$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft File: zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft (raw, json) Hash identifier: MufMSUj5n3VxluyCeEnGjxE3gZeJZXjJ+nd7bzHD01w= Subject key identifier: 9F:A2:8D:D4:AB:8B:0D:7E:25:84:9A:7A:39:41:D5:46:B2:E3:E8:0C Authority key identifier: CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71 Certificate issuer: /CN=A91AAE63/serialNumber=CC7C5F2780A80D3C666B2BF69153F20484BEEE71 Certificate serial: 01C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft Manifest number: 01BD Signing time: Thu 07 Aug 2025 03:29:02 +0000 Manifest this update: Thu 07 Aug 2025 03:29:01 +0000 Manifest next update: Thu 14 Aug 2025 03:29:01 +0000 Files and hashes: 1: zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl (hash: lmkpmg20iGeSjqgJW1+0pBDrjORQibS72mvZ5dCKT04=) 2: 5DCF3814CA0E11ED9251861DC4F9AE02.roa (hash: QPqR58JeNFPJi8H+5XnKJrf+9hDaJRDjHQAg1P1N4n8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 03:29:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 448 (0x1c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAE63, serialNumber=CC7C5F2780A80D3C666B2BF69153F20484BEEE71 Validity Not Before: Aug 7 03:29:01 2025 GMT Not After : Aug 14 03:29:01 2025 GMT Subject: CN=68941d7d-f971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7f:12:99:12:c7:67:84:d7:02:0e:28:f4:50: 58:d5:3b:df:35:d7:a9:88:77:4d:e7:04:b3:34:aa: 26:49:bf:a8:2e:47:5d:85:83:27:7b:3c:b7:ca:0c: f9:24:55:09:17:53:79:a7:a6:b8:80:57:f9:b7:e2: 40:5a:8f:2a:08:c0:a5:9b:06:d5:d7:27:83:f8:c0: 0f:4c:85:97:96:41:cb:a8:d5:87:60:34:7e:62:b4: 8f:b1:ba:9f:05:67:05:99:79:f4:b9:20:0f:75:a4: d0:6e:64:a1:41:b6:d2:a3:fe:34:6a:dc:79:3a:83: 2e:74:ee:05:f0:bd:6b:96:dd:63:e0:4e:3d:b2:57: d4:2f:9b:af:3a:89:63:53:12:a4:21:98:a2:e3:3a: 5d:6e:b9:e5:0d:14:06:5b:b4:29:a6:55:69:7e:62: 61:e1:1f:2e:c8:22:e4:eb:07:98:23:85:fc:d7:1c: 9d:ed:34:97:61:00:f5:c9:ae:1d:8f:b3:42:0d:f9: c1:2d:2a:88:e3:61:8c:18:1f:d1:41:75:81:01:c5: 88:ca:79:bd:b4:7f:08:06:6c:78:56:7e:1d:ba:49: bc:06:77:3d:20:b8:cf:60:e3:51:61:6c:f9:95:b7: 3e:e0:fe:2a:b1:8b:cf:be:15:8e:5f:df:56:ad:15: c4:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:A2:8D:D4:AB:8B:0D:7E:25:84:9A:7A:39:41:D5:46:B2:E3:E8:0C X509v3 Authority Key Identifier: keyid:CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:4b:5e:40:5f:10:36:a2:39:df:0a:1e:b9:5d:15:c9:25:37: a6:0c:07:e5:c4:a6:88:17:90:c2:d2:69:9b:ab:ab:d1:6d:8d: e0:f1:57:0e:3a:7f:24:1e:4d:6e:67:2b:b5:f9:6e:b6:81:85: 92:ae:04:b8:51:eb:fa:4a:6b:93:35:2e:7f:31:60:cf:4e:95: 34:65:bc:81:3c:1e:9b:3c:25:da:13:73:7e:97:9e:a6:4a:d3: b2:9a:e6:36:e1:02:b6:44:27:6a:bb:a4:65:23:77:35:b6:7a: 64:8c:1b:a9:fe:f4:42:55:bc:11:e9:7c:88:79:02:de:53:f5: c4:53:42:54:16:33:62:17:b2:cf:a3:4d:c9:f2:06:30:aa:06: 55:45:ec:77:74:a7:17:dd:ab:7f:41:24:ad:ef:8f:49:80:9c: 60:73:ad:ca:64:42:a3:2e:cc:7f:2d:77:cf:59:63:4b:88:ba: 91:e3:c2:e5:58:01:0e:11:72:6c:b6:4e:e4:84:a2:76:f0:53: a9:22:87:0e:74:83:5a:02:78:4f:b5:ab:0c:04:d2:b7:3c:8b: 96:88:60:58:e1:45:f7:c4:5e:78:48:f0:25:af:90:4a:b5:5c: 4f:0e:be:97:5d:08:74:72:29:15:4a:62:ed:45:fa:30:ad:52: 11:04:af:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFNjMxMTAvBgNVBAUTKENDN0M1RjI3ODBBODBEM0M2NjZCMkJGNjkxNTNGMjA0 ODRCRUVFNzEwHhcNMjUwODA3MDMyOTAxWhcNMjUwODE0MDMyOTAxWjAYMRYwFAYD VQQDEw02ODk0MWQ3ZC1mOTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz38SmRLHZ4TXAg4o9FBY1TvfNdepiHdN5wSzNKomSb+oLkddhYMnezy3ygz5 JFUJF1N5p6a4gFf5t+JAWo8qCMClmwbV1yeD+MAPTIWXlkHLqNWHYDR+YrSPsbqf BWcFmXn0uSAPdaTQbmShQbbSo/40atx5OoMudO4F8L1rlt1j4E49slfUL5uvOolj UxKkIZii4zpdbrnlDRQGW7QpplVpfmJh4R8uyCLk6weYI4X81xyd7TSXYQD1ya4d j7NCDfnBLSqI42GMGB/RQXWBAcWIynm9tH8IBmx4Vn4dukm8Bnc9ILjPYONRYWz5 lbc+4P4qsYvPvhWOX99WrRXEhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ+ijdSr iw1+JYSaejlB1Uay4+gMMB8GA1UdIwQYMBaAFMx8XyeAqA08Zmsr9pFT8gSEvu5x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUU2My81RTk2NjM5NENB MDkxMUVEODFCNkY2M0NDNEY5QUUwMi96SHhmSjRDb0RUeG1heXYya1ZQeUJJUy03 bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pIeGZKNENvRFR4bWF5djJrVlB5QklTLTduRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUU2My81RTk2NjM5NENBMDkxMUVEODFCNkY2M0NDNEY5QUUwMi96SHhmSjRDb0RU eG1heXYya1ZQeUJJUy03bkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiS15AXxA2ojnfCh65XRXJJTemDAflxKaIF5DC0mmbq6vRbY3g8VcO On8kHk1uZyu1+W62gYWSrgS4Uev6SmuTNS5/MWDPTpU0ZbyBPB6bPCXaE3N+l56m StOymuY24QK2RCdqu6RlI3c1tnpkjBup/vRCVbwR6XyIeQLeU/XEU0JUFjNiF7LP o03J8gYwqgZVRex3dKcX3at/QSSt749JgJxgc63KZEKjLsx/LXfPWWNLiLqR48Ll WAEOEXJstk7khKJ28FOpIocOdINaAnhPtasMBNK3PIuWiGBY4UX3xF54SPAlr5BK tVxPDr6XXQh0cikVSmLtRfowrVIRBK+5 -----END CERTIFICATE-----Generated at Thu Aug 7 14:37:53 2025 by rpki-client