$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft File: X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft (raw, json) Hash identifier: idYKcpav9XfVvD38vlc3YY3SiAfLD88FKjPJDAnMX2w= Subject key identifier: 78:2C:53:83:1A:2E:E7:0F:A4:E4:2F:0D:9D:67:F4:F4:1C:98:DD:81 Authority key identifier: 5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D Certificate issuer: /CN=A91DF856/serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft Manifest number: 3A Signing time: Sat 09 Aug 2025 08:03:16 +0000 Manifest this update: Sat 09 Aug 2025 08:03:16 +0000 Manifest next update: Sat 16 Aug 2025 08:03:15 +0000 Files and hashes: 1: X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl (hash: NMF2QRmTRL8r6r3IUGelau/6i8VD1aIAP9oBoAclnDQ=) 2: B245BA601C4311F08254DE40C4F9AE02.roa (hash: cR1hA1Kx4PPiBeW49KPuxZm4E1WoNdgwAMLfYPZP980=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF856, serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Validity Not Before: Aug 9 08:03:16 2025 GMT Not After : Aug 16 08:03:15 2025 GMT Subject: CN=689700c4-719b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:09:51:c0:db:37:4d:2b:04:a1:0d:dd:3b:a5: eb:00:27:cd:55:9f:eb:c6:62:63:d4:50:5f:d8:b1: 86:d5:4d:83:12:c2:52:70:5f:85:12:9e:38:df:f1: 73:8e:73:6b:af:04:4e:6d:dd:d7:00:6a:e8:ea:b3: 0c:ec:4c:4b:a5:a9:f2:79:f2:83:93:10:f1:ac:b6: f3:98:da:4b:73:e6:b8:5d:11:99:13:3d:99:f3:16: d4:f6:6c:7f:52:2f:ce:a7:de:1c:bc:33:b1:1e:37: aa:b3:35:ac:ff:24:fc:15:f3:6c:92:17:30:d2:8a: 5b:10:1b:bc:b5:24:f0:1d:de:6d:f2:4f:0c:2f:d8: b8:3b:69:dd:87:e0:38:25:bc:cf:86:41:6d:34:b8: 88:0c:84:ad:06:cc:7c:83:76:a2:0e:ef:dc:ae:3a: cc:b2:64:a1:00:35:00:8c:79:26:48:48:a9:42:30: 48:3b:d4:88:4c:82:10:c9:23:dd:72:d8:2c:c3:0d: 4d:2b:9b:9f:5e:85:c5:e8:87:61:de:c6:f2:c9:14: 1e:df:75:b6:04:8a:e6:7d:1d:0c:1a:0a:e0:c5:c4: 1e:8b:20:63:6a:32:8a:e4:79:c5:cd:95:dc:4f:e7: 40:dc:56:e1:fa:ff:11:90:08:1d:b5:f8:5f:e9:6a: d2:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:2C:53:83:1A:2E:E7:0F:A4:E4:2F:0D:9D:67:F4:F4:1C:98:DD:81 X509v3 Authority Key Identifier: keyid:5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:23:8a:70:01:bb:2f:aa:09:17:47:72:a9:5b:53:99:96:01: 26:24:6c:0b:55:65:eb:9e:bf:01:0f:32:0b:6a:eb:89:e1:9a: b3:98:70:08:72:af:58:1b:f7:87:18:29:5c:b1:52:03:ca:2b: 56:31:16:30:7a:25:7c:00:32:fb:5e:db:8a:0e:55:51:2b:84: b3:ca:b4:ae:50:4e:22:6f:9a:2b:dc:ec:f2:33:5f:22:89:e3: bb:ac:04:0e:d4:73:e8:69:4e:e1:b9:e7:1e:ca:d4:60:1d:65: 12:38:77:7a:27:9b:63:c1:38:15:3b:fc:5d:11:b6:d0:95:a0: 32:33:ca:8e:d4:11:56:9b:76:7a:37:99:6d:7c:76:00:39:ae: d5:7e:82:9d:d0:b5:f7:54:7e:0d:a0:d1:10:6d:a5:4d:1a:f7: 9a:eb:2a:dd:de:36:9a:57:af:82:f6:49:22:3a:93:2c:a7:11: 6f:9b:2c:86:81:b7:aa:60:68:b4:95:27:85:2a:a6:30:23:94: fc:21:82:e5:b7:1c:08:53:14:6e:be:52:91:18:09:1c:0b:2d: a9:95:a1:11:1e:47:f0:8b:6c:b0:44:bc:68:c7:d1:30:46:d9: 12:24:3d:dc:02:77:0c:33:cc:ec:7b:ad:01:5c:7a:92:33:10: 58:48:40:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE Rjg1NjExMC8GA1UEBRMoNUY2OTkxODZBMkVCQ0Q0NUIxRkY2QTBBNEFGNjA2MDZG M0IzRDA4RDAeFw0yNTA4MDkwODAzMTZaFw0yNTA4MTYwODAzMTVaMBgxFjAUBgNV BAMTDTY4OTcwMGM0LTcxOWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClCVHA2zdNKwShDd07pesAJ81Vn+vGYmPUUF/YsYbVTYMSwlJwX4USnjjf8XOO c2uvBE5t3dcAaujqswzsTEulqfJ58oOTEPGstvOY2ktz5rhdEZkTPZnzFtT2bH9S L86n3hy8M7EeN6qzNaz/JPwV82ySFzDSilsQG7y1JPAd3m3yTwwv2Lg7ad2H4Dgl vM+GQW00uIgMhK0GzHyDdqIO79yuOsyyZKEANQCMeSZISKlCMEg71IhMghDJI91y 2CzDDU0rm59ehcXoh2HexvLJFB7fdbYEiuZ9HQwaCuDFxB6LIGNqMorkecXNldxP 50DcVuH6/xGQCB21+F/patKbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUeCxTgxou 5w+k5C8NnWf09ByY3YEwHwYDVR0jBBgwFoAUX2mRhqLrzUWx/2oKSvYGBvOz0I0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGODU2L0VGRjJBMEEwMUM0 MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVXeF8yb0tTdllHQnZPejBJ MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWDJtUmhxTHJ6VVd4XzJvS1N2WUdCdk96MEkwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURG ODU2L0VGRjJBMEEwMUM0MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVX eF8yb0tTdllHQnZPejBJMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKEjinABuy+qCRdHcqlbU5mWASYkbAtVZeuevwEPMgtq64nhmrOYcAhy r1gb94cYKVyxUgPKK1YxFjB6JXwAMvte24oOVVErhLPKtK5QTiJvmivc7PIzXyKJ 47usBA7Uc+hpTuG55x7K1GAdZRI4d3onm2PBOBU7/F0RttCVoDIzyo7UEVabdno3 mW18dgA5rtV+gp3QtfdUfg2g0RBtpU0a95rrKt3eNppXr4L2SSI6kyynEW+bLIaB t6pgaLSVJ4UqpjAjlPwhguW3HAhTFG6+UpEYCRwLLamVoREeR/CLbLBEvGjH0TBG 2RIkPdwCdwwzzOx7rQFcepIzEFhIQMc= -----END CERTIFICATE-----Generated at Sat Aug 9 10:48:23 2025 by rpki-client