$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: M5akm/iSFzFkMlG7PtIztpkgkiG/3sfAj0EX+VqTjkw= Subject key identifier: 74:EA:E4:5C:07:40:F2:8C:C8:D3:E8:DE:F7:E7:56:32:7A:B3:35:C1 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 02DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 02D6 Signing time: Wed 13 Aug 2025 01:54:31 +0000 Manifest this update: Wed 13 Aug 2025 01:54:31 +0000 Manifest next update: Wed 20 Aug 2025 01:54:31 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: Ht523i7FJc/J2KJO5GSzigFqB/aZno2ooQUirp56Y4s=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: iVRqxqRDbn6K8sleGw8ykyX5wSW8dSg7Li1MPpVmJsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Aug 2025 01:54:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 732 (0x2dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: Aug 13 01:54:31 2025 GMT Not After : Aug 20 01:54:31 2025 GMT Subject: CN=689bf057-50f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:df:f1:3f:d7:e1:b0:77:1c:fc:b1:c0:01:76: f7:b0:30:25:5a:ad:7d:f8:78:49:b7:f6:a1:b5:30: 5c:d3:82:8c:f2:c0:01:6c:cf:55:98:a6:2c:98:b7: cb:aa:dd:45:9d:67:8f:5b:7d:41:67:db:e3:e1:99: 4b:88:0f:ed:b4:2a:52:1d:22:e0:04:f1:93:60:27: 37:cb:c3:37:0b:70:4d:c6:95:1b:0f:40:0d:92:66: 55:2b:ba:58:d6:ed:9c:80:b1:f2:19:40:a8:b3:c9: e6:cc:b0:49:90:e9:84:05:93:80:60:71:54:f5:9e: 42:60:8a:03:aa:17:44:36:f7:ea:d8:63:3f:eb:a3: 9b:87:19:d1:24:7b:14:89:d7:9c:77:14:1f:fb:74: 97:b6:b2:a8:06:aa:1f:a9:29:81:2d:23:e3:20:4d: dc:15:dc:10:56:3d:22:ca:cd:78:b0:6d:ac:ee:ff: 80:33:9a:eb:97:ea:a9:45:39:42:62:49:b3:79:dd: 7b:cf:f4:d0:94:4e:36:0f:43:75:f6:f2:14:07:99: d7:bc:6b:d3:bd:26:c8:3c:00:78:39:a8:85:8f:72: 3d:f6:3f:a0:ed:d0:d8:92:4c:4b:e5:1b:61:e8:e1: be:8f:09:c1:92:43:2e:5a:8f:e6:44:4b:76:45:a1: d1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:EA:E4:5C:07:40:F2:8C:C8:D3:E8:DE:F7:E7:56:32:7A:B3:35:C1 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:ea:18:31:5c:f0:3f:c6:93:5b:29:17:b0:bf:2d:b3:b4:ac: f8:52:fe:23:a3:f9:8b:32:c1:bb:e7:24:26:05:af:f3:58:fc: 75:a2:fd:62:7d:1e:70:d5:76:6b:70:6a:db:cd:80:d8:60:60: af:58:38:14:cb:f1:e9:f3:ad:f0:e8:99:3e:c0:ad:4a:0f:9d: b2:06:44:02:70:f3:79:71:e9:93:32:a1:8d:17:b2:ef:cb:19: 73:cf:16:cb:ce:05:22:66:ae:1c:7d:e5:6a:41:5d:9b:c5:49: 61:47:1e:6d:e6:93:0e:a7:6a:c4:12:00:1f:d9:f1:46:d1:68: e0:b6:00:0e:cb:bd:fb:ce:1a:e5:24:94:50:e3:2a:88:e7:2f: 02:65:f1:f8:3a:22:26:d3:f6:ac:ec:68:3d:a7:21:96:9b:aa: dd:14:99:47:49:00:5b:71:6e:8b:b5:62:d3:d0:2f:de:82:b0: ba:15:c9:63:4e:6e:6e:fd:93:23:46:52:bd:44:c8:b7:9b:bf: dd:68:42:28:ef:48:75:e5:a1:76:42:6e:4f:30:f4:64:3e:ab: 34:0b:c9:4a:83:8f:3f:6f:1d:8e:80:05:39:26:13:26:e4:d2: dd:7a:31:4f:19:73:e7:bf:ff:45:e9:29:97:1b:db:3e:d1:c8: d5:1f:ac:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUwODEzMDE1NDMxWhcNMjUwODIwMDE1NDMxWjAYMRYwFAYD VQQDEw02ODliZjA1Ny01MGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9t/xP9fhsHcc/LHAAXb3sDAlWq19+HhJt/ahtTBc04KM8sABbM9VmKYsmLfL qt1FnWePW31BZ9vj4ZlLiA/ttCpSHSLgBPGTYCc3y8M3C3BNxpUbD0ANkmZVK7pY 1u2cgLHyGUCos8nmzLBJkOmEBZOAYHFU9Z5CYIoDqhdENvfq2GM/66ObhxnRJHsU idecdxQf+3SXtrKoBqofqSmBLSPjIE3cFdwQVj0iys14sG2s7v+AM5rrl+qpRTlC Ykmzed17z/TQlE42D0N19vIUB5nXvGvTvSbIPAB4OaiFj3I99j+g7dDYkkxL5Rth 6OG+jwnBkkMuWo/mREt2RaHR9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHTq5FwH QPKMyNPo3vfnVjJ6szXBMB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH6hgxXPA/xpNbKRewvy2ztKz4Uv4jo/mLMsG75yQmBa/zWPx1ov1i fR5w1XZrcGrbzYDYYGCvWDgUy/Hp863w6Jk+wK1KD52yBkQCcPN5cemTMqGNF7Lv yxlzzxbLzgUiZq4cfeVqQV2bxUlhRx5t5pMOp2rEEgAf2fFG0WjgtgAOy737zhrl JJRQ4yqI5y8CZfH4OiIm0/as7Gg9pyGWm6rdFJlHSQBbcW6LtWLT0C/egrC6Fclj Tm5u/ZMjRlK9RMi3m7/daEIo70h15aF2Qm5PMPRkPqs0C8lKg48/bx2OgAU5JhMm 5NLdejFPGXPnv/9F6SmXG9s+0cjVH6xO -----END CERTIFICATE-----Generated at Wed Aug 13 04:25:53 2025 by rpki-client