$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft File: CekFd0f2O6Ciga54ATZozt6kCrQ.mft (raw, json) Hash identifier: NNCm0LMleMLs6YU31t8i9lquagxRzoDaOZt72/5xtV8= Subject key identifier: BC:32:B7:16:80:53:AB:4D:64:20:CE:AE:0F:45:3A:B9:EB:4E:4C:E4 Authority key identifier: 09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 Certificate issuer: /CN=A91CDAFB/serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Certificate serial: 019C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft Manifest number: 0199 Signing time: Mon 11 Aug 2025 03:28:02 +0000 Manifest this update: Mon 11 Aug 2025 03:28:01 +0000 Manifest next update: Mon 18 Aug 2025 03:28:01 +0000 Files and hashes: 1: CekFd0f2O6Ciga54ATZozt6kCrQ.crl (hash: kgkMmNMo38gF9VVNkQRvPqyilEQzspi9XodgFONAPYA=) 2: 2815D106041A11EEA67A6B4DC4F9AE02.roa (hash: SwrvoVYgU6/JlbNtHbJmqe4zyeb9jSsFgyQPBZNxoww=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 Aug 2025 03:28:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 412 (0x19c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CDAFB, serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Validity Not Before: Aug 11 03:28:01 2025 GMT Not After : Aug 18 03:28:01 2025 GMT Subject: CN=68996341-ac4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:61:02:17:c9:97:ba:0b:8e:29:43:49:ae:27: f9:fa:ca:1c:66:2c:6d:3a:b3:48:67:8f:11:d8:91: bc:8c:53:cf:e4:66:d8:58:de:0c:5a:5b:41:f5:da: dd:5f:93:c1:53:1d:1a:b9:e4:b7:ef:38:75:08:2f: 58:7d:79:e4:d7:2f:87:d2:61:32:73:7a:d2:20:cc: 43:f4:b3:6a:85:1d:d9:c3:cd:36:e3:b6:fa:8e:23: 4a:4a:5f:fa:ee:a7:b4:fa:84:c8:4b:7e:12:c7:bc: 4b:01:ca:9f:e0:9e:e5:ad:2c:78:6e:fc:1e:bd:55: 27:58:b1:1d:8b:f4:f9:d0:53:09:45:80:3f:09:96: 4e:76:df:b3:0a:c0:30:09:53:ad:97:c3:21:43:91: b4:32:f6:70:9d:d6:b5:20:b9:ae:87:aa:78:16:84: 25:c4:5c:19:e7:f7:1a:e0:bb:a2:1e:72:e2:74:59: d5:ca:96:d3:91:40:9d:b0:21:4f:d2:cc:58:4d:82: 9a:80:3d:91:23:3f:20:02:49:1b:89:e1:d9:cc:f4: 13:41:e5:76:e7:2f:82:af:16:17:a4:1b:e5:52:de: d0:24:24:30:93:a0:dd:fa:fa:69:9b:12:55:7e:ae: d2:12:c8:5c:41:dd:34:25:fa:1b:fe:da:21:0d:8f: 6e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:32:B7:16:80:53:AB:4D:64:20:CE:AE:0F:45:3A:B9:EB:4E:4C:E4 X509v3 Authority Key Identifier: keyid:09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:c7:32:e8:a9:60:43:e7:75:41:24:f5:14:9c:0d:52:db:66: c6:4b:03:5b:48:31:94:41:11:56:e7:fa:fd:c4:8c:12:ac:06: 78:e4:af:5f:99:a7:25:8d:cf:3b:28:01:a2:29:ac:0b:c6:4c: b3:8e:79:66:28:c7:c6:e8:02:d4:26:b7:25:fe:37:22:37:96: b3:8c:e2:86:4d:06:05:c8:14:e9:8e:d2:98:1b:a0:2d:20:d0: 27:9c:2e:cc:d9:3a:90:1b:0d:44:20:0d:ef:56:0b:f5:cf:29: 53:76:ed:2d:12:fb:21:7e:33:8a:02:d9:7d:8e:b4:e8:59:46: 33:16:fb:b5:5a:14:fd:11:5c:23:8f:77:f0:77:20:5c:79:38: 59:9f:38:22:ee:83:e0:e2:30:ce:6b:54:64:e8:8f:51:d2:94: 48:30:19:2a:e8:bd:72:42:89:c0:a9:d3:e8:ce:4f:46:b1:fd: 78:c0:19:89:6c:4c:10:18:d0:a4:d3:76:18:da:90:d1:b7:db: 64:3e:e0:81:18:9a:71:46:cf:f8:4f:0b:d8:27:65:f5:5c:8f: 3a:56:fe:e0:bf:a5:1f:5f:fc:9b:9f:1b:7b:bd:79:da:3a:7d: b0:bb:6b:d6:a5:98:86:1b:cd:22:6f:c0:c7:80:1c:a2:d5:a5: 16:48:df:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0RBRkIxMTAvBgNVBAUTKDA5RTkwNTc3NDdGNjNCQTBBMjgxQUU3ODAxMzY2OENF REVBNDBBQjQwHhcNMjUwODExMDMyODAxWhcNMjUwODE4MDMyODAxWjAYMRYwFAYD VQQDEw02ODk5NjM0MS1hYzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv2ECF8mXuguOKUNJrif5+socZixtOrNIZ48R2JG8jFPP5GbYWN4MWltB9drd X5PBUx0aueS37zh1CC9YfXnk1y+H0mEyc3rSIMxD9LNqhR3Zw80247b6jiNKSl/6 7qe0+oTIS34Sx7xLAcqf4J7lrSx4bvwevVUnWLEdi/T50FMJRYA/CZZOdt+zCsAw CVOtl8MhQ5G0MvZwnda1ILmuh6p4FoQlxFwZ5/ca4LuiHnLidFnVypbTkUCdsCFP 0sxYTYKagD2RIz8gAkkbieHZzPQTQeV25y+CrxYXpBvlUt7QJCQwk6Dd+vppmxJV fq7SEshcQd00Jfob/tohDY9uVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLwytxaA U6tNZCDOrg9FOrnrTkzkMB8GA1UdIwQYMBaAFAnpBXdH9jugooGueAE2aM7epAq0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDREFGQi9FQzBGNkEzODAz NDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82Q2lnYTU0QVRab3p0NmtD clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nla0ZkMGYyTzZDaWdhNTRBVFpvenQ2a0NyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD REFGQi9FQzBGNkEzODAzNDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82 Q2lnYTU0QVRab3p0NmtDclEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNxzLoqWBD53VBJPUUnA1S22bGSwNbSDGUQRFW5/r9xIwSrAZ45K9f macljc87KAGiKawLxkyzjnlmKMfG6ALUJrcl/jciN5azjOKGTQYFyBTpjtKYG6At INAnnC7M2TqQGw1EIA3vVgv1zylTdu0tEvshfjOKAtl9jrToWUYzFvu1WhT9EVwj j3fwdyBceThZnzgi7oPg4jDOa1Rk6I9R0pRIMBkq6L1yQonAqdPozk9Gsf14wBmJ bEwQGNCk03YY2pDRt9tkPuCBGJpxRs/4TwvYJ2X1XI86Vv7gv6UfX/ybnxt7vXna On2wu2vWpZiGG80ib8DHgByi1aUWSN9F -----END CERTIFICATE-----Generated at Wed Aug 13 02:45:14 2025 by rpki-client