$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.mft File: K5XY2CKKiRR9gBk9l3DrUK7du2s.mft (raw, json) Hash identifier: 4JZPzeLhkL+D3MN0ClnIptL5fLvixPkvSUdz+NcGr8g= Subject key identifier: F3:47:15:1F:AB:B8:1B:66:9F:3E:07:C1:39:23:A2:3E:AA:3E:22:F5 Authority key identifier: 2B:95:D8:D8:22:8A:89:14:7D:80:19:3D:97:70:EB:50:AE:DD:BB:6B Certificate issuer: /CN=A91FF5A9/serialNumber=2B95D8D8228A89147D80193D9770EB50AEDDBB6B Certificate serial: 16F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.mft Manifest number: 16DA Signing time: Sat 06 Sep 2025 16:43:14 +0000 Manifest this update: Sat 06 Sep 2025 16:43:13 +0000 Manifest next update: Sat 13 Sep 2025 16:43:13 +0000 Files and hashes: 1: K5XY2CKKiRR9gBk9l3DrUK7du2s.crl (hash: OG8kzAgomQ0PfE6S9ptNYawyyxep59so1wiH8sz+FKk=) 2: 07D665E0862711EBAC147872C4F9AE02.roa (hash: h1jWRhCaXCGscugt7m7NPkJTh1NUHltfWypGJXiPwZw=) 3: F9E21144D90F11EDB2DBEA49C4F9AE02.roa (hash: fP45NGSHNvdQShMBiD1rePe2Esz9p+VlDQo2vfi2cz0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.crl rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 16:43:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5875 (0x16f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5A9, serialNumber=2B95D8D8228A89147D80193D9770EB50AEDDBB6B Validity Not Before: Sep 6 16:43:13 2025 GMT Not After : Sep 13 16:43:13 2025 GMT Subject: CN=68bc64a1-246c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:63:65:9b:14:41:bc:0d:1d:ef:e0:17:ed:ab: fa:d3:8d:5f:aa:0b:bc:8e:03:30:33:b6:27:cc:1b: df:08:26:0c:52:fc:d5:b2:be:54:f2:a5:58:e6:c3: 4f:fc:9a:56:e8:c1:6c:13:af:b6:fa:5d:ce:6d:45: 7f:ed:e7:eb:ff:9c:a6:84:0b:db:da:89:18:47:d0: 0f:34:77:b5:72:36:9d:81:d5:2b:3e:68:52:1d:ec: b8:03:0a:68:9c:7d:78:06:d6:e2:d0:92:0c:93:97: bd:cd:a6:22:c2:c4:17:87:56:27:93:2d:82:34:49: 88:ab:cd:54:a7:6a:79:d9:a3:0f:e1:b6:f8:f7:6b: 2d:92:61:3f:b4:01:84:97:54:ca:26:da:26:fc:7e: 4c:e6:1d:72:d4:0d:5e:21:ad:78:23:97:f2:81:d5: 0f:55:f8:4f:2b:ea:29:6b:b7:1b:93:f3:fb:d5:dd: dc:dc:20:2c:ad:f3:11:55:4a:97:ee:63:98:9f:1a: 94:50:ea:b1:c4:18:3e:e1:17:73:be:ab:4a:a3:76: a6:75:06:03:39:5b:e6:23:d5:5c:7c:a9:a0:9f:36: fb:21:35:8d:86:cc:6f:2d:d1:ae:8b:aa:1f:09:22: c0:82:c1:99:79:06:ba:65:a0:fc:10:c2:d6:77:0b: 16:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:47:15:1F:AB:B8:1B:66:9F:3E:07:C1:39:23:A2:3E:AA:3E:22:F5 X509v3 Authority Key Identifier: keyid:2B:95:D8:D8:22:8A:89:14:7D:80:19:3D:97:70:EB:50:AE:DD:BB:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:8f:6c:08:35:21:da:3c:05:b4:3f:d0:f9:23:7c:f3:dc:b0: 47:74:ba:c8:e1:18:f5:dc:49:cf:93:e8:e2:bb:11:2f:0d:41: 3f:04:d9:ae:a5:9d:53:83:8a:ab:96:09:af:9f:6f:51:2a:63: 62:39:b6:98:10:75:8c:b6:be:60:8e:a8:bd:4c:b1:74:ea:8a: 0b:6b:04:62:70:1d:eb:80:2b:d7:83:68:18:8e:1c:40:e8:2e: ef:f4:70:d0:21:a0:a8:1e:ab:a2:53:85:31:f1:54:dd:13:6f: 03:99:7c:79:6b:05:67:64:ab:c2:44:87:a2:90:a7:b8:3d:00: 23:5e:6e:27:26:e1:a6:6c:c3:c8:3d:1e:00:57:60:46:85:3d: 19:98:7b:77:53:4e:5e:61:f5:fe:69:fe:e8:f7:33:bf:f5:5b: 04:50:79:ee:4e:9a:22:f6:1e:1c:01:a9:83:f5:45:d3:a9:b1: 90:e3:aa:b3:54:64:a1:a7:1b:5b:30:64:81:05:3e:29:e6:be: 60:1c:c6:42:50:98:7b:9f:3d:72:da:de:55:d3:3c:68:03:e1: c0:2f:e7:f9:22:bd:1e:36:7b:da:43:19:7c:00:36:a9:17:79: dc:b6:db:60:f2:b8:a7:6c:d0:8f:66:0e:af:e2:0e:f1:4f:3d: 88:98:bd:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY1QTkxMTAvBgNVBAUTKDJCOTVEOEQ4MjI4QTg5MTQ3RDgwMTkzRDk3NzBFQjUw QUVEREJCNkIwHhcNMjUwOTA2MTY0MzEzWhcNMjUwOTEzMTY0MzEzWjAYMRYwFAYD VQQDEw02OGJjNjRhMS0yNDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7WNlmxRBvA0d7+AX7av6041fqgu8jgMwM7YnzBvfCCYMUvzVsr5U8qVY5sNP /JpW6MFsE6+2+l3ObUV/7efr/5ymhAvb2okYR9APNHe1cjadgdUrPmhSHey4Awpo nH14Btbi0JIMk5e9zaYiwsQXh1Ynky2CNEmIq81Up2p52aMP4bb492stkmE/tAGE l1TKJtom/H5M5h1y1A1eIa14I5fygdUPVfhPK+opa7cbk/P71d3c3CAsrfMRVUqX 7mOYnxqUUOqxxBg+4RdzvqtKo3amdQYDOVvmI9VcfKmgnzb7ITWNhsxvLdGui6of CSLAgsGZeQa6ZaD8EMLWdwsW0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNHFR+r uBtmnz4HwTkjoj6qPiL1MB8GA1UdIwQYMBaAFCuV2NgiiokUfYAZPZdw61Cu3btr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVBOS8wMEI3MTUxQ0ZE MDgxMUU3QTQyOEZGMEZDNEY5QUUwMi9LNVhZMkNLS2lSUjlnQms5bDNEclVLN2R1 MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s1WFkyQ0tLaVJSOWdCazlsM0RyVUs3ZHUycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjVBOS8wMEI3MTUxQ0ZEMDgxMUU3QTQyOEZGMEZDNEY5QUUwMi9LNVhZMkNLS2lS UjlnQms5bDNEclVLN2R1MnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJj2wINSHaPAW0P9D5I3zz3LBHdLrI4Rj13EnPk+jiuxEvDUE/BNmu pZ1Tg4qrlgmvn29RKmNiObaYEHWMtr5gjqi9TLF06ooLawRicB3rgCvXg2gYjhxA 6C7v9HDQIaCoHquiU4Ux8VTdE28DmXx5awVnZKvCRIeikKe4PQAjXm4nJuGmbMPI PR4AV2BGhT0ZmHt3U05eYfX+af7o9zO/9VsEUHnuTpoi9h4cAamD9UXTqbGQ46qz VGShpxtbMGSBBT4p5r5gHMZCUJh7nz1y2t5V0zxoA+HAL+f5Ir0eNnvaQxl8ADap F3nctttg8rinbNCPZg6v4g7xTz2ImL2Y -----END CERTIFICATE-----Generated at Sun Sep 7 15:23:02 2025 by rpki-client