$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft File: z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft (raw, json) Hash identifier: qaako/cUQ8HNZrnjWvBG/ijihy4H6UWTMtXOWZFtg9A= Subject key identifier: 6D:19:9C:15:01:8B:1C:85:54:9B:C0:FE:70:91:F6:BC:42:90:38:31 Authority key identifier: CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 Certificate issuer: /CN=A91E7ED9/serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Certificate serial: 0836 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft Manifest number: 0830 Signing time: Sun 10 Aug 2025 20:46:55 +0000 Manifest this update: Sun 10 Aug 2025 20:46:55 +0000 Manifest next update: Sun 17 Aug 2025 20:46:55 +0000 Files and hashes: 1: z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl (hash: sDZvrpONfQKhUgbM8aSwyVTxriTgYM6W8qtjeW5i8lU=) 2: DE349762DBA311EA8DE35866C4F9AE02.roa (hash: W9BGV+7n/b6h+ZEgu/zCV5dkMkakdYDRjim1ueZv/vs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2102 (0x836) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7ED9, serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Validity Not Before: Aug 10 20:46:55 2025 GMT Not After : Aug 17 20:46:55 2025 GMT Subject: CN=6899053f-23ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:3e:d8:c1:fd:27:fb:2e:12:ba:83:09:af:e7: 64:56:2e:a2:38:d7:8d:a8:50:1b:9c:91:e0:ed:ac: ee:6a:be:d0:40:b3:8c:8d:df:05:99:fb:e6:ab:6d: e3:0c:34:c6:ff:2b:a5:72:04:76:bb:0d:58:9a:30: be:ba:1b:52:81:84:bf:99:d0:4e:95:d9:43:9a:5b: 35:de:5e:35:0d:67:7a:38:e0:aa:6c:bb:e7:6a:3c: 2b:66:f0:63:eb:d4:55:58:cd:8c:da:38:d5:e0:bf: 0d:e2:09:96:2b:6f:2e:ff:07:5b:db:e0:f1:bd:3b: 19:82:c5:51:45:0d:6d:b5:50:dc:d2:41:02:9e:05: 0e:72:96:21:7d:4a:03:df:a7:ba:e8:e4:1b:df:24: 40:c7:a4:ef:7e:75:6f:04:d5:65:4e:02:19:97:30: db:03:1c:42:27:b3:a8:0d:00:d2:8e:74:e8:76:9a: e2:fe:ba:a7:da:d1:be:dd:e2:99:70:30:3e:06:b0: 41:22:0a:51:16:f8:d9:39:43:f7:ea:e2:0b:e3:eb: 79:36:5d:93:d0:a8:f9:61:27:07:4b:ad:9d:49:2e: a7:d8:79:c4:2b:60:06:38:08:98:6c:4d:6d:54:60: 2a:90:46:e5:79:66:ca:54:b6:d9:21:f5:f2:62:05: 3f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:19:9C:15:01:8B:1C:85:54:9B:C0:FE:70:91:F6:BC:42:90:38:31 X509v3 Authority Key Identifier: keyid:CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:af:bc:17:8e:19:b0:22:c3:fa:62:dc:36:2c:34:41:30:7b: e2:05:b6:cf:5d:0f:fa:27:ee:cd:70:83:50:05:94:05:70:66: 58:1f:50:03:4d:7a:80:c9:2a:bd:fd:1c:6e:bc:a6:fb:2d:fd: a3:6e:34:8f:82:20:1d:b0:2d:0a:ba:33:7c:c7:cd:e7:0d:56: 3f:bd:56:4a:4d:e6:d7:c5:8d:b8:b9:c4:4a:93:fb:e0:ca:44: 73:d6:51:ee:eb:d6:63:29:fa:49:65:c3:7b:c8:fa:1c:d3:d4: ae:ca:9d:50:49:dc:4b:92:f5:68:8c:b5:66:0d:b9:c0:ed:67: 36:7f:50:17:38:03:a3:f7:64:b7:c0:c0:c1:79:a6:a3:b7:4f: e6:29:24:9e:70:67:cb:0b:88:78:2e:89:84:a6:e3:62:ce:c5: 64:0f:e6:6a:38:09:fc:36:73:5c:95:af:01:ba:62:5a:c6:6b: 3d:38:4f:bb:e7:3c:8e:84:e3:8b:46:bd:d4:c7:c7:23:33:8c: 03:22:d3:f3:a2:99:15:4f:b5:19:77:09:81:5e:c0:83:4a:06: 1c:b9:40:ea:7a:03:09:25:a4:5b:de:0c:35:74:e1:ce:19:14: dd:79:47:e7:f2:9b:d3:8f:2a:a4:1b:3d:de:11:de:2e:30:64: ce:e6:6d:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdFRDkxMTAvBgNVBAUTKENGNjY4Mzc0RUM3NUFCNUNBQ0QyRUE3MzA1MTVGN0I3 NzY0REQ5MjEwHhcNMjUwODEwMjA0NjU1WhcNMjUwODE3MjA0NjU1WjAYMRYwFAYD VQQDEw02ODk5MDUzZi0yM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6T7Ywf0n+y4SuoMJr+dkVi6iONeNqFAbnJHg7azuar7QQLOMjd8Fmfvmq23j DDTG/yulcgR2uw1YmjC+uhtSgYS/mdBOldlDmls13l41DWd6OOCqbLvnajwrZvBj 69RVWM2M2jjV4L8N4gmWK28u/wdb2+DxvTsZgsVRRQ1ttVDc0kECngUOcpYhfUoD 36e66OQb3yRAx6TvfnVvBNVlTgIZlzDbAxxCJ7OoDQDSjnTodpri/rqn2tG+3eKZ cDA+BrBBIgpRFvjZOUP36uIL4+t5Nl2T0Kj5YScHS62dSS6n2HnEK2AGOAiYbE1t VGAqkEbleWbKVLbZIfXyYgU/4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG0ZnBUB ixyFVJvA/nCR9rxCkDgxMB8GA1UdIwQYMBaAFM9mg3TsdatcrNLqcwUV97d2Tdkh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0VEOS9GOEUwQjNCMkRC QTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXExeXMwdXB6QlJYM3QzWk4y U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3oyYURkT3gxcTF5czB1cHpCUlgzdDNaTjJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0VEOS9GOEUwQjNCMkRCQTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXEx eXMwdXB6QlJYM3QzWk4yU0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAir7wXjhmwIsP6Ytw2LDRBMHviBbbPXQ/6J+7NcINQBZQFcGZYH1AD TXqAySq9/RxuvKb7Lf2jbjSPgiAdsC0KujN8x83nDVY/vVZKTebXxY24ucRKk/vg ykRz1lHu69ZjKfpJZcN7yPoc09Suyp1QSdxLkvVojLVmDbnA7Wc2f1AXOAOj92S3 wMDBeaajt0/mKSSecGfLC4h4LomEpuNizsVkD+ZqOAn8NnNcla8BumJaxms9OE+7 5zyOhOOLRr3Ux8cjM4wDItPzopkVT7UZdwmBXsCDSgYcuUDqegMJJaRb3gw1dOHO GRTdeUfn8pvTjyqkGz3eEd4uMGTO5m1N -----END CERTIFICATE-----Generated at Mon Aug 11 07:34:29 2025 by rpki-client