$ rpki-client -vvf rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft File: b814Gaj5P69A0OOH8htG6E3p1ws.mft (raw, json) Hash identifier: r35xylk57eBduo4tbR0OxOykzLVVKAl6afT+51r1czE= Subject key identifier: 8E:FF:F1:DC:18:45:FB:D5:3E:65:74:70:E6:6A:ED:EF:C8:E9:E2:8F Authority key identifier: 6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B Certificate issuer: /CN=A91B02A2/serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Certificate serial: 014B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft Manifest number: 0149 Signing time: Tue 05 Aug 2025 04:42:13 +0000 Manifest this update: Tue 05 Aug 2025 04:42:12 +0000 Manifest next update: Tue 12 Aug 2025 04:42:12 +0000 Files and hashes: 1: b814Gaj5P69A0OOH8htG6E3p1ws.crl (hash: zZkgTa15NpQiZCsA+2sXG6XHdI2QeFbBBIwos421N5U=) 2: 5D98833C77EC11EEA06F373BC4F9AE02.roa (hash: PTNlCaFqxgAXX8dh1a7LSvNmOXF/4erL00o7/e/JlJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 04:42:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 331 (0x14b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B02A2, serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Validity Not Before: Aug 5 04:42:12 2025 GMT Not After : Aug 12 04:42:12 2025 GMT Subject: CN=68918ba5-9cd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7e:97:47:f3:1e:fd:eb:0e:61:55:fa:f9:f5: 80:aa:d7:7f:47:bc:b5:ca:4b:b4:14:95:dc:d2:be: e8:31:12:d5:50:4b:6e:70:f7:16:f5:51:1c:89:6d: 67:db:db:17:83:6f:89:7d:6c:01:eb:02:06:2a:b5: 8d:c6:83:2b:82:14:c3:b9:75:99:31:40:c5:6d:49: 0e:e0:5b:5b:5e:2b:66:71:6d:14:2a:1e:c8:51:99: 51:7d:3b:5e:ea:ec:35:92:96:bd:1a:46:ab:8c:bc: 65:cd:dd:6a:87:70:39:89:0d:01:53:7d:2e:7c:5f: 9c:e8:c4:b4:77:79:44:67:95:18:8c:87:ae:d6:4b: 20:22:93:44:d7:5d:d7:f7:b7:b1:c3:8e:e6:9b:d8: 3e:46:5c:45:27:4c:ac:46:28:25:21:7e:04:b3:b4: e3:3d:1e:fb:08:65:ea:c4:ca:96:ce:4a:a2:7b:2f: c4:08:b8:93:11:c2:1e:d7:2a:78:46:4c:10:54:44: 27:4d:25:cc:d5:06:2d:ce:39:c9:9a:08:ca:00:c4: 66:90:14:0c:31:bd:dc:53:59:a2:96:a3:62:34:92: bb:53:79:3a:e7:71:ab:21:cd:5a:93:09:92:85:fa: 27:fc:ea:f9:b9:5d:d9:b8:4e:f9:47:74:1c:04:a3: be:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:FF:F1:DC:18:45:FB:D5:3E:65:74:70:E6:6A:ED:EF:C8:E9:E2:8F X509v3 Authority Key Identifier: keyid:6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:86:0d:e2:2b:95:55:e9:3f:f1:8c:63:c3:17:eb:63:f9:10: 89:f2:fe:fc:b3:74:f1:a5:0b:91:eb:15:1d:46:26:34:a7:e3: 8a:d0:93:38:a2:3e:a6:24:ef:4a:78:74:39:20:a3:06:a0:a9: 90:c3:e3:d2:e7:46:7b:29:c2:dd:f4:77:1d:32:36:00:49:48: 77:e6:02:92:60:48:b8:77:9c:73:5c:88:95:2e:85:41:c4:d9: ca:be:44:6b:97:61:d3:4d:61:d0:20:5d:c0:f1:c7:23:02:e2: 47:2a:a2:ba:b5:bf:a8:af:09:f1:61:58:ac:9f:71:54:bb:f5: 92:8b:fe:e7:44:77:d1:71:a1:f6:d9:f6:99:d7:3d:41:78:d7: 1f:99:57:49:6a:ec:b4:35:8f:a0:88:6d:d0:71:f4:45:48:34: fb:6b:75:c7:51:b5:35:8f:be:02:13:1e:71:a9:53:3e:59:6f: ad:91:07:5e:59:d7:5c:14:f2:00:27:b4:d3:e5:72:71:c1:cb: 84:27:1b:36:a8:66:cb:f8:da:33:7f:e4:bb:71:47:3f:2d:5f: 9f:e3:f9:57:15:e8:60:2b:a4:2f:56:88:22:54:69:88:04:e3: 2a:10:22:52:6f:91:b5:b6:c4:08:d7:90:0b:68:a3:bb:8a:b2: d7:45:50:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAyQTIxMTAvBgNVBAUTKDZGQ0Q3ODE5QThGOTNGQUY0MEQwRTM4N0YyMUI0NkU4 NERFOUQ3MEIwHhcNMjUwODA1MDQ0MjEyWhcNMjUwODEyMDQ0MjEyWjAYMRYwFAYD VQQDEw02ODkxOGJhNS05Y2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzn6XR/Me/esOYVX6+fWAqtd/R7y1yku0FJXc0r7oMRLVUEtucPcW9VEciW1n 29sXg2+JfWwB6wIGKrWNxoMrghTDuXWZMUDFbUkO4FtbXitmcW0UKh7IUZlRfTte 6uw1kpa9GkarjLxlzd1qh3A5iQ0BU30ufF+c6MS0d3lEZ5UYjIeu1ksgIpNE113X 97exw47mm9g+RlxFJ0ysRiglIX4Es7TjPR77CGXqxMqWzkqiey/ECLiTEcIe1yp4 RkwQVEQnTSXM1QYtzjnJmgjKAMRmkBQMMb3cU1milqNiNJK7U3k653GrIc1akwmS hfon/Or5uV3ZuE75R3QcBKO+qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI7/8dwY RfvVPmV0cOZq7e/I6eKPMB8GA1UdIwQYMBaAFG/NeBmo+T+vQNDjh/IbRuhN6dcL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDJBMi9FRkQyMTU4NDc3 RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2OUEwT09IOGh0RzZFM3Ax d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4MTRHYWo1UDY5QTBPT0g4aHRHNkUzcDF3cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDJBMi9FRkQyMTU4NDc3RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2 OUEwT09IOGh0RzZFM3Axd3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAehg3iK5VV6T/xjGPDF+tj+RCJ8v78s3TxpQuR6xUdRiY0p+OK0JM4 oj6mJO9KeHQ5IKMGoKmQw+PS50Z7KcLd9HcdMjYASUh35gKSYEi4d5xzXIiVLoVB xNnKvkRrl2HTTWHQIF3A8ccjAuJHKqK6tb+orwnxYVisn3FUu/WSi/7nRHfRcaH2 2faZ1z1BeNcfmVdJauy0NY+giG3QcfRFSDT7a3XHUbU1j74CEx5xqVM+WW+tkQde WddcFPIAJ7TT5XJxwcuEJxs2qGbL+Nozf+S7cUc/LV+f4/lXFehgK6QvVogiVGmI BOMqECJSb5G1tsQI15ALaKO7irLXRVCg -----END CERTIFICATE-----Generated at Wed Aug 6 14:16:53 2025 by rpki-client