$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: kv9AgWk7g0MljL/FJQdjyEFYeFCCyMCZGFvdZEBuV48= Subject key identifier: 4B:38:CC:BB:57:4A:7A:45:82:27:88:8B:57:56:5A:18:6A:DC:DD:F0 Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 11 Signing time: Thu 07 Aug 2025 08:43:12 +0000 Manifest this update: Thu 07 Aug 2025 08:43:11 +0000 Manifest next update: Thu 14 Aug 2025 08:43:11 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: MZQcl8vJypt549/KE/H9OSUz7mGMGOJxXNnr8yzSEnE=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Aug 7 08:43:11 2025 GMT Not After : Aug 14 08:43:11 2025 GMT Subject: CN=68946720-f129 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:55:cc:52:30:50:67:ec:9d:2b:0e:ee:68:9b: 9b:0f:39:96:aa:f8:b1:1a:1c:c1:93:94:bd:fb:35: 10:c1:de:c6:7a:12:3b:fa:03:6b:97:26:b0:29:d5: 29:5f:85:01:3d:88:45:72:8f:f6:7e:f6:72:51:19: af:cf:9c:0a:cb:1b:74:d9:28:52:66:3b:ce:d8:0d: 99:cb:ef:ba:40:05:d4:5b:13:f3:8f:ff:d2:07:6c: be:9d:fe:18:ca:9f:77:1e:7d:21:28:4e:f9:da:97: d8:13:72:ec:b1:fb:79:99:c8:bd:65:cd:1c:55:1b: 63:7f:12:54:c2:0b:b2:0e:f0:65:dd:e2:8d:9e:3b: cd:2b:7b:44:5c:59:aa:38:a6:cb:38:6e:5b:a5:12: f2:d9:c4:24:55:5e:c8:c1:8d:5f:51:1f:8b:15:b1: 39:42:2b:6e:dd:cd:d7:37:66:55:ae:50:80:30:81: 06:1d:c8:be:d3:5b:da:2b:80:a6:17:86:27:a9:07: e3:a3:c4:10:cc:4d:00:4f:2b:58:50:43:b6:36:ad: 82:c2:06:62:f0:0a:2b:a2:76:5d:21:7e:bb:e1:f3: 7c:66:ec:65:8a:ae:f8:18:4c:34:e2:5e:7f:7f:8e: 83:b2:5b:b8:7e:fc:9d:bd:38:11:55:29:5c:37:7d: 5a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:38:CC:BB:57:4A:7A:45:82:27:88:8B:57:56:5A:18:6A:DC:DD:F0 X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:10:13:46:bb:3a:ec:e4:7e:b3:9b:12:c5:36:4b:51:d6:f9: 0e:28:00:41:2a:21:ef:7a:c1:77:44:5f:6a:4e:a5:8a:1c:2d: 14:15:44:d2:ac:7f:b7:48:ce:a4:6e:c2:43:4d:17:4e:8d:f8: f3:53:fb:63:5d:f7:08:d1:81:e6:89:90:b9:b7:53:3a:0e:be: 64:2b:bb:07:d0:44:e8:19:f3:7e:42:fe:b5:d3:2b:5f:b8:92: 93:00:4c:90:87:91:4f:89:d0:8a:43:67:12:2f:8e:57:6c:64: aa:a1:76:16:a0:13:ab:61:ba:34:92:3e:ef:13:1d:00:59:03: 3e:26:36:fb:53:25:4d:f0:da:bf:ff:29:3e:89:36:8e:59:50: b3:b5:1e:fe:ba:93:96:74:43:4a:6d:26:eb:5e:e1:dc:5c:89: 22:4a:bb:54:0e:70:8d:6c:67:6e:33:16:5e:db:24:cd:35:b8: 95:95:9c:94:a1:43:7f:9a:f4:9b:f3:5a:29:33:f0:d5:b2:20: 37:3a:41:24:34:93:42:c7:19:18:98:f6:e6:9a:8c:90:1b:ed: 50:3d:b1:b7:be:45:d8:8d:df:d4:65:72:01:65:6e:00:77:c5: d2:4a:63:a6:f6:34:99:bc:fe:9b:fd:f0:b1:54:dd:51:c6:a7: 4d:ba:bc:98 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTA4MDcwODQzMTFaFw0yNTA4MTQwODQzMTFaMBgxFjAUBgNV BAMTDTY4OTQ2NzIwLWYxMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDaVcxSMFBn7J0rDu5om5sPOZaq+LEaHMGTlL37NRDB3sZ6Ejv6A2uXJrAp1Slf hQE9iEVyj/Z+9nJRGa/PnArLG3TZKFJmO87YDZnL77pABdRbE/OP/9IHbL6d/hjK n3cefSEoTvnal9gTcuyx+3mZyL1lzRxVG2N/ElTCC7IO8GXd4o2eO80re0RcWao4 pss4blulEvLZxCRVXsjBjV9RH4sVsTlCK27dzdc3ZlWuUIAwgQYdyL7TW9orgKYX hiepB+OjxBDMTQBPK1hQQ7Y2rYLCBmLwCiuidl0hfrvh83xm7GWKrvgYTDTiXn9/ joOyW7h+/J29OBFVKVw3fVpPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSzjMu1dK ekWCJ4iLV1ZaGGrc3fAwHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy NURGL0U2MTI0MDgyNUVENTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5 MnBWTHdhQWtUTU1XMTlUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABkQE0a7OuzkfrObEsU2S1HW+Q4oAEEqIe96wXdEX2pOpYocLRQVRNKs f7dIzqRuwkNNF06N+PNT+2Nd9wjRgeaJkLm3UzoOvmQruwfQROgZ835C/rXTK1+4 kpMATJCHkU+J0IpDZxIvjldsZKqhdhagE6thujSSPu8THQBZAz4mNvtTJU3w2r// KT6JNo5ZULO1Hv66k5Z0Q0ptJute4dxciSJKu1QOcI1sZ24zFl7bJM01uJWVnJSh Q3+a9JvzWikz8NWyIDc6QSQ0k0LHGRiY9uaajJAb7VA9sbe+RdiN39RlcgFlbgB3 xdJKY6b2NJm8/pv98LFU3VHGp026vJg= -----END CERTIFICATE-----Generated at Thu Aug 7 17:40:04 2025 by rpki-client