$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft File: aLMj2oThIFRmzrWv19YHcmdbBTE.mft (raw, json) Hash identifier: na4WPa0wmb+XCaGDAluI9sqJtKcu9JQk7HywsUFFnmg= Subject key identifier: 3F:EE:F5:A1:F2:99:4F:9F:D8:41:B7:52:EA:47:E5:91:13:84:44:AD Authority key identifier: 68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31 Certificate issuer: /CN=A91CD40B/serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531 Certificate serial: 9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft Manifest number: 9A Signing time: Sun 03 Aug 2025 06:40:34 +0000 Manifest this update: Sun 03 Aug 2025 06:40:33 +0000 Manifest next update: Sun 10 Aug 2025 06:40:33 +0000 Files and hashes: 1: aLMj2oThIFRmzrWv19YHcmdbBTE.crl (hash: qwHspTno+Zh/ndYuEUz55xKvt3FaU2LzXqoPkad59y0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 06:40:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 154 (0x9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531 Validity Not Before: Aug 3 06:40:33 2025 GMT Not After : Aug 10 06:40:33 2025 GMT Subject: CN=688f0461-7fb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4b:c2:b5:c7:ae:0a:e0:e0:ba:57:61:8d:2c: 9c:e6:df:c8:d7:31:ef:68:83:66:a1:77:60:55:12: 1e:af:ad:db:5f:e8:39:f3:47:e0:80:92:99:0a:5d: e1:96:af:46:20:ff:71:52:49:e4:db:e8:76:02:5d: 5e:f8:a9:9b:fd:86:4b:0a:22:93:98:7c:ad:f1:ad: c8:1b:11:23:1d:f8:40:0e:fb:ee:4b:be:33:45:e1: 87:7d:f8:3e:95:06:2c:27:fc:c6:0d:15:36:97:1a: fa:17:19:31:4f:56:19:55:2e:32:d6:3a:c2:de:e9: 4d:d6:61:36:5b:50:b6:12:29:0f:cb:b9:7c:cb:f9: 71:5f:87:36:f7:75:4a:04:a7:bf:50:0e:5d:e4:36: 0a:26:8a:7f:d7:93:f1:86:9b:d9:e8:a2:45:e9:7d: 4f:71:21:0e:fa:de:d5:bb:62:b7:c7:6f:61:b9:68: 43:24:7c:d9:9e:20:24:e0:56:4b:cd:78:01:f3:ec: a1:b2:6f:85:4b:2e:e9:7e:e1:22:65:29:a6:2e:cc: 09:65:45:ce:4a:17:5e:5d:36:5c:05:db:db:cc:e9: ea:f6:33:2a:e3:b5:9a:b6:bf:0d:37:a1:e5:40:a7: 36:fa:a7:c4:3f:11:1a:d6:4c:13:18:d6:95:d5:54: fc:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:EE:F5:A1:F2:99:4F:9F:D8:41:B7:52:EA:47:E5:91:13:84:44:AD X509v3 Authority Key Identifier: keyid:68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:32:d2:bc:4d:5e:ac:64:b7:4f:e0:2a:d0:f5:36:54:51:8a: 6b:a4:08:0d:35:04:74:32:e3:f1:9f:9f:ab:37:47:5f:02:1d: 13:f1:64:aa:ae:3a:dd:66:3a:25:fd:19:2b:ba:b2:3d:02:fd: e7:b7:15:f7:fd:57:63:fb:8d:75:5f:35:e5:05:5f:a6:90:4e: 37:68:73:6f:14:55:1e:d4:d7:80:35:15:7b:63:e0:98:f5:4c: 97:64:5e:ed:91:eb:ea:4b:3a:85:1b:34:c5:2c:20:67:87:3f: ff:ff:1d:91:1b:ed:4e:64:41:3b:7e:b2:38:89:35:fd:ab:36: 50:f4:af:39:9b:c7:39:68:b0:9e:7b:00:39:8e:57:f6:50:74: b6:1b:6b:31:89:79:a1:48:ed:f3:f5:ae:54:f9:80:63:0c:1e: b0:9e:ce:fa:2e:a6:2e:d6:e5:71:67:b0:21:24:1f:2f:91:9a: 5e:fe:5d:9d:21:d1:2c:9b:f4:d4:f9:8e:c7:2b:24:4d:9f:bd: e8:ea:86:ef:34:4b:82:4d:20:fb:e0:ed:ff:c4:a6:b4:fe:5e: 06:a6:1a:20:d4:fe:a8:1f:2f:d4:a6:71:5b:cf:33:fb:65:c9: fd:e5:2d:71:43:91:ea:71:de:a6:83:86:39:03:b5:85:66:6c: 9e:58:a0:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDY4QjMyM0RBODRFMTIwNTQ2NkNFQjVBRkQ3RDYwNzcy Njc1QjA1MzEwHhcNMjUwODAzMDY0MDMzWhcNMjUwODEwMDY0MDMzWjAYMRYwFAYD VQQDEw02ODhmMDQ2MS03ZmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx0vCtceuCuDguldhjSyc5t/I1zHvaINmoXdgVRIer63bX+g580fggJKZCl3h lq9GIP9xUknk2+h2Al1e+Kmb/YZLCiKTmHyt8a3IGxEjHfhADvvuS74zReGHffg+ lQYsJ/zGDRU2lxr6FxkxT1YZVS4y1jrC3ulN1mE2W1C2EikPy7l8y/lxX4c293VK BKe/UA5d5DYKJop/15PxhpvZ6KJF6X1PcSEO+t7Vu2K3x29huWhDJHzZniAk4FZL zXgB8+yhsm+FSy7pfuEiZSmmLswJZUXOShdeXTZcBdvbzOnq9jMq47Watr8NN6Hl QKc2+qfEPxEa1kwTGNaV1VT8dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD/u9aHy mU+f2EG3UupH5ZEThEStMB8GA1UdIwQYMBaAFGizI9qE4SBUZs61r9fWB3JnWwUx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi83NDFBMUUyQzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9hTE1qMm9UaElGUm16cld2MTlZSGNtZGJC VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FMTWoyb1RoSUZSbXpyV3YxOVlIY21kYkJURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi83NDFBMUUyQzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9hTE1qMm9UaElG Um16cld2MTlZSGNtZGJCVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCrMtK8TV6sZLdP4CrQ9TZUUYprpAgNNQR0MuPxn5+rN0dfAh0T8WSq rjrdZjol/RkrurI9Av3ntxX3/Vdj+411XzXlBV+mkE43aHNvFFUe1NeANRV7Y+CY 9UyXZF7tkevqSzqFGzTFLCBnhz///x2RG+1OZEE7frI4iTX9qzZQ9K85m8c5aLCe ewA5jlf2UHS2G2sxiXmhSO3z9a5U+YBjDB6wns76LqYu1uVxZ7AhJB8vkZpe/l2d IdEsm/TU+Y7HKyRNn73o6obvNEuCTSD74O3/xKa0/l4Gphog1P6oHy/UpnFbzzP7 Zcn95S1xQ5Hqcd6mg4Y5A7WFZmyeWKAc -----END CERTIFICATE-----Generated at Mon Aug 4 18:57:12 2025 by rpki-client