$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft File: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft (raw, json) Hash identifier: 2DUn8gBHp8KK0Dt6HT6HTjrWhhecWnRnSRMgr8B8OGs= Subject key identifier: F3:47:83:62:67:34:CC:9C:93:DC:68:08:1D:0D:39:45:B7:05:6B:F1 Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Certificate serial: 1E3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft Manifest number: 1E2C Signing time: Sun 10 Aug 2025 16:02:56 +0000 Manifest this update: Sun 10 Aug 2025 16:02:56 +0000 Manifest next update: Sun 17 Aug 2025 16:02:56 +0000 Files and hashes: 1: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl (hash: PXJjSkjqnDxscY/eSe9iTYA4HW4ht3VHeWylpphhyp8=) 2: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (hash: yY5rZMTsOpnGO6cAR5A6bi22J/lJ789z+ED1oN3orxw=) 3: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (hash: 36rBW03tvoWvEp5FFhkEkP0PegguzR76VTv8hEMsFNk=) 4: 1DBC9D405DB411EEA017251AC4F9AE02.roa (hash: 2w+ZZZiHGzET+UAGMpulJr633xByME/2FAJYerduoZE=) 5: 4CE75372B9DE11EEBC5B0D21C4F9AE02.roa (hash: yps3mcP7HEC1/XDzl5d78p6GLXVPbcsPt7pEv3x1HZA=) 6: 4999305414DF11EEAB46A86DC4F9AE02.roa (hash: Bl17bhrifD1PMrI4c5ur7v5yVCt37LP+FsjpzcQgt1k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7741 (0x1e3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B1A, serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Validity Not Before: Aug 10 16:02:56 2025 GMT Not After : Aug 17 16:02:56 2025 GMT Subject: CN=6898c2b0-bc37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:08:5f:dc:51:4d:34:11:47:3b:cd:ea:a1:c2: 55:18:50:11:3f:f2:9a:c3:3e:0a:d2:1b:3a:89:5d: 78:35:52:36:11:71:c5:66:f9:1f:49:7f:bc:6e:b6: b4:b9:a3:04:9a:4b:38:2c:49:7d:21:ee:12:31:26: 2e:9b:5c:13:bb:18:c9:66:78:38:7a:47:aa:46:79: 59:ca:08:09:93:cd:0b:39:a0:b9:90:2e:66:82:53: 82:a2:a2:e6:4c:fb:18:ef:2a:aa:ae:dd:4e:dd:00: 34:88:2a:a8:8e:24:1e:9b:b4:ec:83:cd:0e:6f:2d: 24:df:aa:19:ef:5a:75:b4:d2:b4:44:bf:95:78:05: 1d:1b:8f:b2:1c:34:66:82:a9:45:dc:bb:c8:27:0f: 8d:2f:99:b5:19:25:b6:62:ab:0a:e6:78:d6:79:21: 10:a7:71:f0:b4:f5:9c:51:0b:db:1e:80:6d:01:86: 3c:44:8f:e5:e1:e3:42:bb:62:90:59:8f:e6:7c:81: 6d:71:87:4a:8c:0d:55:de:09:6b:c5:b3:49:89:4c: cb:59:3b:c3:15:fc:17:97:a3:72:d7:92:4f:64:aa: b1:28:16:7d:ad:0a:92:04:22:c6:6b:97:e0:a5:1d: 51:16:2f:24:e2:e8:ab:89:ff:ca:08:ea:a1:a1:9f: b9:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:47:83:62:67:34:CC:9C:93:DC:68:08:1D:0D:39:45:B7:05:6B:F1 X509v3 Authority Key Identifier: keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:b3:94:f5:c2:d2:e4:e7:93:f2:86:14:ba:c9:de:91:1e:74: f7:c3:54:70:8e:66:2a:bb:46:6c:b1:52:4b:48:8e:1b:54:21: 1d:b6:12:97:30:80:89:b7:99:f9:dd:eb:d5:c9:00:c9:0e:ae: 6d:66:d9:85:43:ba:f3:23:b0:49:f3:52:70:16:39:89:15:50: bf:71:dc:01:06:f0:98:6f:95:07:f4:24:77:19:cb:ca:5a:d2: 30:6e:1d:91:65:74:82:d2:da:f3:a2:52:d6:1f:61:96:91:ae: ff:33:a7:c2:c4:7c:3c:39:3b:81:1c:9b:b0:f6:b1:d8:45:9e: ce:23:13:86:4b:af:e9:46:e2:3e:c6:b3:4b:89:7f:ea:48:b4: b8:c2:9c:5b:3d:f0:16:d5:3e:75:ff:9f:8f:c0:fe:bc:0f:4d: 52:22:9e:4b:3d:40:7d:e3:11:be:0f:16:35:4f:f4:c8:70:fb: 30:39:8c:a8:00:f2:ab:0a:b7:84:bc:60:e6:12:2f:3b:68:91: fb:df:db:2b:fc:91:cd:94:2d:8f:e7:24:bd:bc:08:2c:4e:d8: 38:36:9e:07:c2:02:e5:ae:a9:6e:d9:82:32:14:fd:f3:28:22: 2a:9b:77:d5:10:9a:f3:e0:9e:e4:1a:6c:ec:1e:4d:82:95:bb: 1b:83:35:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF RUFFQkYwRDQwHhcNMjUwODEwMTYwMjU2WhcNMjUwODE3MTYwMjU2WjAYMRYwFAYD VQQDEw02ODk4YzJiMC1iYzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzAhf3FFNNBFHO83qocJVGFARP/Kawz4K0hs6iV14NVI2EXHFZvkfSX+8bra0 uaMEmks4LEl9Ie4SMSYum1wTuxjJZng4ekeqRnlZyggJk80LOaC5kC5mglOCoqLm TPsY7yqqrt1O3QA0iCqojiQem7Tsg80Oby0k36oZ71p1tNK0RL+VeAUdG4+yHDRm gqlF3LvIJw+NL5m1GSW2YqsK5njWeSEQp3HwtPWcUQvbHoBtAYY8RI/l4eNCu2KQ WY/mfIFtcYdKjA1V3glrxbNJiUzLWTvDFfwXl6Ny15JPZKqxKBZ9rQqSBCLGa5fg pR1RFi8k4uirif/KCOqhoZ+5ZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNHg2Jn NMyck9xoCB0NOUW3BWvxMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5 RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4 TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NEIxQS81REQ0OEFCNjg5RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRa dkQ4WWdOWVExcTd1cnI4TlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARs5T1wtLk55PyhhS6yd6RHnT3w1RwjmYqu0ZssVJLSI4bVCEdthKX MICJt5n53evVyQDJDq5tZtmFQ7rzI7BJ81JwFjmJFVC/cdwBBvCYb5UH9CR3GcvK WtIwbh2RZXSC0trzolLWH2GWka7/M6fCxHw8OTuBHJuw9rHYRZ7OIxOGS6/pRuI+ xrNLiX/qSLS4wpxbPfAW1T51/5+PwP68D01SIp5LPUB94xG+DxY1T/TIcPswOYyo APKrCreEvGDmEi87aJH739sr/JHNlC2P5yS9vAgsTtg4Np4HwgLlrqlu2YIyFP3z KCIqm3fVEJrz4J7kGmzsHk2ClbsbgzVW -----END CERTIFICATE-----Generated at Mon Aug 11 13:02:56 2025 by rpki-client