$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: qOnFBPaOsDgUy+Eyz+UUd8g/21QaGj0VkMCMK4abRu0= Subject key identifier: 64:E0:8A:E1:85:A4:D0:28:36:1A:78:4D:44:85:CB:61:AD:47:68:B1 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 3598 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3514 Signing time: Fri 08 Aug 2025 14:16:20 +0000 Manifest this update: Fri 08 Aug 2025 14:16:20 +0000 Manifest next update: Fri 15 Aug 2025 14:16:20 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: OY5qMzSKPVEbuu+ECU+yd5v7lqHr4iiqC9tE8eXHzwA=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13720 (0x3598) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Aug 8 14:16:20 2025 GMT Not After : Aug 15 14:16:20 2025 GMT Subject: CN=689606b4-bc39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:a4:c5:4a:85:5c:d0:ee:d1:7a:08:30:0a:99: 82:c6:49:be:91:1e:13:31:ff:bf:39:9c:6f:c4:ee: 74:54:9c:ea:f6:df:62:47:50:2e:19:fd:4e:df:8c: 14:60:b2:9d:f4:49:bc:f6:ca:81:8b:9a:04:84:a4: ab:3e:79:1d:80:46:9b:e7:5f:c7:64:09:21:cc:0a: 32:43:8a:6d:a2:18:62:8a:e9:b6:a0:81:8c:ad:4c: 60:17:fc:23:4f:31:61:68:1a:8c:c8:fa:4b:88:f4: 0a:e2:fe:c7:4f:b8:c5:3c:9d:93:6b:e6:a0:bd:f8: a8:84:7a:33:47:d8:55:d5:31:58:5c:68:fe:01:4c: 17:ba:17:92:e5:d1:99:ae:cf:96:6f:a4:0a:b2:06: fe:c7:cb:55:90:d4:be:09:58:3d:67:63:d4:3d:b0: 33:73:45:c2:d9:d6:ec:77:51:f6:8f:82:9c:a3:23: 08:b4:d5:d7:31:67:46:13:df:77:58:7c:9d:57:7f: 25:a2:d7:f5:ba:b4:11:ae:e4:24:36:8c:61:08:df: 82:3e:0e:ab:32:7f:2a:23:3e:1f:f4:fb:fa:fa:d8: f4:0c:33:ac:48:e1:71:e7:e3:eb:4b:21:eb:f9:c2: be:00:fa:32:72:93:1c:11:2b:08:a5:7c:09:4b:14: 02:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:E0:8A:E1:85:A4:D0:28:36:1A:78:4D:44:85:CB:61:AD:47:68:B1 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:4a:ba:7e:5c:75:4f:12:2e:ca:89:64:dc:4a:81:d5:ab:bc: ad:74:d0:f2:2f:55:33:de:fd:04:a1:63:0e:3d:b8:b8:9a:39: 2d:ad:ce:21:14:8c:bc:2e:d1:e2:51:13:79:5c:1c:62:9a:da: 3e:f4:8d:c6:18:3c:d3:54:19:5d:66:09:d3:39:fd:22:57:80: ff:32:d3:e3:71:06:e0:55:04:95:21:72:a5:9f:c1:a8:9a:97: fa:f3:2f:f5:28:8b:80:90:38:86:82:c9:aa:00:44:1b:08:75: f5:51:3e:3d:b0:59:50:9a:33:b4:d1:bc:67:88:cd:88:0e:79: e5:e3:71:98:3c:12:d0:ee:20:ba:9e:01:32:0d:9c:af:2b:da: 8b:6c:a5:f7:bb:de:66:35:cf:f1:57:f4:03:03:e2:a7:94:0c: 6c:07:5d:b7:20:24:89:66:82:84:38:c2:39:c4:eb:44:55:aa: e8:07:ff:d7:dc:da:fa:9c:b3:78:97:bc:d5:76:be:b6:0a:53: f9:ca:16:c0:e8:60:5d:ff:fe:76:20:48:14:7c:ec:51:4d:42: 7e:2d:df:4b:a7:68:95:9a:f4:da:fb:ca:8e:dd:e0:c3:98:be: c4:53:3b:a7:01:8a:30:75:17:3c:ba:c6:92:88:dd:7c:52:b0: 32:b0:4a:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwODA4MTQxNjIwWhcNMjUwODE1MTQxNjIwWjAYMRYwFAYD VQQDEw02ODk2MDZiNC1iYzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzaTFSoVc0O7ReggwCpmCxkm+kR4TMf+/OZxvxO50VJzq9t9iR1AuGf1O34wU YLKd9Em89sqBi5oEhKSrPnkdgEab51/HZAkhzAoyQ4ptohhiium2oIGMrUxgF/wj TzFhaBqMyPpLiPQK4v7HT7jFPJ2Ta+agvfiohHozR9hV1TFYXGj+AUwXuheS5dGZ rs+Wb6QKsgb+x8tVkNS+CVg9Z2PUPbAzc0XC2dbsd1H2j4KcoyMItNXXMWdGE993 WHydV38lotf1urQRruQkNoxhCN+CPg6rMn8qIz4f9Pv6+tj0DDOsSOFx5+PrSyHr +cK+APoycpMcESsIpXwJSxQCPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGTgiuGF pNAoNhp4TUSFy2GtR2ixMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBWSrp+XHVPEi7KiWTcSoHVq7ytdNDyL1Uz3v0EoWMOPbi4mjktrc4h FIy8LtHiURN5XBximto+9I3GGDzTVBldZgnTOf0iV4D/MtPjcQbgVQSVIXKln8Go mpf68y/1KIuAkDiGgsmqAEQbCHX1UT49sFlQmjO00bxniM2IDnnl43GYPBLQ7iC6 ngEyDZyvK9qLbKX3u95mNc/xV/QDA+KnlAxsB123ICSJZoKEOMI5xOtEVaroB//X 3Nr6nLN4l7zVdr62ClP5yhbA6GBd//52IEgUfOxRTUJ+Ld9Lp2iVmvTa+8qO3eDD mL7EUzunAYowdRc8usaSiN18UrAysEq4 -----END CERTIFICATE-----Generated at Sun Aug 10 10:46:52 2025 by rpki-client