$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json) Hash identifier: rJgirlkDGkZ2x3+Q70LzQzA0bSOnY4Thr8RTUq0QTXE= Subject key identifier: 5B:51:09:06:F8:7B:89:96:3F:06:B6:78:26:53:8D:CD:CE:58:2D:3E Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Certificate serial: 34A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft Manifest number: 34A8 Signing time: Tue 12 Aug 2025 15:19:32 +0000 Manifest this update: Tue 12 Aug 2025 15:19:32 +0000 Manifest next update: Tue 19 Aug 2025 15:19:32 +0000 Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: oIZNM5AoccJoZdfqLyqTrxYpfljlMTgP7gt5S91ino0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 15:19:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13480 (0x34a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD73B, serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Validity Not Before: Aug 12 15:19:32 2025 GMT Not After : Aug 19 15:19:32 2025 GMT Subject: CN=689b5b84-2a84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d5:02:4e:fd:5e:f0:ef:0f:8c:11:ca:b0:2e: 63:3a:ea:d0:81:43:be:a4:21:63:b5:00:fe:29:ec: 93:ed:60:e4:94:af:3a:89:da:a4:65:07:45:bd:3f: 96:4f:72:18:45:6e:46:ca:00:24:06:11:a9:be:84: 8b:d1:de:88:1c:bd:3e:43:90:5e:18:da:ee:9a:1c: 2f:3b:dd:79:53:90:ce:5c:0f:9c:69:29:65:80:89: 5f:3e:f3:7d:4d:24:9f:f8:d1:5a:5f:45:62:e5:76: 26:21:e3:d0:35:25:4a:ff:80:3b:68:fe:47:e6:9c: 2f:99:af:56:f0:ac:f8:93:09:4f:0a:a4:5f:d3:52: 11:6d:0b:dc:78:fd:c5:ec:53:0f:09:9d:8b:7e:f4: 1c:77:db:d4:f6:a2:6b:7b:7f:3b:db:14:ad:e1:41: d1:be:f0:54:8e:fa:1f:04:6c:4d:be:0f:1d:61:d0: ba:f0:f8:52:f3:09:77:2f:32:12:57:82:da:09:e8: 0d:c1:30:e5:29:07:62:49:a2:aa:ac:9c:28:78:22: 62:0e:6b:90:fc:2c:90:08:39:ef:23:4a:61:15:3f: 3b:f1:9f:b0:ee:1b:33:1c:e1:7b:ea:57:7a:b0:a9: 74:88:04:82:76:85:e3:ed:a8:3c:29:c1:b9:ce:c8: 34:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:51:09:06:F8:7B:89:96:3F:06:B6:78:26:53:8D:CD:CE:58:2D:3E X509v3 Authority Key Identifier: keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:e1:ae:b1:48:cc:3e:5d:f8:47:0d:93:59:83:4d:49:52:45: 21:92:8a:6f:d5:3b:48:44:ea:e6:4c:a4:50:a2:1c:d0:57:a6: 0b:46:f6:1e:61:68:d3:cb:f0:e8:a8:63:af:04:7e:12:e9:14: 3e:06:71:6c:e3:a2:88:68:06:ab:ac:8e:90:5b:8a:a3:35:8c: bf:07:1a:07:93:c1:c6:80:d7:fa:c8:c6:bb:d4:d2:d6:47:a9: ee:ab:c3:2a:22:91:e2:69:3e:ea:c8:4f:e3:61:c9:a8:f7:17: ae:77:8b:68:23:a1:8e:2c:af:9a:03:34:23:9e:1b:9e:47:3a: ad:fb:d9:d9:be:0c:91:74:e2:7c:a9:dc:17:cf:25:92:e3:76: 71:16:5f:9f:31:4b:8b:9b:82:a3:ff:86:89:1b:63:62:33:ce: 97:78:1e:da:71:8c:22:58:55:58:d2:a0:43:9f:05:81:e7:8c: 0c:34:59:74:7e:6d:63:93:8a:57:19:96:63:6d:c5:3b:9b:b2: 7c:d8:9c:35:c4:e6:a1:85:cc:eb:30:f3:61:e3:49:63:ac:64: 38:de:af:e0:e0:bf:9f:f4:75:56:be:07:9a:ad:ab:ba:a8:86: 64:4a:2b:7c:5e:6b:1f:88:8a:bd:55:56:7b:75:d7:59:6b:dd: fc:b2:fd:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF NTlGQTg0RjYwHhcNMjUwODEyMTUxOTMyWhcNMjUwODE5MTUxOTMyWjAYMRYwFAYD VQQDEw02ODliNWI4NC0yYTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAttUCTv1e8O8PjBHKsC5jOurQgUO+pCFjtQD+KeyT7WDklK86idqkZQdFvT+W T3IYRW5GygAkBhGpvoSL0d6IHL0+Q5BeGNrumhwvO915U5DOXA+caSllgIlfPvN9 TSSf+NFaX0Vi5XYmIePQNSVK/4A7aP5H5pwvma9W8Kz4kwlPCqRf01IRbQvceP3F 7FMPCZ2LfvQcd9vU9qJre3872xSt4UHRvvBUjvofBGxNvg8dYdC68PhS8wl3LzIS V4LaCegNwTDlKQdiSaKqrJwoeCJiDmuQ/CyQCDnvI0phFT878Z+w7hszHOF76ld6 sKl0iASCdoXj7ag8KcG5zsg05wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFtRCQb4 e4mWPwa2eCZTjc3OWC0+MB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4 bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ4a6xSMw+XfhHDZNZg01JUkUhkopv1TtIROrmTKRQohzQV6YLRvYe YWjTy/DoqGOvBH4S6RQ+BnFs46KIaAarrI6QW4qjNYy/BxoHk8HGgNf6yMa71NLW R6nuq8MqIpHiaT7qyE/jYcmo9xeud4toI6GOLK+aAzQjnhueRzqt+9nZvgyRdOJ8 qdwXzyWS43ZxFl+fMUuLm4Kj/4aJG2NiM86XeB7acYwiWFVY0qBDnwWB54wMNFl0 fm1jk4pXGZZjbcU7m7J82Jw1xOahhczrMPNh40ljrGQ43q/g4L+f9HVWvgearau6 qIZkSit8XmsfiIq9VVZ7dddZa938sv2z -----END CERTIFICATE-----Generated at Wed Aug 13 04:29:02 2025 by rpki-client