$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: w9RDETErZociemiHnO7miobteC39teJnaSttwP1+Zg8= Subject key identifier: 1B:BC:F8:B0:DA:9E:C5:08:9C:34:EE:A3:AB:0E:E2:21:61:E4:60:05 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 0208 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 0204 Signing time: Mon 11 Aug 2025 02:25:33 +0000 Manifest this update: Mon 11 Aug 2025 02:25:32 +0000 Manifest next update: Mon 18 Aug 2025 02:25:32 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: fvCWIZctXqu3YQYFEzA/pjpXyh9h6RmtYvvlDF3v4MY=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: tX50rThQWeAbKIESIwrC0zdSKgD+i4OgX2qNIGi6fqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 Aug 2025 02:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 520 (0x208) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Aug 11 02:25:32 2025 GMT Not After : Aug 18 02:25:32 2025 GMT Subject: CN=6899549c-1d50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:10:87:e1:d1:d4:81:58:a3:37:86:67:3f:0c: 0d:e8:2f:d3:3f:31:c3:09:8f:a0:f8:47:cc:71:cf: d1:d1:83:b7:c7:3c:34:1d:a1:3e:82:87:56:e5:6a: f4:a5:ea:95:fd:99:e9:df:f8:a5:2c:31:84:f8:4b: 99:7d:e5:a2:64:57:72:b8:14:07:bb:95:60:e5:f3: ba:88:b0:0d:80:f6:01:fd:d0:ed:99:2c:97:58:6b: 30:49:57:8a:3f:8c:7c:a1:71:9d:eb:c2:ee:1c:c0: ab:b2:08:6a:77:78:c3:d5:90:54:ce:a8:e5:51:27: 84:95:68:a1:ac:3c:45:75:bd:00:cb:ec:67:8c:01: 81:be:24:74:dc:f2:26:69:54:aa:db:61:25:09:77: b9:93:a8:5d:34:80:7a:43:1d:41:81:0e:07:ea:0d: 2d:a3:c0:98:6f:ac:ff:42:4a:58:46:57:85:61:39: c9:ab:e5:c6:c5:68:ce:0b:8d:13:d6:c1:33:5b:ae: 83:40:a4:85:c9:6b:42:cf:bc:9c:c2:ca:9c:5b:ac: ec:17:a8:5a:ec:87:4a:e3:18:a2:d3:41:1e:fe:a8: a2:4c:d3:e9:57:73:6a:7f:a8:21:5c:47:e5:b3:5a: 4e:ec:58:19:a9:92:c6:b9:02:35:e5:37:31:ab:3f: e9:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:BC:F8:B0:DA:9E:C5:08:9C:34:EE:A3:AB:0E:E2:21:61:E4:60:05 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:e3:03:e0:a0:71:ac:79:a2:49:73:9d:d8:da:49:11:3b:91: 7d:d1:56:3c:cc:01:43:c9:8c:dd:64:70:d1:60:bd:81:54:11: 03:8d:50:15:e6:c3:35:28:b3:2a:0b:5f:ce:59:a7:9a:d5:2b: 40:94:cb:72:68:d9:53:7d:69:5c:b9:e1:9b:cc:96:f9:0b:da: 9f:d3:1f:79:0f:1b:85:2d:db:30:ff:ef:33:59:6f:0e:3d:d4: 8b:46:cf:57:fe:00:a6:3b:91:c4:a2:40:d8:0b:97:94:14:89: be:d7:29:8c:a3:b7:71:33:17:6e:20:2f:1e:b7:66:fe:80:b8: 48:a1:02:14:e7:ee:4f:9e:00:be:5c:5b:a8:bd:ea:e4:aa:00: 2e:27:13:d4:4d:3c:16:a1:33:37:b4:79:c3:f3:20:aa:22:02: 6f:cb:39:d3:bb:50:c6:a1:4c:08:68:36:36:d6:28:5f:aa:66: e0:eb:f7:10:68:32:24:7a:4d:8b:8a:55:36:cc:c3:21:82:90: ad:8b:e1:fc:36:bb:e6:19:b4:e6:b0:a2:23:31:97:2c:75:bc: 33:cf:4a:35:e9:06:e1:fb:a7:90:ff:b1:c0:d7:26:51:dd:cf: e8:9c:a6:e4:4a:ce:8f:9f:54:8e:f2:df:8e:86:5e:84:11:54: 9e:04:57:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUwODExMDIyNTMyWhcNMjUwODE4MDIyNTMyWjAYMRYwFAYD VQQDEw02ODk5NTQ5Yy0xZDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsRCH4dHUgVijN4ZnPwwN6C/TPzHDCY+g+EfMcc/R0YO3xzw0HaE+godW5Wr0 peqV/Znp3/ilLDGE+EuZfeWiZFdyuBQHu5Vg5fO6iLANgPYB/dDtmSyXWGswSVeK P4x8oXGd68LuHMCrsghqd3jD1ZBUzqjlUSeElWihrDxFdb0Ay+xnjAGBviR03PIm aVSq22ElCXe5k6hdNIB6Qx1BgQ4H6g0to8CYb6z/QkpYRleFYTnJq+XGxWjOC40T 1sEzW66DQKSFyWtCz7ycwsqcW6zsF6ha7IdK4xii00Ee/qiiTNPpV3Nqf6ghXEfl s1pO7FgZqZLGuQI15Tcxqz/pQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBu8+LDa nsUInDTuo6sO4iFh5GAFMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC74wPgoHGseaJJc53Y2kkRO5F90VY8zAFDyYzdZHDRYL2BVBEDjVAV 5sM1KLMqC1/OWaea1StAlMtyaNlTfWlcueGbzJb5C9qf0x95DxuFLdsw/+8zWW8O PdSLRs9X/gCmO5HEokDYC5eUFIm+1ymMo7dxMxduIC8et2b+gLhIoQIU5+5PngC+ XFuoverkqgAuJxPUTTwWoTM3tHnD8yCqIgJvyznTu1DGoUwIaDY21ihfqmbg6/cQ aDIkek2LilU2zMMhgpCti+H8NrvmGbTmsKIjMZcsdbwzz0o16Qbh+6eQ/7HA1yZR 3c/onKbkSs6Pn1SO8t+Ohl6EEVSeBFeJ -----END CERTIFICATE-----Generated at Tue Aug 12 04:25:03 2025 by rpki-client