$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft File: 5HfTiqrEo3zG3xZlvxyICvmbe08.mft (raw, json) Hash identifier: qLAC5sVwsAwnoqdgdZt/OEHaE8fRy1sNvrq+xIR6Slw= Subject key identifier: 43:6A:C2:FF:F4:F1:B3:6D:33:73:6B:BE:45:84:CF:D1:D4:59:32:23 Authority key identifier: E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F Certificate issuer: /CN=A91E504E/serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Certificate serial: 03E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft Manifest number: 03D9 Signing time: Sat 09 Aug 2025 01:07:51 +0000 Manifest this update: Sat 09 Aug 2025 01:07:50 +0000 Manifest next update: Sat 16 Aug 2025 01:07:50 +0000 Files and hashes: 1: 5HfTiqrEo3zG3xZlvxyICvmbe08.crl (hash: Ds/rP/ebV0ilf3Ycb9nEEc31kJkhxo2rarH2RHg7LzI=) 2: 5F9FA12E0CA411ED96936D79C4F9AE02.roa (hash: 1kY42j3eWLAd8yp1AvznjQwJBoHaBnQrkaPK6EtSCdQ=) 3: 06820D08961011ECA540626AC4F9AE02.roa (hash: XbxtLk1+2CfWndcMlMOnwCxgbfEchquqUDJGfTWj61E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 999 (0x3e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E504E, serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Validity Not Before: Aug 9 01:07:50 2025 GMT Not After : Aug 16 01:07:50 2025 GMT Subject: CN=68969f67-aea7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4f:9e:78:f6:6d:c6:3c:0c:28:d2:87:9b:73: 97:cf:f7:0a:a8:c5:25:81:66:80:8f:a1:92:84:e8: da:d6:05:a2:20:b2:a9:7f:d9:5c:d0:19:7a:49:77: dd:7f:75:7b:c7:ed:85:61:fa:64:53:14:ff:b1:3e: e2:1b:e7:4c:aa:62:3d:fa:40:6b:0d:6e:28:c4:66: d2:db:42:ce:38:54:77:03:3f:4a:e0:73:b1:97:22: 52:12:33:e9:1c:5d:db:62:5f:8d:cc:af:b9:fa:d9: ed:c7:88:70:9e:75:6b:fd:e7:25:0d:b2:a4:d5:6f: d1:63:b3:1f:34:01:88:84:98:c4:a4:5e:30:ad:1c: 73:b5:16:99:a6:c6:e4:06:6a:42:a2:20:26:99:a2: c6:29:83:1b:f3:99:e6:75:c7:d6:c9:4e:93:81:82: e6:0f:e1:3a:0e:b2:a2:ea:0d:ef:3b:8f:22:1a:27: 1b:ed:37:a8:62:b8:a5:60:9b:81:8a:e5:9d:30:be: e6:c8:a3:a8:ba:43:f7:9e:7d:95:00:7a:c9:73:03: 08:b0:fb:0c:11:7b:09:b4:5e:25:ef:e4:9c:ca:39: 0f:74:34:02:2e:ba:fd:21:18:d7:40:8e:cd:19:01: e0:10:5d:39:37:1d:c2:dc:cb:bf:38:73:cb:35:05: f2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:6A:C2:FF:F4:F1:B3:6D:33:73:6B:BE:45:84:CF:D1:D4:59:32:23 X509v3 Authority Key Identifier: keyid:E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:5d:d1:92:11:5a:97:59:e2:42:22:ec:ce:4e:8a:cb:30:f5: 43:0d:0f:d5:98:70:4d:3d:9d:90:3c:e9:b2:cc:33:54:d9:7e: 50:6a:31:b8:ac:84:9e:33:a5:4d:6c:d4:bd:1f:21:03:9b:a8: 90:5b:5b:ba:50:c0:8c:89:ca:9e:3e:34:59:b2:6e:91:f0:19: c0:28:10:bf:06:09:ea:2d:b3:ff:13:4d:b4:2d:71:8d:0b:aa: 30:8f:42:ca:68:f0:ae:7c:c3:d9:3e:0e:78:c2:4e:bd:4c:d1: 8f:e8:79:a7:9a:15:bb:ab:83:c0:b1:45:23:85:f7:74:99:20: 3e:ed:81:c8:40:8f:9c:85:63:38:f5:2e:9a:96:b7:46:7c:6b: ac:1d:65:36:12:52:51:92:23:a2:1b:ca:67:2d:94:6a:52:81: 3b:3f:24:e1:3e:c6:ee:f6:bb:65:76:81:5e:aa:91:59:1c:8d: fb:81:47:82:f3:53:4c:0e:c9:42:46:5c:8d:aa:6a:89:ca:fc: 08:12:5e:0b:ab:61:b0:e7:9d:6e:b9:9c:d4:7d:cb:81:10:46: 8a:c7:ac:c6:5e:aa:4c:f7:7d:59:53:08:2d:e2:a9:a0:3e:16: e9:b7:5a:c6:59:30:48:ed:b4:21:dc:1a:a0:10:f9:50:17:5e: 35:c4:92:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTUwNEUxMTAvBgNVBAUTKEU0NzdEMzhBQUFDNEEzN0NDNkRGMTY2NUJGMUM4ODBB Rjk5QjdCNEYwHhcNMjUwODA5MDEwNzUwWhcNMjUwODE2MDEwNzUwWjAYMRYwFAYD VQQDEw02ODk2OWY2Ny1hZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArk+eePZtxjwMKNKHm3OXz/cKqMUlgWaAj6GShOja1gWiILKpf9lc0Bl6SXfd f3V7x+2FYfpkUxT/sT7iG+dMqmI9+kBrDW4oxGbS20LOOFR3Az9K4HOxlyJSEjPp HF3bYl+NzK+5+tntx4hwnnVr/eclDbKk1W/RY7MfNAGIhJjEpF4wrRxztRaZpsbk BmpCoiAmmaLGKYMb85nmdcfWyU6TgYLmD+E6DrKi6g3vO48iGicb7TeoYrilYJuB iuWdML7myKOoukP3nn2VAHrJcwMIsPsMEXsJtF4l7+ScyjkPdDQCLrr9IRjXQI7N GQHgEF05Nx3C3Mu/OHPLNQXyBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFENqwv/0 8bNtM3NrvkWEz9HUWTIjMB8GA1UdIwQYMBaAFOR304qqxKN8xt8WZb8ciAr5m3tP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80RTNFMzY3RTk2 MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8zekczeFpsdnh5SUN2bWJl MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVIZlRpcXJFbzN6RzN4Wmx2eHlJQ3ZtYmUwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTA0RS80RTNFMzY3RTk2MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8z ekczeFpsdnh5SUN2bWJlMDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoXdGSEVqXWeJCIuzOTorLMPVDDQ/VmHBNPZ2QPOmyzDNU2X5QajG4 rISeM6VNbNS9HyEDm6iQW1u6UMCMicqePjRZsm6R8BnAKBC/BgnqLbP/E020LXGN C6owj0LKaPCufMPZPg54wk69TNGP6HmnmhW7q4PAsUUjhfd0mSA+7YHIQI+chWM4 9S6alrdGfGusHWU2ElJRkiOiG8pnLZRqUoE7PyThPsbu9rtldoFeqpFZHI37gUeC 81NMDslCRlyNqmqJyvwIEl4Lq2Gw551uuZzUfcuBEEaKx6zGXqpM931ZUwgt4qmg Phbpt1rGWTBI7bQh3BqgEPlQF141xJJJ -----END CERTIFICATE-----Generated at Sun Aug 10 21:11:49 2025 by rpki-client