$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft File: QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft (raw, json) Hash identifier: 1SAnuMkHvs8bkwNO6mEfrInT0iSYibitPwzNsqRMZxE= Subject key identifier: 0A:76:B7:11:8C:6E:37:10:54:4D:55:B2:B0:19:57:4F:BA:9E:41:CE Authority key identifier: 42:67:CF:5D:03:00:4A:8F:EF:DF:21:39:5D:0F:E8:24:54:8B:13:C1 Certificate issuer: /CN=A91FCEB1/serialNumber=4267CF5D03004A8FEFDF21395D0FE824548B13C1 Certificate serial: 20B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft Manifest number: 27DF Signing time: Wed 20 Aug 2025 16:00:51 +0000 Manifest this update: Wed 20 Aug 2025 16:00:51 +0000 Manifest next update: Wed 27 Aug 2025 16:00:51 +0000 Files and hashes: 1: QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl (hash: MhFXYvZJnNkO2Cj1qgksCtSHltMaGcp8EgRKOJoo8U4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 16:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8372 (0x20b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCEB1, serialNumber=4267CF5D03004A8FEFDF21395D0FE824548B13C1 Validity Not Before: Aug 20 16:00:51 2025 GMT Not After : Aug 27 16:00:51 2025 GMT Subject: CN=68a5f133-4330 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:cb:d6:fe:7e:8d:0c:94:a7:88:d4:1a:92:e8: 46:cf:c4:24:d9:75:93:88:57:59:f4:aa:de:0d:5f: b3:e6:80:31:bc:fa:bb:70:bf:7e:e8:ed:16:96:e5: 03:bb:c9:ef:17:9f:20:70:c6:bb:7f:72:b6:03:6b: c5:04:c7:26:b5:88:c7:77:2f:14:42:51:3b:8b:55: 9a:db:1d:2b:fa:b0:19:54:87:f6:be:6b:3b:81:fa: 8e:cd:59:da:f0:cb:85:7d:ad:25:bf:9c:86:d9:a9: 87:c8:b5:1b:43:0c:71:a7:63:d0:3a:2d:67:f1:eb: 8d:0a:fc:a7:42:8b:d7:cd:1c:81:13:a1:5a:87:06: 81:09:06:b6:78:a2:d9:46:76:f3:8e:3c:29:eb:35: e2:30:91:68:49:aa:18:ac:51:89:0a:e5:28:71:92: c3:6a:b4:56:d2:e4:20:87:2b:78:34:ea:d6:a2:84: df:9e:43:79:14:79:ec:58:fe:54:4e:4a:90:a3:d2: bd:d3:c6:d6:97:4d:a9:9d:11:c1:eb:4d:34:bb:17: 2c:77:10:06:ee:93:ae:71:38:b5:c9:f0:f8:af:3d: ca:8a:d8:fd:d9:fe:1e:4d:91:f1:42:8e:6d:a4:c5: 9b:6a:bb:53:f9:9b:5f:e3:66:9a:c5:c0:72:68:89: 64:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:76:B7:11:8C:6E:37:10:54:4D:55:B2:B0:19:57:4F:BA:9E:41:CE X509v3 Authority Key Identifier: keyid:42:67:CF:5D:03:00:4A:8F:EF:DF:21:39:5D:0F:E8:24:54:8B:13:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:9f:6f:6a:ed:19:af:af:0a:95:f3:e1:7f:4f:43:f4:67:13: 48:f5:15:7d:80:59:22:29:21:ff:85:fe:21:f0:20:7a:18:70: 06:5d:e0:1b:5a:03:ef:dd:f3:3e:8f:95:eb:df:ce:4c:22:ad: ca:94:f2:bf:88:1a:c0:82:82:45:5a:2b:59:10:1d:2e:53:dc: 82:50:ea:d6:4b:50:52:32:c8:d4:f9:f5:33:c9:4f:c6:30:15: 87:b6:47:01:e5:1d:75:b0:c6:1a:8e:de:87:7b:d8:be:ab:85: 81:6e:72:34:10:de:4b:ba:0f:83:17:31:d0:cf:4c:12:59:04: 06:ef:fc:fc:be:53:5b:52:43:a0:58:3a:53:73:f2:f4:e9:d9: d1:a9:3f:e6:02:60:30:9a:fe:a1:04:39:10:d1:09:b1:43:08: 7a:4b:98:2c:fd:67:4c:08:ca:3c:e7:b9:27:90:a3:e3:3e:d9: c9:95:fb:07:7e:be:a1:b9:67:cd:c8:ed:86:d4:48:8a:d9:42: 7d:f0:bc:d8:25:2e:5c:20:ae:d7:23:ba:81:b2:3f:84:3f:62: 88:e8:c1:61:cf:d7:86:db:15:43:7a:e8:60:eb:b2:5c:58:c8: e2:fb:70:f3:7e:e4:41:57:af:e4:40:1d:a1:f5:ad:86:5c:8f: c7:ab:87:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICILQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNFQjExMTAvBgNVBAUTKDQyNjdDRjVEMDMwMDRBOEZFRkRGMjEzOTVEMEZFODI0 NTQ4QjEzQzEwHhcNMjUwODIwMTYwMDUxWhcNMjUwODI3MTYwMDUxWjAYMRYwFAYD VQQDEw02OGE1ZjEzMy00MzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA08vW/n6NDJSniNQakuhGz8Qk2XWTiFdZ9KreDV+z5oAxvPq7cL9+6O0WluUD u8nvF58gcMa7f3K2A2vFBMcmtYjHdy8UQlE7i1Wa2x0r+rAZVIf2vms7gfqOzVna 8MuFfa0lv5yG2amHyLUbQwxxp2PQOi1n8euNCvynQovXzRyBE6FahwaBCQa2eKLZ Rnbzjjwp6zXiMJFoSaoYrFGJCuUocZLDarRW0uQghyt4NOrWooTfnkN5FHnsWP5U TkqQo9K908bWl02pnRHB6000uxcsdxAG7pOucTi1yfD4rz3Kitj92f4eTZHxQo5t pMWbartT+Ztf42aaxcByaIlkRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAp2txGM bjcQVE1VsrAZV0+6nkHOMB8GA1UdIwQYMBaAFEJnz10DAEqP798hOV0P6CRUixPB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0VCMS9FRkI4NzVDODA4 QzkxMUU2OEM3Nzg4NzhDNEY5QUUwMi9RbWZQWFFNQVNvX3YzeUU1WFFfb0pGU0xF OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FtZlBYUU1BU29fdjN5RTVYUV9vSkZTTEU4RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0VCMS9FRkI4NzVDODA4QzkxMUU2OEM3Nzg4NzhDNEY5QUUwMi9RbWZQWFFNQVNv X3YzeUU1WFFfb0pGU0xFOEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfn29q7RmvrwqV8+F/T0P0ZxNI9RV9gFkiKSH/hf4h8CB6GHAGXeAb WgPv3fM+j5Xr385MIq3KlPK/iBrAgoJFWitZEB0uU9yCUOrWS1BSMsjU+fUzyU/G MBWHtkcB5R11sMYajt6He9i+q4WBbnI0EN5Lug+DFzHQz0wSWQQG7/z8vlNbUkOg WDpTc/L06dnRqT/mAmAwmv6hBDkQ0QmxQwh6S5gs/WdMCMo857knkKPjPtnJlfsH fr6huWfNyO2G1EiK2UJ98LzYJS5cIK7XI7qBsj+EP2KI6MFhz9eG2xVDeuhg67Jc WMji+3DzfuRBV6/kQB2h9a2GXI/Hq4e7 -----END CERTIFICATE-----Generated at Fri Aug 22 16:25:12 2025 by rpki-client