$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft File: htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft (raw, json) Hash identifier: FQm77NC2FYm0ewJtW0PvJ5a8VPZC9lVWOK2hZ+Qo6XI= Subject key identifier: 91:8D:B0:1F:7C:AF:54:0D:90:C4:06:B0:36:6F:84:86:88:C7:C9:54 Authority key identifier: 86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D Certificate issuer: /CN=A91A99C5/serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft Manifest number: 11 Signing time: Sat 09 Aug 2025 08:33:31 +0000 Manifest this update: Sat 09 Aug 2025 08:33:31 +0000 Manifest next update: Sat 16 Aug 2025 08:33:31 +0000 Files and hashes: 1: htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl (hash: zBIkn1DCJCabf3e4VUKtmnWLvRvLW3I+PX+XPXpReS0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A99C5, serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Validity Not Before: Aug 9 08:33:31 2025 GMT Not After : Aug 16 08:33:31 2025 GMT Subject: CN=689707db-6da4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:06:e0:ed:14:e6:4c:33:87:11:3a:03:56:ff: 7a:b8:f3:77:8e:76:80:44:47:6b:11:5d:fd:b9:b9: be:ac:05:24:69:c1:6e:4e:3a:65:6a:9d:aa:42:12: e0:78:41:e1:4f:3a:92:96:88:d9:fe:8e:5d:86:ee: 1d:f7:64:1e:3d:47:00:8a:3b:9a:fe:b7:89:ab:2f: ef:be:01:a1:ea:59:83:e7:15:71:86:4d:73:99:2a: 74:57:7a:60:84:9e:90:c6:fa:d7:f2:9a:2c:df:b8: c0:ba:f3:5e:22:a6:e8:f4:50:c8:a2:57:b2:35:28: a1:2d:a0:4e:2d:86:a1:6b:3c:f5:df:7b:a6:07:2f: 33:3d:70:96:0c:dc:8f:fd:d0:41:19:30:f2:2a:ee: 6c:57:17:79:70:67:26:7b:1b:57:cc:bf:81:85:2c: f4:8d:82:4c:6a:56:bb:89:4a:4b:e2:40:d2:b6:63: bb:df:5a:d7:63:74:f2:3a:ca:cd:96:87:65:08:71: e5:57:6e:7f:c3:24:4f:ff:f4:ac:72:ce:c4:70:43: 96:1d:c1:2d:2e:69:2e:c2:e2:07:d0:ea:70:a6:90: 71:c0:5b:8e:bf:d2:05:b6:b1:cc:35:00:a6:c3:0e: 4d:46:b3:b3:73:08:54:3c:43:39:28:0c:1d:68:53: 2a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8D:B0:1F:7C:AF:54:0D:90:C4:06:B0:36:6F:84:86:88:C7:C9:54 X509v3 Authority Key Identifier: keyid:86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:58:9a:c2:43:a1:df:87:45:52:0b:c1:67:3d:48:b7:c7:79: 47:3f:2a:91:81:90:97:b6:2e:f3:da:0b:52:5b:5a:d3:58:4e: 1e:df:a3:63:66:3d:1f:d7:1f:49:69:df:e0:b0:28:28:3f:37: 40:34:46:55:52:30:5f:9a:01:8d:69:46:67:0a:3c:05:29:48: 47:95:49:c4:c0:d8:ed:b5:17:83:16:85:aa:c4:23:82:fc:47: f2:7f:39:f1:11:e1:f1:67:a5:2d:5e:3b:a3:e2:b3:49:91:84: 76:d6:c7:b9:d5:36:d6:bf:ee:91:31:4b:90:50:b8:0a:8b:c4: 58:0d:61:fa:42:3e:71:ff:7d:bc:c2:c8:2f:e4:3d:09:16:08: 4b:2b:8f:3b:e6:a7:d9:0f:33:2a:d5:86:92:bc:d4:c9:e7:6d: ee:0f:ea:3a:9b:9a:6a:8f:5c:f5:c5:07:8e:0b:44:70:3b:e1: 2e:54:c5:1b:d0:85:35:0b:d6:3e:6c:6b:45:ee:64:24:da:e4: de:c4:8c:6f:ed:01:5d:7b:17:11:f6:93:02:fa:df:9d:8f:57: 3a:e4:b3:d1:41:e2:71:82:4f:dd:68:81:4c:f6:2c:23:a6:23: 07:4e:f0:51:9b:af:29:ea:cf:f0:54:36:21:21:84:c6:1d:5d: d3:b5:a4:69 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTlDNTExMC8GA1UEBRMoODZEOTVGNDFFRDE5ODFGQThEMEI1OTA4RDY0NDQ2NTEw RTZFQUM3RDAeFw0yNTA4MDkwODMzMzFaFw0yNTA4MTYwODMzMzFaMBgxFjAUBgNV BAMTDTY4OTcwN2RiLTZkYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoBuDtFOZMM4cROgNW/3q483eOdoBER2sRXf25ub6sBSRpwW5OOmVqnapCEuB4 QeFPOpKWiNn+jl2G7h33ZB49RwCKO5r+t4mrL+++AaHqWYPnFXGGTXOZKnRXemCE npDG+tfymizfuMC6814ipuj0UMiiV7I1KKEtoE4thqFrPPXfe6YHLzM9cJYM3I/9 0EEZMPIq7mxXF3lwZyZ7G1fMv4GFLPSNgkxqVruJSkviQNK2Y7vfWtdjdPI6ys2W h2UIceVXbn/DJE//9KxyzsRwQ5YdwS0uaS7C4gfQ6nCmkHHAW46/0gW2scw1AKbD Dk1Gs7NzCFQ8QzkoDB1oUyrDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkY2wH3yv VA2QxAawNm+EhojHyVQwHwYDVR0jBBgwFoAUhtlfQe0ZgfqNC1kI1kRGUQ5urH0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUM1LzA2MDNFNUJFNURC QzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2ZxTkMxa0kxa1JHVVE1dXJI MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaHRsZlFlMFpnZnFOQzFrSTFrUkdVUTV1ckgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 OUM1LzA2MDNFNUJFNURCQzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2Zx TkMxa0kxa1JHVVE1dXJIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIBYmsJDod+HRVILwWc9SLfHeUc/KpGBkJe2LvPaC1JbWtNYTh7fo2Nm PR/XH0lp3+CwKCg/N0A0RlVSMF+aAY1pRmcKPAUpSEeVScTA2O21F4MWharEI4L8 R/J/OfER4fFnpS1eO6Pis0mRhHbWx7nVNta/7pExS5BQuAqLxFgNYfpCPnH/fbzC yC/kPQkWCEsrjzvmp9kPMyrVhpK81Mnnbe4P6jqbmmqPXPXFB44LRHA74S5UxRvQ hTUL1j5sa0XuZCTa5N7EjG/tAV17FxH2kwL6352PVzrks9FB4nGCT91ogUz2LCOm IwdO8FGbrynqz/BUNiEhhMYdXdO1pGk= -----END CERTIFICATE-----Generated at Sun Aug 10 16:04:26 2025 by rpki-client