$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft File: mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft (raw, json) Hash identifier: 6+itSJb7V+SelrCHSUIgrnNfEivGRdrunpSccmXgGdA= Subject key identifier: CE:25:5B:1D:F7:95:B0:C8:A1:AC:66:93:55:8D:8C:A3:5E:EC:75:0F Authority key identifier: 9A:58:7E:4E:CF:68:EC:77:29:D8:DE:43:5F:FD:AA:DC:EA:5B:49:39 Certificate issuer: /CN=A91E3E80/serialNumber=9A587E4ECF68EC7729D8DE435FFDAADCEA5B4939 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft Manifest number: 1B Signing time: Tue 05 Aug 2025 08:36:22 +0000 Manifest this update: Tue 05 Aug 2025 08:36:22 +0000 Manifest next update: Tue 12 Aug 2025 08:36:21 +0000 Files and hashes: 1: mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl (hash: YbVkSuKp4EM9PpoNPsejNuau7RUUI7SpAxyLrnEzpQE=) 2: 1E008B864B7411F09B3DF33BC4F9AE02.roa (hash: ev5mDZ6XFmJ+ji01cNK3sq1eGbo1TIpqJN2vMLDyQBI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 08:36:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E80, serialNumber=9A587E4ECF68EC7729D8DE435FFDAADCEA5B4939 Validity Not Before: Aug 5 08:36:22 2025 GMT Not After : Aug 12 08:36:21 2025 GMT Subject: CN=6891c286-ec60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:a1:d4:08:1e:e9:f8:4b:53:18:13:8f:2d:aa: 6c:59:34:09:13:6e:2a:7e:c4:fd:d9:db:27:97:92: 79:ae:e3:cf:b5:95:a6:7a:db:b1:dc:a6:53:26:35: 96:f3:57:4b:4c:5d:28:6d:8f:36:d8:bc:9c:d2:9d: 5a:dd:31:8a:c7:14:cb:14:fe:e1:fe:9d:1a:33:94: 8b:68:d5:01:54:01:5c:c2:77:28:a2:47:85:24:d1: 54:df:e5:0d:35:3e:d5:ee:11:87:66:86:1a:a4:5c: f7:be:4e:d8:30:c2:4b:9c:3a:77:8a:a2:98:81:ed: 9c:1e:2a:3f:84:6a:0a:74:9e:82:d0:1c:d5:19:90: 44:58:ae:ea:42:c3:ad:5b:76:8c:b3:ee:83:de:f6: 4d:d0:bd:a9:c3:a2:6a:f6:96:f5:16:03:96:f9:90: 65:03:eb:66:18:bc:91:05:e5:a6:53:2d:e9:4b:a1: 61:f4:a8:58:e4:b8:85:dd:ce:ae:87:68:f5:39:67: 9d:dc:1a:32:5d:96:13:8a:77:4e:fb:96:da:2b:5b: c8:42:5d:1a:98:c4:4e:25:65:cf:5f:7d:e1:a3:1d: 8a:1a:77:6e:1a:f0:fb:99:71:fd:02:90:c5:2c:46: 23:c4:3a:3d:23:c5:af:b0:6f:96:77:b3:a5:75:ec: d4:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:25:5B:1D:F7:95:B0:C8:A1:AC:66:93:55:8D:8C:A3:5E:EC:75:0F X509v3 Authority Key Identifier: keyid:9A:58:7E:4E:CF:68:EC:77:29:D8:DE:43:5F:FD:AA:DC:EA:5B:49:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E80/35433F224B6611F0B8852439C4F9AE02/mlh-Ts9o7Hcp2N5DX_2q3OpbSTk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:58:7f:38:f0:9d:ac:3a:3e:90:2e:f4:86:c4:b1:86:d1:c8: 07:8f:58:06:67:15:91:2e:52:df:43:73:b6:ac:fc:08:65:f8: d6:bf:11:e2:b7:f6:bb:e8:33:64:44:be:18:67:e6:07:cc:29: eb:a8:77:9e:db:25:b7:04:2e:2a:26:d9:6f:f3:ba:ad:a0:f4: bc:00:c9:fc:f4:80:18:84:01:50:40:d5:5e:fa:4d:10:2c:b1: 98:57:81:9f:1e:29:1b:76:42:f8:94:63:b2:0c:bf:6d:7b:4e: 49:70:85:a7:89:52:2d:ac:36:1a:ef:0f:59:d7:4b:a4:e8:d0: 21:5d:59:a3:fd:bf:5f:33:71:37:e8:86:d1:a3:33:ef:06:55: 39:8c:dc:5b:c9:57:0e:46:4f:de:5a:02:bc:18:7f:c4:aa:ad: 1d:42:13:73:78:0d:9e:59:f3:c5:8c:fd:26:73:50:a3:d1:54: a4:82:c6:aa:72:91:4a:55:6d:d5:b9:e0:14:ec:f6:02:3a:f7: 10:0b:54:1e:d9:a5:11:d6:de:24:3c:95:97:24:d8:64:15:ee: 32:6d:b1:e2:db:42:d7:42:bc:f2:01:78:17:a9:80:31:29:71: ab:f5:a0:9c:d2:2d:eb:b8:a2:d7:62:2b:f0:72:56:6e:d1:51: 84:8c:52:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0U4MDExMC8GA1UEBRMoOUE1ODdFNEVDRjY4RUM3NzI5RDhERTQzNUZGREFBRENF QTVCNDkzOTAeFw0yNTA4MDUwODM2MjJaFw0yNTA4MTIwODM2MjFaMBgxFjAUBgNV BAMTDTY4OTFjMjg2LWVjNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD3odQIHun4S1MYE48tqmxZNAkTbip+xP3Z2yeXknmu48+1laZ627HcplMmNZbz V0tMXShtjzbYvJzSnVrdMYrHFMsU/uH+nRozlIto1QFUAVzCdyiiR4Uk0VTf5Q01 PtXuEYdmhhqkXPe+TtgwwkucOneKopiB7ZweKj+Eagp0noLQHNUZkERYrupCw61b doyz7oPe9k3QvanDomr2lvUWA5b5kGUD62YYvJEF5aZTLelLoWH0qFjkuIXdzq6H aPU5Z53cGjJdlhOKd077ltorW8hCXRqYxE4lZc9ffeGjHYoad24a8PuZcf0CkMUs RiPEOj0jxa+wb5Z3s6V17NSJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUziVbHfeV sMihrGaTVY2Mo17sdQ8wHwYDVR0jBBgwFoAUmlh+Ts9o7Hcp2N5DX/2q3OpbSTkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRTgwLzM1NDMzRjIyNEI2 NjExRjBCODg1MjQzOUM0RjlBRTAyL21saC1UczlvN0hjcDJONURYXzJxM09wYlNU ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbWxoLVRzOW83SGNwMk41RFhfMnEzT3BiU1RrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RTgwLzM1NDMzRjIyNEI2NjExRjBCODg1MjQzOUM0RjlBRTAyL21saC1UczlvN0hj cDJONURYXzJxM09wYlNUay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG5Yfzjwnaw6PpAu9IbEsYbRyAePWAZnFZEuUt9Dc7as/Ahl+Na/EeK3 9rvoM2REvhhn5gfMKeuod57bJbcELiom2W/zuq2g9LwAyfz0gBiEAVBA1V76TRAs sZhXgZ8eKRt2QviUY7IMv217TklwhaeJUi2sNhrvD1nXS6To0CFdWaP9v18zcTfo htGjM+8GVTmM3FvJVw5GT95aArwYf8SqrR1CE3N4DZ5Z88WM/SZzUKPRVKSCxqpy kUpVbdW54BTs9gI69xALVB7ZpRHW3iQ8lZck2GQV7jJtseLbQtdCvPIBeBepgDEp cav1oJzSLeu4otdiK/ByVm7RUYSMUpE= -----END CERTIFICATE-----Generated at Wed Aug 6 13:08:58 2025 by rpki-client