$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.mft File: GVL9OFMmo9kd2kXDemIlOWPD9jg.mft (raw, json) Hash identifier: h17ut1KDwvtzvNSUcLoDhGwM614f4QvnYsNsqXMShvQ= Subject key identifier: A6:23:BF:EE:6D:A7:73:8B:15:A5:F0:0D:3E:36:2E:5F:E2:CE:FD:F6 Authority key identifier: 19:52:FD:38:53:26:A3:D9:1D:DA:45:C3:7A:62:25:39:63:C3:F6:38 Certificate issuer: /CN=A91DD00E/serialNumber=1952FD385326A3D91DDA45C37A62253963C3F638 Certificate serial: 1597 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GVL9OFMmo9kd2kXDemIlOWPD9jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.mft Manifest number: 158D Signing time: Sat 02 Aug 2025 16:55:57 +0000 Manifest this update: Sat 02 Aug 2025 16:55:57 +0000 Manifest next update: Sat 09 Aug 2025 16:55:57 +0000 Files and hashes: 1: GVL9OFMmo9kd2kXDemIlOWPD9jg.crl (hash: 8eVAvO8SAMUeD/VGmZtSLcWpaNWCfCTjzff/aDnzVlk=) 2: 7482AB4A3DC511EB8276EA19C4F9AE02.roa (hash: xdBFNPkazDP5YP2MUntpZBwPWV+oy0u7bSlxk8ZVSa8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.crl rsync://rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GVL9OFMmo9kd2kXDemIlOWPD9jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 16:55:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5527 (0x1597) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD00E, serialNumber=1952FD385326A3D91DDA45C37A62253963C3F638 Validity Not Before: Aug 2 16:55:57 2025 GMT Not After : Aug 9 16:55:57 2025 GMT Subject: CN=688e431d-1bc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3e:7c:59:43:38:aa:b8:20:38:8b:67:72:2d: cc:c0:93:b6:55:ff:f4:28:6c:a6:5a:0e:39:74:f6: f0:53:44:ad:91:e8:36:8d:ec:9e:aa:aa:91:ca:c2: 8d:e2:81:e6:36:83:b6:37:ee:cd:6f:64:c5:87:c6: 03:ec:a7:09:d6:39:62:0e:d7:d7:68:ea:68:c0:00: 48:64:b8:28:3c:f7:dd:07:e5:03:70:24:61:8a:41: 63:22:c5:f8:4a:3e:57:0d:56:3f:df:3f:d9:50:d4: d0:de:67:7b:e5:e0:0c:b5:f6:fb:75:5a:93:07:9b: 02:31:dc:f1:89:d9:e0:0c:26:39:01:29:f8:66:2d: 06:09:88:bf:73:19:c0:3e:c8:8f:86:a3:cc:6b:39: 93:6d:b0:0a:8f:c0:bc:08:ab:3d:31:48:84:3f:ab: d7:b6:f7:49:4e:53:32:eb:69:9d:41:21:38:aa:b5: bf:9e:99:1b:ac:8a:4b:1c:35:cd:8c:90:91:b0:37: 79:b9:1d:4c:ca:ef:8f:fa:a2:1c:29:72:ad:fb:00: aa:79:e9:f1:f0:d3:20:08:08:1e:1f:01:16:cf:91: fd:ab:8f:e5:d3:54:cb:c1:f2:b1:f6:3d:2a:3d:c5: 78:97:3a:24:f0:8e:93:46:f2:58:3b:46:8e:35:3a: ef:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:23:BF:EE:6D:A7:73:8B:15:A5:F0:0D:3E:36:2E:5F:E2:CE:FD:F6 X509v3 Authority Key Identifier: keyid:19:52:FD:38:53:26:A3:D9:1D:DA:45:C3:7A:62:25:39:63:C3:F6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GVL9OFMmo9kd2kXDemIlOWPD9jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD00E/800E3F7238E311E88977FB0FC4F9AE02/GVL9OFMmo9kd2kXDemIlOWPD9jg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:d9:81:3c:6b:a3:50:52:be:01:82:85:75:06:84:58:2f:1e: 42:7a:dd:e6:78:87:d9:cd:c7:9c:8e:1f:a4:a9:13:bd:ed:0a: 24:29:41:db:cc:90:a6:61:41:bb:c6:e9:e1:ce:12:12:f7:87: 08:f4:bd:da:5a:13:6e:83:72:9d:7a:9e:ea:65:96:81:8f:66: 9d:a1:d2:86:67:e9:9b:37:c5:48:64:52:4b:8a:3b:c5:ea:31: b1:32:c3:cb:f5:09:8f:72:4f:95:54:2e:bc:a5:14:ef:f8:1e: c7:a1:73:87:f5:89:64:5f:9f:a3:09:64:e6:07:76:f1:8e:c9: 69:c4:1f:fb:b5:3e:cf:7d:76:7e:44:85:7f:8b:96:6a:1a:71: 9f:11:6a:34:f8:56:9b:6f:74:4a:52:8d:aa:88:9e:d4:c2:ec: 3e:e6:36:b9:f9:9d:42:17:db:42:1e:4f:aa:70:ca:f6:cb:3c: 39:be:93:07:72:79:e2:5d:1c:92:20:e2:99:05:b0:75:dd:0b: fc:70:50:f1:da:f9:40:88:9d:42:f2:3a:fe:bb:94:c9:a5:77: f9:40:7f:7c:97:7f:94:07:d2:b7:67:1e:34:68:7f:83:6b:ea: 43:b2:0c:65:9d:98:bc:4a:46:e6:59:91:7f:4f:fd:a7:86:4d: 9e:05:f6:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQwMEUxMTAvBgNVBAUTKDE5NTJGRDM4NTMyNkEzRDkxRERBNDVDMzdBNjIyNTM5 NjNDM0Y2MzgwHhcNMjUwODAyMTY1NTU3WhcNMjUwODA5MTY1NTU3WjAYMRYwFAYD VQQDEw02ODhlNDMxZC0xYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzz58WUM4qrggOItnci3MwJO2Vf/0KGymWg45dPbwU0Stkeg2jeyeqqqRysKN 4oHmNoO2N+7Nb2TFh8YD7KcJ1jliDtfXaOpowABIZLgoPPfdB+UDcCRhikFjIsX4 Sj5XDVY/3z/ZUNTQ3md75eAMtfb7dVqTB5sCMdzxidngDCY5ASn4Zi0GCYi/cxnA PsiPhqPMazmTbbAKj8C8CKs9MUiEP6vXtvdJTlMy62mdQSE4qrW/npkbrIpLHDXN jJCRsDd5uR1Myu+P+qIcKXKt+wCqeenx8NMgCAgeHwEWz5H9q4/l01TLwfKx9j0q PcV4lzok8I6TRvJYO0aONTrvgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKYjv+5t p3OLFaXwDT42Ll/izv32MB8GA1UdIwQYMBaAFBlS/ThTJqPZHdpFw3piJTljw/Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDAwRS84MDBFM0Y3MjM4 RTMxMUU4ODk3N0ZCMEZDNEY5QUUwMi9HVkw5T0ZNbW85a2Qya1hEZW1JbE9XUEQ5 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dWTDlPRk1tbzlrZDJrWERlbUlsT1dQRDlqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDAwRS84MDBFM0Y3MjM4RTMxMUU4ODk3N0ZCMEZDNEY5QUUwMi9HVkw5T0ZNbW85 a2Qya1hEZW1JbE9XUEQ5amcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAx2YE8a6NQUr4BgoV1BoRYLx5Cet3meIfZzcecjh+kqRO97QokKUHb zJCmYUG7xunhzhIS94cI9L3aWhNug3Kdep7qZZaBj2adodKGZ+mbN8VIZFJLijvF 6jGxMsPL9QmPck+VVC68pRTv+B7HoXOH9YlkX5+jCWTmB3bxjslpxB/7tT7PfXZ+ RIV/i5ZqGnGfEWo0+Fabb3RKUo2qiJ7Uwuw+5ja5+Z1CF9tCHk+qcMr2yzw5vpMH cnniXRySIOKZBbB13Qv8cFDx2vlAiJ1C8jr+u5TJpXf5QH98l3+UB9K3Zx40aH+D a+pDsgxlnZi8SkbmWZF/T/2nhk2eBfbD -----END CERTIFICATE-----Generated at Mon Aug 4 16:02:07 2025 by rpki-client