$ rpki-client -vvf rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft File: Sn0mxMvxZwAkXWf79pULcSkYmTk.mft (raw, json) Hash identifier: aMlRBBtaHjmC/PdSlKUP7kYJ/bCDKzb3fkE317k4EG4= Subject key identifier: 66:60:8D:4F:75:A3:49:95:92:E3:6E:54:8F:11:4C:9D:3E:D6:2F:4A Authority key identifier: 4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39 Certificate issuer: /CN=A91839CF/serialNumber=4A7D26C4CBF16700245D67FBF6950B7129189939 Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft Manifest number: 85 Signing time: Tue 05 Aug 2025 07:13:28 +0000 Manifest this update: Tue 05 Aug 2025 07:13:27 +0000 Manifest next update: Tue 12 Aug 2025 07:13:27 +0000 Files and hashes: 1: Sn0mxMvxZwAkXWf79pULcSkYmTk.crl (hash: fGdXwt/8gdSX3/b3OQIGmb2SbjbmmoJqc0RIRij69BA=) 2: 305EB30EA98D11EF8C023466C4F9AE02.roa (hash: mTvWjDqRpjoE4gToiz3x8YclXADkkIN+m00HGh0rTzw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.crl rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 07:13:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91839CF, serialNumber=4A7D26C4CBF16700245D67FBF6950B7129189939 Validity Not Before: Aug 5 07:13:27 2025 GMT Not After : Aug 12 07:13:27 2025 GMT Subject: CN=6891af17-abe7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:59:bb:2d:d5:d0:fd:5d:5d:8d:22:81:d3:38: d6:6c:c9:6c:e1:f4:29:e8:32:8f:43:9c:25:8c:13: 93:8c:4d:ca:d9:ec:2a:1e:ce:bb:fb:f9:14:f3:4d: 4c:75:01:e6:91:54:0e:1c:bf:be:cc:c3:25:32:9c: c9:9e:d3:e1:0b:a9:3d:c8:1e:80:70:61:42:ac:51: 2e:e3:8c:9d:8b:80:c7:95:0f:3a:b2:86:ae:14:b0: a7:99:9f:5f:a8:35:2e:52:2e:ee:45:b0:e0:01:ce: 6f:94:c0:5f:dd:99:47:37:7b:fd:25:c1:20:70:c2: 36:43:eb:a1:89:82:20:38:ea:cf:30:3f:45:64:1b: dc:51:a8:56:e7:54:30:d5:1b:bc:cd:89:7c:34:64: ad:60:0e:85:5d:49:71:79:3e:92:a2:cc:3d:93:5d: 31:46:7f:6a:45:9d:b0:96:6c:ef:51:c9:9e:13:2c: 73:92:23:9e:89:30:47:40:96:54:cb:8e:72:e9:49: c2:60:83:6e:4f:48:80:b2:5f:9b:61:ae:39:33:bf: c3:c2:b8:c0:e8:99:15:8b:a8:51:7b:fe:89:60:be: ff:4e:d9:9c:8c:0b:58:ca:31:94:f7:e6:bf:dc:27: 53:cb:40:2d:4a:71:ee:b3:0f:c4:6a:6e:f1:c3:d2: d4:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:60:8D:4F:75:A3:49:95:92:E3:6E:54:8F:11:4C:9D:3E:D6:2F:4A X509v3 Authority Key Identifier: keyid:4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:49:58:2e:f7:85:88:78:8a:61:5d:ad:15:c6:a8:70:17:84: 57:33:62:9b:bf:a9:d7:68:d6:db:17:6c:de:10:a6:e2:b8:5f: 80:40:98:6b:e6:28:fc:61:0b:77:f4:81:c9:79:0e:92:5f:5b: b5:be:93:00:89:a5:12:85:b7:64:3b:7e:43:68:d8:aa:60:2d: 68:ce:10:2d:a7:33:92:59:84:0b:f7:5e:2d:69:5d:21:20:f1: cf:d6:35:47:ff:07:f4:1d:74:c7:be:c5:f0:6e:dc:ba:dc:67: df:30:ea:9c:b3:2f:3d:87:cd:d4:c1:14:6f:92:3c:80:ff:4c: 9a:62:c9:af:6b:9e:29:6a:61:a1:dc:d1:5b:59:0d:60:8f:08: f3:dc:4a:48:fa:de:48:45:b7:cb:b7:da:64:33:b2:60:94:33: d7:02:b8:c3:9e:4c:1d:9f:bd:4f:e3:dc:28:7a:1e:55:d4:ea: 02:18:b0:a2:3c:3e:ad:84:74:d8:96:81:c9:7a:ee:24:dd:86: a9:8a:e0:1d:96:ba:42:75:09:7f:d9:d6:b6:0d:96:c7:c8:98: e9:1b:16:0a:1c:15:0b:25:b9:2e:a7:98:b0:6e:f9:97:5b:75: 93:3e:cf:72:96:db:f3:4b:1c:f7:27:c5:a3:f0:46:84:96:b2: 42:81:cf:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM5Q0YxMTAvBgNVBAUTKDRBN0QyNkM0Q0JGMTY3MDAyNDVENjdGQkY2OTUwQjcx MjkxODk5MzkwHhcNMjUwODA1MDcxMzI3WhcNMjUwODEyMDcxMzI3WjAYMRYwFAYD VQQDEw02ODkxYWYxNy1hYmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyFm7LdXQ/V1djSKB0zjWbMls4fQp6DKPQ5wljBOTjE3K2ewqHs67+/kU801M dQHmkVQOHL++zMMlMpzJntPhC6k9yB6AcGFCrFEu44ydi4DHlQ86soauFLCnmZ9f qDUuUi7uRbDgAc5vlMBf3ZlHN3v9JcEgcMI2Q+uhiYIgOOrPMD9FZBvcUahW51Qw 1Ru8zYl8NGStYA6FXUlxeT6Sosw9k10xRn9qRZ2wlmzvUcmeEyxzkiOeiTBHQJZU y45y6UnCYINuT0iAsl+bYa45M7/DwrjA6JkVi6hRe/6JYL7/TtmcjAtYyjGU9+a/ 3CdTy0AtSnHusw/Eam7xw9LULQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGZgjU91 o0mVkuNuVI8RTJ0+1i9KMB8GA1UdIwQYMBaAFEp9JsTL8WcAJF1n+/aVC3EpGJk5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzlDRi80REYyQkU1MkE5 OEMxMUVGQkEwNjg4NjRDNEY5QUUwMi9TbjBteE12eFp3QWtYV2Y3OXBVTGNTa1lt VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NuMG14TXZ4WndBa1hXZjc5cFVMY1NrWW1Uay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MzlDRi80REYyQkU1MkE5OEMxMUVGQkEwNjg4NjRDNEY5QUUwMi9TbjBteE12eFp3 QWtYV2Y3OXBVTGNTa1ltVGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCISVgu94WIeIphXa0VxqhwF4RXM2Kbv6nXaNbbF2zeEKbiuF+AQJhr 5ij8YQt39IHJeQ6SX1u1vpMAiaUShbdkO35DaNiqYC1ozhAtpzOSWYQL914taV0h IPHP1jVH/wf0HXTHvsXwbty63GffMOqcsy89h83UwRRvkjyA/0yaYsmva54pamGh 3NFbWQ1gjwjz3EpI+t5IRbfLt9pkM7JglDPXArjDnkwdn71P49woeh5V1OoCGLCi PD6thHTYloHJeu4k3YapiuAdlrpCdQl/2da2DZbHyJjpGxYKHBULJbkup5iwbvmX W3WTPs9yltvzSxz3J8Wj8EaElrJCgc93 -----END CERTIFICATE-----Generated at Wed Aug 6 14:17:31 2025 by rpki-client