$ rpki-client -vvf rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft File: BXtTd0A4JnigePW_KExyZ5S50TQ.mft (raw, json) Hash identifier: eKo3OESAAJvVzJbE7e7sh04z4opql13RW7SjkLnATB8= Subject key identifier: AE:D1:1C:F3:84:DA:07:6A:42:54:97:8F:4F:82:F3:06:97:2A:FA:FA Authority key identifier: 05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 Certificate issuer: /CN=A91992FA/serialNumber=057B537740382678A078F5BF284C726794B9D134 Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft Manifest number: 59 Signing time: Sat 09 Aug 2025 07:39:52 +0000 Manifest this update: Sat 09 Aug 2025 07:39:51 +0000 Manifest next update: Sat 16 Aug 2025 07:39:51 +0000 Files and hashes: 1: BXtTd0A4JnigePW_KExyZ5S50TQ.crl (hash: aO7Dqq+nefrVp+gAWaYBlxg37968dRpjazQeadfmT8M=) 2: 44A28FACEFEC11EF80EC123DC4F9AE02.roa (hash: kIHtM5yk/7E77z9qFDfBUJpQm2RMukSPxAc1zKCnuxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91992FA, serialNumber=057B537740382678A078F5BF284C726794B9D134 Validity Not Before: Aug 9 07:39:51 2025 GMT Not After : Aug 16 07:39:51 2025 GMT Subject: CN=6896fb48-b0ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c1:4a:a5:78:50:60:10:c8:92:5e:f9:70:03: 6f:55:a1:fb:ad:d2:04:ab:6a:50:0a:a3:5e:49:b8: f7:0a:5b:13:ec:61:52:89:50:71:3c:c4:7e:a2:ff: d7:2f:39:01:5d:0d:2b:5d:06:b9:83:49:b2:74:be: 38:51:fc:55:67:95:69:2b:53:88:de:a3:37:7a:95: 14:57:c8:13:d7:15:d4:43:4f:70:67:7f:ce:a6:3a: 47:02:64:07:ee:e3:3b:56:99:b0:ea:80:4d:5a:2c: ff:0a:ce:1b:cc:58:c7:4a:80:9a:49:54:4b:9e:2d: e1:53:5a:2e:67:3e:b4:10:f5:7d:b6:fa:e8:3e:b2: 65:09:85:b0:b8:d2:32:ad:25:71:84:2c:fd:64:c4: 00:61:72:75:57:b1:e6:f4:52:20:c7:7e:19:aa:7f: b9:dd:8a:70:22:d6:45:71:10:b7:ba:1c:15:0c:5c: fa:ad:cc:1a:d5:48:73:52:ff:c2:42:0b:8a:04:22: 7d:11:ea:42:0c:99:01:6c:9d:89:d8:42:b5:d5:da: e1:78:0f:0f:60:fc:16:c6:f9:8b:50:f5:74:a6:ab: eb:86:2e:a4:41:83:64:2d:78:30:c0:bf:1e:59:44: 72:c7:27:87:af:52:c3:de:d0:ff:c5:bc:f1:ef:47: cf:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:D1:1C:F3:84:DA:07:6A:42:54:97:8F:4F:82:F3:06:97:2A:FA:FA X509v3 Authority Key Identifier: keyid:05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:5a:5b:26:56:35:67:2f:0a:5c:ae:c0:d4:74:56:6a:f3:84: f8:93:26:3e:3b:82:08:b5:70:64:a5:37:63:f0:f4:b2:0b:0a: 68:ee:10:cc:8c:8f:7a:14:83:3d:d3:46:21:4a:70:34:c2:c8: fb:9c:e0:86:fb:66:09:87:84:08:34:cf:41:1c:16:8d:7d:0e: 9c:25:b0:87:30:35:ef:ea:fb:f0:f6:bc:3d:12:88:2a:b1:6f: fe:64:a8:3f:43:8e:f0:60:80:cf:55:0b:d3:e7:dd:87:94:da: 81:4b:6f:bf:97:20:3e:73:23:4a:71:a2:1a:cb:17:e4:07:65: c8:2a:ca:9a:97:fd:28:10:cd:d3:c4:9a:79:52:9f:3c:af:42: 37:b2:a8:0e:08:e3:e7:c3:54:e8:e8:a3:18:56:79:69:34:66: f9:3e:0e:b1:59:0f:16:4c:d9:d1:db:90:53:ed:19:b8:e7:74: 2e:c6:d2:33:fb:99:c1:2f:9b:b9:1f:15:61:09:c5:48:4e:0d: bf:6c:86:0c:31:0d:b6:a8:30:f1:57:c1:75:a1:d8:b4:d1:e6: 5b:d8:71:8a:1e:15:c4:eb:fe:b6:16:07:0b:06:ff:4e:57:96: b8:05:de:b7:11:77:62:9e:e9:25:0a:9f:ff:ab:81:ac:ae:2e: 95:b8:b1:c2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 OTJGQTExMC8GA1UEBRMoMDU3QjUzNzc0MDM4MjY3OEEwNzhGNUJGMjg0QzcyNjc5 NEI5RDEzNDAeFw0yNTA4MDkwNzM5NTFaFw0yNTA4MTYwNzM5NTFaMBgxFjAUBgNV BAMTDTY4OTZmYjQ4LWIwYWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTwUqleFBgEMiSXvlwA29Vofut0gSralAKo15JuPcKWxPsYVKJUHE8xH6i/9cv OQFdDStdBrmDSbJ0vjhR/FVnlWkrU4jeozd6lRRXyBPXFdRDT3Bnf86mOkcCZAfu 4ztWmbDqgE1aLP8KzhvMWMdKgJpJVEueLeFTWi5nPrQQ9X22+ug+smUJhbC40jKt JXGELP1kxABhcnVXseb0UiDHfhmqf7ndinAi1kVxELe6HBUMXPqtzBrVSHNS/8JC C4oEIn0R6kIMmQFsnYnYQrXV2uF4Dw9g/BbG+YtQ9XSmq+uGLqRBg2QteDDAvx5Z RHLHJ4evUsPe0P/FvPHvR8/3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrtEc84Ta B2pCVJePT4LzBpcq+vowHwYDVR0jBBgwFoAUBXtTd0A4JnigePW/KExyZ5S50TQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5MkZBL0ZBNDZFMEQyRUUw MzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5pZ2VQV19LRXh5WjVTNTBU US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQlh0VGQwQTRKbmlnZVBXX0tFeHlaNVM1MFRRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5 MkZBL0ZBNDZFMEQyRUUwMzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5p Z2VQV19LRXh5WjVTNTBUUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD9aWyZWNWcvClyuwNR0VmrzhPiTJj47ggi1cGSlN2Pw9LILCmjuEMyM j3oUgz3TRiFKcDTCyPuc4Ib7ZgmHhAg0z0EcFo19DpwlsIcwNe/q+/D2vD0SiCqx b/5kqD9DjvBggM9VC9Pn3YeU2oFLb7+XID5zI0pxohrLF+QHZcgqypqX/SgQzdPE mnlSnzyvQjeyqA4I4+fDVOjooxhWeWk0Zvk+DrFZDxZM2dHbkFPtGbjndC7G0jP7 mcEvm7kfFWEJxUhODb9shgwxDbaoMPFXwXWh2LTR5lvYcYoeFcTr/rYWBwsG/05X lrgF3rcRd2Ke6SUKn/+rgayuLpW4scI= -----END CERTIFICATE-----Generated at Mon Aug 11 07:42:53 2025 by rpki-client