$ rpki-client -vvf rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft File: FF-_nuMXN-kcPNSE7AFq48jzgDw.mft (raw, json) Hash identifier: Yy717j2nwXjBfCx2JX9kiQuBhojXgl8BE2iOczWtHQo= Subject key identifier: 25:6C:67:6F:82:5B:34:0A:5E:6B:28:1E:99:9B:6C:AB:0D:21:3E:C3 Authority key identifier: 14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C Certificate issuer: /CN=A91B978D/serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Certificate serial: 02D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft Manifest number: 02CE Signing time: Sat 09 Aug 2025 01:55:07 +0000 Manifest this update: Sat 09 Aug 2025 01:55:06 +0000 Manifest next update: Sat 16 Aug 2025 01:55:06 +0000 Files and hashes: 1: FF-_nuMXN-kcPNSE7AFq48jzgDw.crl (hash: svd8UmloSdqMIQqK6qfip1UGaQrrBR/YAzvMcT7J7mo=) 2: D5D64BB0FB6811EC863B8150C4F9AE02.roa (hash: QqynXUFn2t2DwRQgssbkvYUHxaAcBlMuvOzz1OFVxaQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 723 (0x2d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B978D, serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Validity Not Before: Aug 9 01:55:06 2025 GMT Not After : Aug 16 01:55:06 2025 GMT Subject: CN=6896aa7b-c9a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cb:b0:50:48:65:1e:93:f9:47:90:8e:c9:7b: 5f:a2:cc:54:ed:4c:14:69:ec:df:d7:a0:2f:e5:91: 6b:55:f7:11:e1:5d:0a:3b:c8:b9:88:76:79:c8:73: 4b:fe:fb:7c:40:7d:3c:c6:1c:00:b2:94:17:51:6d: e3:5c:dc:52:32:62:c5:df:80:f4:69:f1:85:2e:99: 9d:a1:23:02:e3:67:a0:a3:a9:4f:de:c1:ce:a9:f1: 4c:39:b6:b9:de:20:30:b0:c2:0a:6d:45:dc:9f:90: 2b:27:32:55:e5:82:e3:17:fb:f1:64:7a:f1:e4:18: 5c:78:54:9f:4b:ff:a3:c6:11:ee:60:91:c0:0b:fe: 11:e6:a8:43:5e:09:01:dd:f4:89:10:83:bc:ca:cc: 6e:24:0e:9e:6c:46:c3:62:c9:a6:a7:46:a8:e1:5f: 04:03:2d:e6:33:13:61:5c:9f:cb:88:70:1d:e6:89: 32:12:7f:18:ae:37:bc:07:03:18:74:3c:bc:14:de: 7a:78:1c:ff:68:2b:ca:52:64:df:f3:f1:c8:aa:5a: 89:fe:94:b9:af:43:f9:54:7e:3a:6f:c0:2b:79:e4: 68:50:46:13:79:82:c2:73:72:80:83:e0:47:3d:ee: 89:ed:f1:b1:47:52:c6:5f:a6:8f:88:93:30:a1:61: 13:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:6C:67:6F:82:5B:34:0A:5E:6B:28:1E:99:9B:6C:AB:0D:21:3E:C3 X509v3 Authority Key Identifier: keyid:14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:67:4b:89:e8:e4:67:1e:fd:77:ad:fb:ae:5e:08:b4:99:33: 8d:56:c4:ec:2b:6c:f1:04:1a:73:9d:db:4d:2a:3c:af:01:ab: b6:a0:44:63:74:6c:e6:eb:16:e4:c1:e7:11:fc:4e:81:46:50: d9:db:da:d9:a8:14:f8:cb:b3:61:a7:11:ac:bd:2b:f6:2e:27: fa:56:99:ee:76:e5:9a:00:3a:d0:fb:ec:fd:ba:6d:25:91:e3: cc:05:f6:cc:8d:d6:e0:c8:95:25:6e:63:e9:b1:8d:8f:8a:1a: 2e:8f:72:2f:92:0e:6d:4a:01:db:8a:a6:ff:85:ad:7c:74:ce: b7:90:5b:dc:cf:aa:b0:92:e5:49:03:c2:91:c7:62:a4:71:15: 24:13:a5:0b:ce:5e:ed:a1:66:6e:80:a1:bf:48:a3:04:ec:ac: 32:64:8c:65:c2:ba:21:5c:60:a7:45:0b:e6:f2:8c:f7:cb:11: 3c:8b:7c:6c:c3:43:d5:fe:72:f1:0c:04:96:9b:c5:c2:2d:7f: 6c:02:6a:bf:99:20:b5:0a:b0:04:68:3a:a6:d7:89:1d:aa:b3: bf:6d:d8:4c:f7:22:2f:ad:85:df:ac:1d:35:23:f5:76:67:2a: 66:5d:ed:74:72:d3:12:b4:61:0f:b0:67:2c:4a:a0:7e:fe:f2: 9b:a9:dd:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3OEQxMTAvBgNVBAUTKDE0NUZCRjlFRTMxNzM3RTkxQzNDRDQ4NEVDMDE2QUUz QzhGMzgwM0MwHhcNMjUwODA5MDE1NTA2WhcNMjUwODE2MDE1NTA2WjAYMRYwFAYD VQQDEw02ODk2YWE3Yi1jOWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuMuwUEhlHpP5R5COyXtfosxU7UwUaezf16Av5ZFrVfcR4V0KO8i5iHZ5yHNL /vt8QH08xhwAspQXUW3jXNxSMmLF34D0afGFLpmdoSMC42ego6lP3sHOqfFMOba5 3iAwsMIKbUXcn5ArJzJV5YLjF/vxZHrx5BhceFSfS/+jxhHuYJHAC/4R5qhDXgkB 3fSJEIO8ysxuJA6ebEbDYsmmp0ao4V8EAy3mMxNhXJ/LiHAd5okyEn8Yrje8BwMY dDy8FN56eBz/aCvKUmTf8/HIqlqJ/pS5r0P5VH46b8AreeRoUEYTeYLCc3KAg+BH Pe6J7fGxR1LGX6aPiJMwoWETlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCVsZ2+C WzQKXmsoHpmbbKsNIT7DMB8GA1UdIwQYMBaAFBRfv57jFzfpHDzUhOwBauPI84A8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTc4RC82N0I0NDgyOEZC NjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4ta2NQTlNFN0FGcTQ4anpn RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZGLV9udU1YTi1rY1BOU0U3QUZxNDhqemdEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTc4RC82N0I0NDgyOEZCNjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4t a2NQTlNFN0FGcTQ4anpnRHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkZ0uJ6ORnHv13rfuuXgi0mTONVsTsK2zxBBpzndtNKjyvAau2oERj dGzm6xbkwecR/E6BRlDZ29rZqBT4y7NhpxGsvSv2Lif6VpnuduWaADrQ++z9um0l kePMBfbMjdbgyJUlbmPpsY2Pihouj3Ivkg5tSgHbiqb/ha18dM63kFvcz6qwkuVJ A8KRx2KkcRUkE6ULzl7toWZugKG/SKME7KwyZIxlwrohXGCnRQvm8oz3yxE8i3xs w0PV/nLxDASWm8XCLX9sAmq/mSC1CrAEaDqm14kdqrO/bdhM9yIvrYXfrB01I/V2 ZypmXe10ctMStGEPsGcsSqB+/vKbqd0c -----END CERTIFICATE-----Generated at Sun Aug 10 13:56:44 2025 by rpki-client