$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft File: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft (raw, json) Hash identifier: IOSj9al/h6CcFMTSCRXwtG/dNrcsdVH4I4eQsmahlzM= Subject key identifier: 8B:3A:17:DD:53:73:02:3D:FE:7A:FC:42:F3:87:EC:28:9F:A1:D3:57 Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 356A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft Manifest number: 3505 Signing time: Wed 06 Aug 2025 14:54:32 +0000 Manifest this update: Wed 06 Aug 2025 14:54:32 +0000 Manifest next update: Wed 13 Aug 2025 14:54:32 +0000 Files and hashes: 1: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl (hash: h7GH+tJMEXhF08DyBu4d+NU07ZD8cn5C/8UgqFsKrB0=) 2: 64E2B628BE4911EE897F291BC4F9AE02.roa (hash: oj9MA2Xl79Ulu/1U7XExVD59vw2GZhJkFrHTogIDTCg=) 3: E6F73E22B99E11EEBF189021C4F9AE02.roa (hash: 1mDu3Q1bdiSa3axtc15ZDTGlc4zW4OxSySLPwHbTbvE=) 4: DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa (hash: 3IhKk2ns73ug1cPcItokkvNYGQWI9rs7b4nF6YtsTSc=) 5: D79607EEDCDD11EE85DBEB12C4F9AE02.roa (hash: vltJ7Buw53igWVIfCgs9blss6VeKEkgF9l7xhGZDnwo=) 6: 29F7413CBB6011EEB59E5D81C4F9AE02.roa (hash: ZqgeyChgSkuAuEy8E4XBqCcFOmGTEjV9SXx7odN3pv4=) 7: D1EE6884F06C11EEA5BAA656C4F9AE02.roa (hash: 8K4hb6GJHcWswysfKKK+VFXlsdhKy8EjS5fIz+8731Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 14:54:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13674 (0x356a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: Aug 6 14:54:32 2025 GMT Not After : Aug 13 14:54:32 2025 GMT Subject: CN=68936ca8-af45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:87:64:8e:ef:8e:2e:71:9a:ea:f3:3d:62:61: 76:ac:09:0e:69:8d:36:96:55:64:c1:bc:e5:d5:28: d6:a3:1f:22:a1:cd:1c:12:df:1d:66:fe:54:aa:da: e8:fa:78:d7:a9:67:08:bf:f9:05:6c:b4:b8:76:89: f5:7f:08:21:38:d5:8a:9e:eb:71:4f:6c:31:3e:5f: 13:cd:b4:81:13:25:fe:8d:be:45:c4:07:1c:ca:21: 10:17:88:b5:a1:6e:d1:b9:2c:83:3c:7b:3d:2a:d0: 68:a1:40:f7:37:41:22:a1:34:1b:9f:ff:e0:2b:13: 69:ff:4f:6f:80:45:b4:28:ab:7e:27:5a:56:60:f7: b6:3b:0e:ea:bd:e7:55:cc:39:8c:ce:57:0e:5d:07: 2a:77:ca:90:ff:fa:65:5e:75:65:cc:5f:64:90:b9: 4f:c3:03:05:57:72:bc:1d:2d:4c:a9:2e:e1:70:87: f7:fa:9e:71:69:e1:59:fa:25:8d:07:7f:cb:41:c1: 62:95:0b:c6:31:7b:f8:7a:6b:db:ff:e4:d0:d8:b7: 0f:f1:ba:de:b9:3c:1f:db:ad:da:be:6f:40:14:bb: d4:13:8b:a4:e7:34:ee:d0:44:52:30:56:4e:bb:98: 49:84:17:2e:1b:98:eb:bd:b8:98:8f:24:20:83:d7: 8d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:3A:17:DD:53:73:02:3D:FE:7A:FC:42:F3:87:EC:28:9F:A1:D3:57 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:a7:41:2a:c5:0f:8a:ac:8a:05:8a:f7:81:81:31:d8:52:e1: 1b:38:54:01:b7:99:11:49:d1:3e:70:66:9d:e0:38:e2:13:18: 37:83:e1:7a:46:8a:ec:a1:3e:7c:7d:83:43:2c:78:e9:99:be: 2c:f3:0d:0c:f8:b9:d4:ac:a9:d1:d0:ef:35:54:a1:e9:1f:ac: 72:47:39:a9:cf:b5:be:d5:df:01:2f:40:df:90:fb:42:70:8d: e1:fa:54:28:c5:ad:0c:44:fe:1d:47:ec:4a:05:ba:38:01:d0: 09:e3:8d:ec:63:05:3e:9e:71:51:a2:27:36:4f:65:8b:d9:ce: 7a:4d:77:89:1a:56:2e:a6:ca:4b:1a:f7:23:78:f6:c4:f8:04: 84:26:fc:ff:c6:fd:ec:67:a6:59:5a:66:07:4c:68:f3:21:fe: 28:7a:65:64:47:72:54:be:fa:1d:c2:83:4c:39:1f:1a:d6:6f: e0:96:02:89:19:73:09:02:a4:81:16:ef:ff:f4:26:14:c6:63: 8b:d6:d6:2c:99:8b:f5:f5:1d:d1:d3:8d:21:cd:17:f5:e9:7b: 74:10:ca:c8:c5:27:52:a5:bd:54:f7:86:71:a0:55:ca:83:30: b8:59:9a:fd:c1:66:b6:cd:4a:57:5d:aa:a5:d9:3f:76:92:bf: e4:85:a4:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjUwODA2MTQ1NDMyWhcNMjUwODEzMTQ1NDMyWjAYMRYwFAYD VQQDEw02ODkzNmNhOC1hZjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzYdkju+OLnGa6vM9YmF2rAkOaY02llVkwbzl1SjWox8ioc0cEt8dZv5Uqtro +njXqWcIv/kFbLS4don1fwghONWKnutxT2wxPl8TzbSBEyX+jb5FxAccyiEQF4i1 oW7RuSyDPHs9KtBooUD3N0EioTQbn//gKxNp/09vgEW0KKt+J1pWYPe2Ow7qvedV zDmMzlcOXQcqd8qQ//plXnVlzF9kkLlPwwMFV3K8HS1MqS7hcIf3+p5xaeFZ+iWN B3/LQcFilQvGMXv4emvb/+TQ2LcP8breuTwf263avm9AFLvUE4uk5zTu0ERSMFZO u5hJhBcuG5jrvbiYjyQgg9eNXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIs6F91T cwI9/nr8QvOH7CifodNXMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTk3OC8zMjIzRjM1RTFEOTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMy bVZJc2s5Sm5jX0RmZzVicjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASp0EqxQ+KrIoFiveBgTHYUuEbOFQBt5kRSdE+cGad4DjiExg3g+F6 RorsoT58fYNDLHjpmb4s8w0M+LnUrKnR0O81VKHpH6xyRzmpz7W+1d8BL0DfkPtC cI3h+lQoxa0MRP4dR+xKBbo4AdAJ443sYwU+nnFRoic2T2WL2c56TXeJGlYupspL GvcjePbE+ASEJvz/xv3sZ6ZZWmYHTGjzIf4oemVkR3JUvvodwoNMOR8a1m/glgKJ GXMJAqSBFu//9CYUxmOL1tYsmYv19R3R040hzRf16Xt0EMrIxSdSpb1U94ZxoFXK gzC4WZr9wWa2zUpXXaql2T92kr/khaRz -----END CERTIFICATE-----Generated at Thu Aug 7 05:09:34 2025 by rpki-client