$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft File: 1icW92HxiNVvoRf53JS-QUEEpoE.mft (raw, json) Hash identifier: W4Fr8xhz8dCvKnpRV7pMN8u5s+MzMZv03TLLdFJss6A= Subject key identifier: 32:EA:90:3C:6F:7F:9E:FA:7D:1F:A5:B6:6C:4B:1F:AE:73:C3:B0:8D Authority key identifier: D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 Certificate issuer: /CN=A91C5D53/serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft Manifest number: 86 Signing time: Sat 09 Aug 2025 07:07:16 +0000 Manifest this update: Sat 09 Aug 2025 07:07:16 +0000 Manifest next update: Sat 16 Aug 2025 07:07:16 +0000 Files and hashes: 1: 1icW92HxiNVvoRf53JS-QUEEpoE.crl (hash: OxuY81VH4fFHj7Za26KuJRz2nCEkDLWXunEAheTN0fs=) 2: BB5954CE241111F094390A32C4F9AE02.roa (hash: 6qd8Idl86oSAnUE2UErM8ktGLeOpsspXAgidR5hkRlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5D53, serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Validity Not Before: Aug 9 07:07:16 2025 GMT Not After : Aug 16 07:07:16 2025 GMT Subject: CN=6896f3a4-8e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ff:35:0c:25:a6:21:c0:f5:f2:e2:1e:5b:6b: 50:f4:19:33:3d:20:5e:00:3e:75:bb:92:24:de:53: 69:34:0d:d6:a4:5d:a6:8f:25:cc:8e:bf:63:6a:22: 7b:1d:44:05:87:0b:dd:5f:dd:84:54:6b:93:af:b2: dd:9b:6b:1c:74:04:e8:c1:12:5a:f7:dc:21:c1:a4: 8a:de:0d:46:ec:8b:f5:50:51:75:e5:a7:39:7e:5f: 56:aa:06:ad:19:a9:61:d8:47:61:14:7c:3b:38:c0: c2:31:b2:a4:59:ff:ca:06:78:92:19:8e:60:f0:e1: b2:be:04:38:08:cc:8e:fb:45:73:98:6f:4e:d7:36: 41:e3:14:85:8b:cd:71:1f:18:fa:70:8f:01:9f:c3: f7:76:f6:c0:ca:73:3f:85:fb:7e:b1:4e:67:ce:b0: 9a:d3:db:9d:2e:8d:c7:78:13:b9:b0:6d:0d:9e:0e: a4:1a:78:63:4b:4d:07:20:bd:c6:f5:2a:ac:26:a4: ab:9e:78:16:62:d6:ba:85:af:49:6c:f6:25:bd:b3: ec:9d:bf:c0:74:2a:83:ed:cd:a1:04:a8:24:04:0b: d6:2b:2e:06:94:a9:a5:43:97:8e:22:8e:5e:5a:52: d0:ba:ea:6c:ed:50:fd:b8:c0:48:37:39:f9:33:b2: af:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:EA:90:3C:6F:7F:9E:FA:7D:1F:A5:B6:6C:4B:1F:AE:73:C3:B0:8D X509v3 Authority Key Identifier: keyid:D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:67:b9:6c:39:86:16:3b:d6:6b:0e:5c:74:42:3f:a9:64:da: 2b:d5:ee:7e:20:39:e6:a6:39:ae:56:3d:50:23:6d:34:71:46: fe:58:8a:88:18:b5:e2:79:5f:e5:26:cf:31:d9:ea:75:45:71: 6d:9e:14:47:f7:e3:9b:4d:b7:21:5e:71:23:39:ff:6a:71:29: 96:6f:6e:b6:38:5d:cd:40:7f:1c:a3:a5:56:8f:c0:ea:48:d9: a8:29:8e:ba:df:5f:21:d1:76:8a:57:01:5f:de:d5:77:4f:47: e9:37:04:56:f5:d4:5a:68:90:67:9b:8a:ef:b9:72:0d:61:b3: 5a:93:fe:37:5f:7d:b9:fb:e3:a3:b5:07:4a:39:89:5d:07:a7: 50:7d:7c:9f:06:de:8f:7a:13:88:4e:f5:36:85:2a:e5:ba:d8: 07:d0:0b:f9:cd:73:8e:1a:2f:b8:c9:db:e3:04:d1:fc:7f:89: f8:b1:50:71:ed:7f:90:96:a3:27:4a:57:9a:17:e5:47:8a:5d: 20:c4:02:02:05:16:91:44:41:4a:22:89:2f:e7:f7:1a:73:18: 83:65:1b:6d:ac:a6:3e:e1:dc:0a:89:63:da:0d:12:b8:67:b1: 09:0d:55:1a:64:18:e3:47:7e:7a:93:89:e8:58:05:ce:40:8c: 8b:fb:5f:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzVENTMxMTAvBgNVBAUTKEQ2MjcxNkY3NjFGMTg4RDU2RkExMTdGOURDOTRCRTQx NDEwNEE2ODEwHhcNMjUwODA5MDcwNzE2WhcNMjUwODE2MDcwNzE2WjAYMRYwFAYD VQQDEw02ODk2ZjNhNC04ZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqf81DCWmIcD18uIeW2tQ9BkzPSBeAD51u5Ik3lNpNA3WpF2mjyXMjr9jaiJ7 HUQFhwvdX92EVGuTr7Ldm2scdATowRJa99whwaSK3g1G7Iv1UFF15ac5fl9Wqgat Galh2EdhFHw7OMDCMbKkWf/KBniSGY5g8OGyvgQ4CMyO+0VzmG9O1zZB4xSFi81x Hxj6cI8Bn8P3dvbAynM/hft+sU5nzrCa09udLo3HeBO5sG0Nng6kGnhjS00HIL3G 9SqsJqSrnngWYta6ha9JbPYlvbPsnb/AdCqD7c2hBKgkBAvWKy4GlKmlQ5eOIo5e WlLQuups7VD9uMBINzn5M7Kv/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLqkDxv f576fR+ltmxLH65zw7CNMB8GA1UdIwQYMBaAFNYnFvdh8YjVb6EX+dyUvkFBBKaB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUQ1My8wNUZGQzAwRUFD ODQxMUVGODIxNDk3MkJDNEY5QUUwMi8xaWNXOTJIeGlOVnZvUmY1M0pTLVFVRUVw b0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFpY1c5Mkh4aU5Wdm9SZjUzSlMtUVVFRXBvRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NUQ1My8wNUZGQzAwRUFDODQxMUVGODIxNDk3MkJDNEY5QUUwMi8xaWNXOTJIeGlO VnZvUmY1M0pTLVFVRUVwb0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAaZ7lsOYYWO9ZrDlx0Qj+pZNor1e5+IDnmpjmuVj1QI200cUb+WIqI GLXieV/lJs8x2ep1RXFtnhRH9+ObTbchXnEjOf9qcSmWb262OF3NQH8co6VWj8Dq SNmoKY66318h0XaKVwFf3tV3T0fpNwRW9dRaaJBnm4rvuXINYbNak/43X325++Oj tQdKOYldB6dQfXyfBt6PehOITvU2hSrlutgH0Av5zXOOGi+4ydvjBNH8f4n4sVBx 7X+QlqMnSleaF+VHil0gxAICBRaRREFKIokv5/cacxiDZRttrKY+4dwKiWPaDRK4 Z7EJDVUaZBjjR356k4noWAXOQIyL+19a -----END CERTIFICATE-----Generated at Sat Aug 9 15:10:04 2025 by rpki-client