$ rpki-client -vvf rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft File: 8VAZIKVfOnwnEDkUn_oop8HMOPE.mft (raw, json) Hash identifier: T2k0AOKE+iO5mH9oo5tfpSKKnRuucyj/oOUxNywwVUo= Subject key identifier: E7:AF:E6:D6:3C:D1:69:39:49:6C:E9:67:7D:90:B3:C3:A1:D3:0D:32 Authority key identifier: F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 Certificate issuer: /CN=A91B49C0/serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Certificate serial: 0383 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft Manifest number: 037F Signing time: Thu 07 Aug 2025 01:26:37 +0000 Manifest this update: Thu 07 Aug 2025 01:26:36 +0000 Manifest next update: Thu 14 Aug 2025 01:26:36 +0000 Files and hashes: 1: 8VAZIKVfOnwnEDkUn_oop8HMOPE.crl (hash: hGPXaTI2xZB13Xss8GAWIevD3YaBXVnTMgo1mQebxdk=) 2: 8304B142B34711EC90A6DA67C4F9AE02.roa (hash: WXC/B6Dbe8kPnOwbgfCf/9me935cYsiOJufkenUuGQo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 01:26:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 899 (0x383) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B49C0, serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Validity Not Before: Aug 7 01:26:36 2025 GMT Not After : Aug 14 01:26:36 2025 GMT Subject: CN=689400cd-6da6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:21:8b:36:41:e7:13:da:01:da:97:35:51:53: ce:d6:c5:4f:54:51:ce:6b:4c:c6:b0:cb:3c:11:b1: 29:4a:10:4e:66:4d:43:bd:07:7f:17:7a:60:13:02: 36:67:bf:23:e0:2d:e4:21:e5:22:ed:e2:02:68:e0: bc:c6:b6:d6:d4:d5:64:fe:78:bf:b4:cb:ff:c6:9f: c1:32:35:1c:0d:df:cf:91:38:71:08:5f:75:6e:0b: 0b:a6:da:4e:40:5b:76:fc:5b:37:44:58:3a:6c:e8: d8:0d:f6:a9:82:ee:5f:1b:d1:63:1a:df:f0:38:1a: 08:31:b9:bc:4b:8a:dc:8c:12:e8:98:e0:47:7f:c3: a9:2f:de:61:25:58:74:e0:25:66:4f:6a:a1:66:41: 4a:f0:e0:fc:95:b5:98:5a:c8:c1:43:ec:d1:28:51: 2e:ee:4a:2b:63:01:c2:a1:2a:87:42:29:98:83:21: c4:a0:18:a6:87:b6:bf:17:25:b4:72:b1:be:57:f2: 09:c4:43:98:a0:d4:70:9a:4d:ef:78:81:1e:20:88: d4:f2:c8:65:91:08:97:75:4f:02:d0:ae:34:e9:7e: 00:84:22:20:5f:46:64:a8:da:2d:24:bc:15:e1:91: dd:68:46:89:8f:17:69:19:37:d0:18:10:e4:5b:4a: 34:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:AF:E6:D6:3C:D1:69:39:49:6C:E9:67:7D:90:B3:C3:A1:D3:0D:32 X509v3 Authority Key Identifier: keyid:F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:d6:12:7f:03:ec:3a:26:1a:43:0f:7d:34:73:cc:f7:89:be: 82:1f:88:52:e1:38:4f:9b:f8:08:b5:8f:90:5d:d7:47:fc:23: f4:52:92:b1:d9:80:bd:13:4f:0c:86:4a:c9:11:94:68:57:8c: 73:6d:e5:bc:c8:74:c3:10:29:7e:71:cd:5e:8f:1f:3f:78:32: 88:dd:ad:33:4e:43:c9:9c:ab:f9:2f:57:99:bf:97:6b:99:c2: 2c:4d:3d:e2:3e:f6:20:a7:e7:d8:6f:a9:6e:47:2a:5f:86:96: 7c:45:d9:04:e1:f0:1f:f1:3a:84:ef:d5:1b:fc:e8:07:7d:42: 06:55:0a:80:18:3e:6a:26:e3:d2:e3:43:f7:85:8f:1f:e1:f7: 80:29:e3:4f:95:cc:71:41:cf:02:1a:d5:eb:c8:1f:ae:34:9e: 0f:87:99:ae:ee:a6:29:8a:70:61:d8:0f:9f:1a:d0:37:81:8e: e7:a1:b0:a4:3d:0a:72:70:e2:8a:d5:38:4c:99:97:6f:8d:68: 68:cb:7b:a8:8b:84:73:63:e2:95:93:b1:f0:3f:62:0f:38:22: 21:84:29:0b:a8:3d:1a:f5:71:de:79:59:1c:32:5f:f4:bc:40: fa:e0:77:eb:1f:18:98:01:8f:24:d0:1d:f2:45:05:cd:62:4b: ee:f7:3c:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ5QzAxMTAvBgNVBAUTKEYxNTAxOTIwQTU1RjNBN0MyNzEwMzkxNDlGRkEyOEE3 QzFDQzM4RjEwHhcNMjUwODA3MDEyNjM2WhcNMjUwODE0MDEyNjM2WjAYMRYwFAYD VQQDEw02ODk0MDBjZC02ZGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxCGLNkHnE9oB2pc1UVPO1sVPVFHOa0zGsMs8EbEpShBOZk1DvQd/F3pgEwI2 Z78j4C3kIeUi7eICaOC8xrbW1NVk/ni/tMv/xp/BMjUcDd/PkThxCF91bgsLptpO QFt2/Fs3RFg6bOjYDfapgu5fG9FjGt/wOBoIMbm8S4rcjBLomOBHf8OpL95hJVh0 4CVmT2qhZkFK8OD8lbWYWsjBQ+zRKFEu7korYwHCoSqHQimYgyHEoBimh7a/FyW0 crG+V/IJxEOYoNRwmk3veIEeIIjU8shlkQiXdU8C0K406X4AhCIgX0ZkqNotJLwV 4ZHdaEaJjxdpGTfQGBDkW0o0awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOev5tY8 0Wk5SWzpZ32Qs8Oh0w0yMB8GA1UdIwQYMBaAFPFQGSClXzp8JxA5FJ/6KKfBzDjx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDlDMC82Q0IzODM1OEIz NDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9ud25FRGtVbl9vb3A4SE1P UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhWQVpJS1ZmT253bkVEa1VuX29vcDhITU9QRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDlDMC82Q0IzODM1OEIzNDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9u d25FRGtVbl9vb3A4SE1PUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ1hJ/A+w6JhpDD300c8z3ib6CH4hS4ThPm/gItY+QXddH/CP0UpKx 2YC9E08MhkrJEZRoV4xzbeW8yHTDECl+cc1ejx8/eDKI3a0zTkPJnKv5L1eZv5dr mcIsTT3iPvYgp+fYb6luRypfhpZ8RdkE4fAf8TqE79Ub/OgHfUIGVQqAGD5qJuPS 40P3hY8f4feAKeNPlcxxQc8CGtXryB+uNJ4Ph5mu7qYpinBh2A+fGtA3gY7nobCk PQpycOKK1ThMmZdvjWhoy3uoi4RzY+KVk7HwP2IPOCIhhCkLqD0a9XHeeVkcMl/0 vED64HfrHxiYAY8k0B3yRQXNYkvu9zzK -----END CERTIFICATE-----Generated at Thu Aug 7 13:05:44 2025 by rpki-client