$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft File: tU-K0c7KwTb8r0eS6_0A5o6h02g.mft (raw, json) Hash identifier: yWaUHghHDH6MwXTALJ+LVn554uH6YkEPIREAx5b62T0= Subject key identifier: 03:BA:D2:1B:EB:98:98:9D:BC:AA:BD:6B:6A:0A:7F:03:22:B8:71:04 Authority key identifier: B5:4F:8A:D1:CE:CA:C1:36:FC:AF:47:92:EB:FD:00:E6:8E:A1:D3:68 Certificate issuer: /CN=A91B7DCB/serialNumber=B54F8AD1CECAC136FCAF4792EBFD00E68EA1D368 Certificate serial: 32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft Manifest number: 31 Signing time: Sat 09 Aug 2025 08:08:34 +0000 Manifest this update: Sat 09 Aug 2025 08:08:33 +0000 Manifest next update: Sat 16 Aug 2025 08:08:33 +0000 Files and hashes: 1: tU-K0c7KwTb8r0eS6_0A5o6h02g.crl (hash: 3y41KIXEF8jj5yPfjzfbMORdcKLNkiJRUz0s36Alpnw=) 2: D470A60E294511F0B1412377C4F9AE02.roa (hash: R5e5Pbe0gCRILBx2wr55E5wPwG2ILhIOGtJI6e+r29g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.crl rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7DCB, serialNumber=B54F8AD1CECAC136FCAF4792EBFD00E68EA1D368 Validity Not Before: Aug 9 08:08:33 2025 GMT Not After : Aug 16 08:08:33 2025 GMT Subject: CN=68970202-73f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:78:04:82:d6:49:83:35:d9:ad:bc:e0:e1:d0: 0c:8e:a5:d5:df:44:09:a6:36:47:31:2a:f5:de:7f: 8f:42:33:b1:14:fd:08:65:e4:f2:49:7f:1b:51:f1: 56:cf:18:9d:6e:45:1e:88:b5:15:d0:d6:96:ae:b6: a4:64:a1:63:c3:34:9a:af:99:b0:c6:44:63:c7:e9: f4:56:b9:52:de:ac:ac:12:46:a3:30:b3:13:c6:86: 04:0d:96:61:38:d6:41:9b:d0:6b:cd:1b:b5:fb:d5: 3c:6e:24:92:03:f1:db:df:40:71:ba:00:70:19:be: 84:04:6a:f3:1e:3f:1e:e9:70:5b:b6:0c:b8:79:42: b7:7c:9b:a8:5f:03:ce:ca:d1:63:8e:0a:f3:e4:9c: 8e:88:81:20:b8:63:b8:ff:96:45:66:85:0e:43:27: 43:60:d1:62:d4:27:f7:1f:bf:27:f9:58:04:f2:e4: 31:bd:73:40:04:db:3f:75:cc:e2:89:ed:f9:78:f2: e3:60:d9:8a:31:df:a5:ae:9e:9b:6f:2c:e6:8a:a7: ee:a9:62:ae:56:78:42:3d:da:6f:69:0e:7b:31:e9: c6:92:f9:a4:f7:22:38:f1:ec:f3:7d:ac:c0:e1:a5: fb:fa:05:34:3c:84:e2:79:31:27:af:30:08:f1:59: 42:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:BA:D2:1B:EB:98:98:9D:BC:AA:BD:6B:6A:0A:7F:03:22:B8:71:04 X509v3 Authority Key Identifier: keyid:B5:4F:8A:D1:CE:CA:C1:36:FC:AF:47:92:EB:FD:00:E6:8E:A1:D3:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:19:91:d9:7d:54:97:70:0f:49:bb:2a:fa:30:1e:74:8e:52: b4:c3:59:5f:c1:a5:f8:04:85:43:11:a3:75:e7:97:1a:1f:bd: 27:89:a3:9e:dc:f9:81:84:ee:64:cd:41:aa:86:6f:78:7c:e6: e5:99:52:d5:f7:e8:4f:2a:33:89:ce:40:66:84:e1:89:1c:91: a2:ce:b3:a2:e6:ed:b6:37:ff:16:64:4a:bc:c7:86:17:09:d1: 30:6f:9d:1c:6b:8b:f6:75:71:95:1a:5c:13:4e:2b:a5:d7:da: f5:40:fb:bb:1b:6a:8f:1d:7c:32:48:55:e6:5c:ed:6d:89:a4: 6d:68:ca:5e:c7:10:64:ed:2c:4a:46:33:70:07:69:34:52:81: c1:9e:51:6c:fa:94:42:87:ea:ed:49:a0:38:53:2b:57:ff:18: be:bb:a3:39:8a:a9:ae:5f:d2:23:54:3f:07:89:d8:0b:b7:2e: 2d:24:61:fc:c3:92:5a:3e:06:df:bb:71:9d:36:11:7b:89:9c: 4b:fe:d3:6f:eb:3b:8c:92:56:25:ca:79:13:7b:f1:ae:c8:c3: 0f:41:ef:9b:98:89:83:7f:8c:5f:4e:43:a0:ec:bb:1e:df:4c: 4f:ed:81:b7:17:62:f6:a7:b4:bb:28:65:ec:e0:fc:1b:ce:4b: 7e:21:e9:d6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC N0RDQjExMC8GA1UEBRMoQjU0RjhBRDFDRUNBQzEzNkZDQUY0NzkyRUJGRDAwRTY4 RUExRDM2ODAeFw0yNTA4MDkwODA4MzNaFw0yNTA4MTYwODA4MzNaMBgxFjAUBgNV BAMTDTY4OTcwMjAyLTczZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3eASC1kmDNdmtvODh0AyOpdXfRAmmNkcxKvXef49CM7EU/Qhl5PJJfxtR8VbP GJ1uRR6ItRXQ1pautqRkoWPDNJqvmbDGRGPH6fRWuVLerKwSRqMwsxPGhgQNlmE4 1kGb0GvNG7X71TxuJJID8dvfQHG6AHAZvoQEavMePx7pcFu2DLh5Qrd8m6hfA87K 0WOOCvPknI6IgSC4Y7j/lkVmhQ5DJ0Ng0WLUJ/cfvyf5WATy5DG9c0AE2z91zOKJ 7fl48uNg2Yox36WunptvLOaKp+6pYq5WeEI92m9pDnsx6caS+aT3Ijjx7PN9rMDh pfv6BTQ8hOJ5MSevMAjxWULrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUA7rSG+uY mJ28qr1ragp/AyK4cQQwHwYDVR0jBBgwFoAUtU+K0c7KwTb8r0eS6/0A5o6h02gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3RENCL0Y4M0FDNDk0Mjk0 NDExRjBBRTFBQkM3NEM0RjlBRTAyL3RVLUswYzdLd1RiOHIwZVM2XzBBNW82aDAy Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdFUtSzBjN0t3VGI4cjBlUzZfMEE1bzZoMDJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3 RENCL0Y4M0FDNDk0Mjk0NDExRjBBRTFBQkM3NEM0RjlBRTAyL3RVLUswYzdLd1Ri OHIwZVM2XzBBNW82aDAyZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIQZkdl9VJdwD0m7KvowHnSOUrTDWV/BpfgEhUMRo3XnlxofvSeJo57c +YGE7mTNQaqGb3h85uWZUtX36E8qM4nOQGaE4YkckaLOs6Lm7bY3/xZkSrzHhhcJ 0TBvnRxri/Z1cZUaXBNOK6XX2vVA+7sbao8dfDJIVeZc7W2JpG1oyl7HEGTtLEpG M3AHaTRSgcGeUWz6lEKH6u1JoDhTK1f/GL67ozmKqa5f0iNUPweJ2Au3Li0kYfzD klo+Bt+7cZ02EXuJnEv+02/rO4ySViXKeRN78a7Iww9B75uYiYN/jF9OQ6Dsux7f TE/tgbcXYvantLsoZezg/BvOS34h6dY= -----END CERTIFICATE-----Generated at Sat Aug 9 10:36:08 2025 by rpki-client