzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyG7M+kCselmwEZmYUaxcGUtyf1DgsS/Kxhlb5HQdfct13Jo+T38cueYlO/Eu 1eGskAWhkuD1WWqPsXE1K245kSNwFJoph33/PuoDgpGFWHk01+qG6ITPZ9pw4OqI p+z71vFrZSrtezT7wP8wYiM3+qhzi+kKz5Au21r2GT9WtCTn9tK/ujb8pwmoksX4 ypktRt0NPo5GrZfLvMGAMTOpGaBfoCP2k9pIVwonzJJQjP6Ze/uCMjRirFRM3Evm 184cEUOoyETT4n1B1wA4NEeaFUsjs95ZO+8EWPN05pkhnJ3YPCBhXZffTJB2344Q Bc6vjOdRYy6AFk100+023bKMZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1zf9hM bKMMOodQgzfgwWa6bqJ8MB8GA1UdIwQYMBaAFJfOVo9kaCVkc/hLOLPOA+o1SeuJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0FCQy9DNTUxNjQxMjA1 QjkxMUVFQTkxMzBCMzdDNEY5QUUwMi9sODVXajJSb0pXUnotRXM0czg0RDZqVko2 NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2w4NVdqMlJvSldSei1FczRzODRENmpWSjY0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0FCQy9DNTUxNjQxMjA1QjkxMUVFQTkxMzBCMzdDNEY5QUUwMi9sODVXajJSb0pX UnotRXM0czg0RDZqVko2NGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBq+BYsAq+EpVXlPucQs9EpjBTpczAglptqM7wFEGtVbSzx8NgDDGNT Wzcwt+FcjU/1OlZJKDLXbu9qi80w14QRcbdwXOlgi5/1Ns7tYTqdkAD1gNzXl2Wq fSgt0hYIGyHXqsUh2Rm5Kb06Fc+PMdnMGLmGC7kvomBFAxvEGQxQ8tNC/CxLC9y0 DbI5IcgTDEDm7XFvzJYLEIHApp4D4DvD1or2SQoJUTyxjesqoctxPRxSjDcVRi6A MFfyAcOFmg15UIc+DQrrOkmazjAZ2uT9hYyXOdSl5ZTUiqlUlVW9bpi1WTqaTefN PnMy216TFyRQ7bzXWvBhqhwSvOy0CSLK -----END CERTIFICATE-----Generated at Sat Sep 6 21:05:05 2025 by rpki-client