$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft File: 5TfQw0j9fcSfX8OwBmoxxYT64as.mft (raw, json) Hash identifier: 7qxyhqMvjsK+YlcCTP6Ck66ADnEz2lh7YQkvaYQQ57Y= Subject key identifier: 96:98:AA:4A:1F:C4:75:3B:8E:69:2B:FD:6A:99:C5:CD:20:0B:25:6E Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB Certificate issuer: /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB Certificate serial: 0C7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft Manifest number: 0C6D Signing time: Wed 06 Aug 2025 18:34:50 +0000 Manifest this update: Wed 06 Aug 2025 18:34:50 +0000 Manifest next update: Wed 13 Aug 2025 18:34:50 +0000 Files and hashes: 1: 5TfQw0j9fcSfX8OwBmoxxYT64as.crl (hash: w1HPfHKjFYdaf/8AJOVmqsJJlk3zIIISkxRhD3tjpj0=) 2: F3529CDCAE1511EE92D99E46C4F9AE02.roa (hash: hTD7DjMK2EnPCWqJypUdiJk7jUHRPt10GcfYU8sN4po=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 18:34:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3194 (0xc7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4345, serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB Validity Not Before: Aug 6 18:34:50 2025 GMT Not After : Aug 13 18:34:50 2025 GMT Subject: CN=6893a04a-629b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:83:5d:89:15:af:ff:18:da:14:b0:9b:9a:95: 64:86:1b:e3:eb:00:81:51:e6:f1:60:0d:fa:5a:6c: c7:fa:e5:3d:bd:75:3d:13:8a:fe:28:99:75:2e:bb: 84:f1:9a:2b:53:be:93:e4:45:12:7c:5a:6f:27:88: 6d:b7:cd:aa:f7:91:42:34:df:2d:f9:ca:e0:aa:47: 72:ae:86:56:69:bc:ea:c9:32:4c:28:42:a9:b8:1f: e5:d8:f9:d4:15:20:a2:fb:98:32:da:3e:76:a0:13: 55:24:6d:d3:9c:fc:09:eb:12:7e:3d:45:2b:05:04: 0f:bc:8f:9a:ba:e7:44:81:a9:54:d8:69:f5:58:6a: ba:b8:04:02:5a:1f:4e:52:ef:ce:40:e0:86:f0:c2: 44:31:54:ad:ca:ed:50:31:17:43:6a:77:59:28:1a: 99:73:46:05:c5:f9:29:d1:7c:ed:d4:5c:cf:b6:8b: b0:fb:82:c6:05:c1:14:c7:ce:38:fa:34:d7:28:88: 5b:33:92:2e:02:5f:d9:ef:4e:2b:80:bf:77:e7:1f: 3b:99:83:ba:31:68:90:30:15:30:e9:f1:11:e4:f2: 82:97:4f:b6:46:6a:bc:76:0d:40:23:a1:de:0f:e7: f7:b9:34:6b:67:66:54:99:c0:6e:f6:ae:a7:85:3b: 61:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:98:AA:4A:1F:C4:75:3B:8E:69:2B:FD:6A:99:C5:CD:20:0B:25:6E X509v3 Authority Key Identifier: keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:1d:63:12:87:0b:c8:53:7a:c0:b6:8d:b3:53:39:87:96:25: 32:26:8e:64:57:c5:5f:c4:1f:02:e1:f6:77:7e:53:2b:72:ee: ec:42:79:11:66:4c:28:6c:5e:83:b6:27:0d:9b:a9:83:80:1f: b2:99:8c:d7:46:60:0d:b1:22:7e:ed:58:a0:3b:07:91:da:43: fd:22:13:e6:f0:34:3b:f6:38:c6:c2:ec:20:50:83:6c:91:5a: 14:50:28:50:92:a1:8a:39:8a:82:0c:25:7a:44:15:6b:a8:f3: c7:46:0a:d7:71:51:13:30:8b:1e:70:5b:a3:be:91:64:81:a8: 69:88:f6:f8:69:08:fc:8f:6a:01:fa:b9:97:7f:f7:92:fb:be: 8f:62:bb:f2:f0:e9:cc:2e:b7:8b:4d:d4:05:5c:c0:75:70:cb: e3:33:70:b0:ac:be:0f:e8:62:68:2f:29:05:fb:b1:c4:ba:63: d5:e6:99:ed:a9:e4:25:38:f0:cc:d6:d7:9e:ec:50:99:c8:37: 8b:94:31:89:a2:c2:55:11:06:56:23:72:84:69:8e:69:32:be: 01:d1:a7:c0:4e:28:6b:80:28:5a:d6:5f:54:bc:54:64:31:52: 04:a8:d5:40:b9:71:1c:ac:d5:8b:7e:71:c0:d9:1d:65:41:3c: 65:b1:5a:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1 ODRGQUUxQUIwHhcNMjUwODA2MTgzNDUwWhcNMjUwODEzMTgzNDUwWjAYMRYwFAYD VQQDEw02ODkzYTA0YS02MjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtYNdiRWv/xjaFLCbmpVkhhvj6wCBUebxYA36WmzH+uU9vXU9E4r+KJl1LruE 8ZorU76T5EUSfFpvJ4htt82q95FCNN8t+crgqkdyroZWabzqyTJMKEKpuB/l2PnU FSCi+5gy2j52oBNVJG3TnPwJ6xJ+PUUrBQQPvI+auudEgalU2Gn1WGq6uAQCWh9O Uu/OQOCG8MJEMVStyu1QMRdDandZKBqZc0YFxfkp0Xzt1FzPtouw+4LGBcEUx844 +jTXKIhbM5IuAl/Z704rgL935x87mYO6MWiQMBUw6fER5PKCl0+2Rmq8dg1AI6He D+f3uTRrZ2ZUmcBu9q6nhTthLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJaYqkof xHU7jmkr/WqZxc0gCyVuMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1 MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0 YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDM0NS9FQzc4Q0REQTA1MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZj U2ZYOE93Qm1veHhZVDY0YXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzHWMShwvIU3rAto2zUzmHliUyJo5kV8VfxB8C4fZ3flMrcu7sQnkR ZkwobF6DticNm6mDgB+ymYzXRmANsSJ+7VigOweR2kP9IhPm8DQ79jjGwuwgUINs kVoUUChQkqGKOYqCDCV6RBVrqPPHRgrXcVETMIsecFujvpFkgahpiPb4aQj8j2oB +rmXf/eS+76PYrvy8OnMLreLTdQFXMB1cMvjM3CwrL4P6GJoLykF+7HEumPV5pnt qeQlOPDM1tee7FCZyDeLlDGJosJVEQZWI3KEaY5pMr4B0afATihrgCha1l9UvFRk MVIEqNVAuXEcrNWLfnHA2R1lQTxlsVqH -----END CERTIFICATE-----Generated at Fri Aug 8 10:13:16 2025 by rpki-client