$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft File: 5OTCQkd4XDQv81kH9-EcSrs5i4M.mft (raw, json) Hash identifier: XVsPyf6O6wK2xlEToCkbBS6drrMsyFvMn1ECKwG07Pc= Subject key identifier: DA:A1:77:44:B4:01:68:FA:05:79:93:D5:74:7C:B0:FE:C3:A0:35:53 Authority key identifier: E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 Certificate issuer: /CN=A91E85F1/serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Certificate serial: 4A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft Manifest number: 47 Signing time: Sat 09 Aug 2025 07:56:32 +0000 Manifest this update: Sat 09 Aug 2025 07:56:31 +0000 Manifest next update: Sat 16 Aug 2025 07:56:31 +0000 Files and hashes: 1: 5OTCQkd4XDQv81kH9-EcSrs5i4M.crl (hash: JQfdHTSxnuiwAupzOPOJPF4IlLF1QlmbKFtF1o92NFI=) 2: 212E0B520DFE11F0B266963AC4F9AE02.roa (hash: 44vHU0H/9/bs4kOPReZOgC2D0Y7H1F8Nu3vr76cFkxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Validity Not Before: Aug 9 07:56:31 2025 GMT Not After : Aug 16 07:56:31 2025 GMT Subject: CN=6896ff30-21a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:64:d0:92:3a:d1:95:3e:e4:de:fe:c5:c1:8b: 14:7d:cb:6a:77:00:42:15:31:f9:75:05:ac:85:6e: bf:00:fc:6d:64:ff:f5:6b:32:3d:05:83:ae:ce:ca: cd:23:67:2a:b0:eb:81:09:9c:1d:51:28:9b:9d:00: a1:94:16:94:e1:56:c2:46:cc:9f:11:66:d4:1b:0d: 07:7c:c5:c9:2b:c9:72:76:dc:68:74:84:1a:fa:6f: 9d:64:b5:a8:9f:d1:6f:41:03:29:35:0e:73:fe:8b: ea:3d:7d:91:7c:87:c3:e1:c8:a3:94:53:aa:83:d8: d7:58:d4:26:6a:c0:ba:a8:e8:c1:f8:50:38:ba:1a: 54:af:13:88:40:35:61:52:7e:10:22:27:98:e6:17: 3b:2e:52:3c:8f:20:40:a4:12:8f:c1:72:bd:73:f7: 92:1b:f2:c2:90:92:af:8b:87:94:12:58:3d:28:14: 9a:dd:9f:33:74:ad:50:9d:ca:c5:e3:ec:86:0d:36: 0a:cf:44:cc:d8:f1:74:25:28:60:4a:e4:fd:08:49: ac:ec:d7:12:43:6f:3f:87:be:af:b0:b9:93:b1:f6: 49:f6:55:c9:9c:c6:f7:d9:4f:21:7d:d3:81:46:56: 06:f7:bc:12:7c:2e:cf:d8:2c:0d:1d:9e:21:62:0b: 29:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:A1:77:44:B4:01:68:FA:05:79:93:D5:74:7C:B0:FE:C3:A0:35:53 X509v3 Authority Key Identifier: keyid:E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:30:64:ed:73:42:be:32:a4:cb:ea:bf:5c:0c:1c:41:b4:15: 4b:c5:cf:44:79:6a:67:28:5b:83:89:b1:02:ed:bf:a3:c9:64: dd:7f:2f:3f:42:e8:f7:b8:6e:6a:a1:bc:2e:9e:c2:01:0c:0c: a9:e7:2d:d8:f6:26:ad:26:a6:23:17:c7:a1:2f:07:3c:61:2d: 16:73:12:03:52:24:33:37:45:18:60:50:fc:14:71:b3:17:71: 2f:34:08:a6:cc:64:51:72:19:e6:c4:6a:ae:58:9e:1c:20:29: b1:67:f8:da:eb:c1:3d:51:eb:ae:4a:e5:ad:b6:d7:b6:dd:d8: 5b:70:13:00:e0:a2:57:2e:cf:5f:8c:8b:9f:60:42:8d:d3:c2: 10:16:dd:27:d5:c0:21:a0:23:48:0f:83:cf:a0:52:a6:30:ea: dc:46:49:20:7d:ee:24:8f:bb:50:54:38:e5:e4:e3:91:81:52: 65:6f:5a:04:8b:ec:40:6b:f4:5c:a1:db:d2:d0:5d:f1:8a:6c: 5e:24:6c:72:21:e6:85:87:92:06:b3:98:8f:49:52:ae:65:0f: 43:b4:ae:d3:a3:01:b9:48:b8:39:87:37:74:f9:3a:51:06:97: 91:81:91:01:e0:fa:37:9f:c3:dc:c5:0e:46:43:25:d0:e4:af: 9b:11:9e:5f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoRTRFNEMyNDI0Nzc4NUMzNDJGRjM1OTA3RjdFMTFDNEFC QjM5OEI4MzAeFw0yNTA4MDkwNzU2MzFaFw0yNTA4MTYwNzU2MzFaMBgxFjAUBgNV BAMTDTY4OTZmZjMwLTIxYTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4ZNCSOtGVPuTe/sXBixR9y2p3AEIVMfl1BayFbr8A/G1k//VrMj0Fg67Oys0j Zyqw64EJnB1RKJudAKGUFpThVsJGzJ8RZtQbDQd8xckryXJ23Gh0hBr6b51ktaif 0W9BAyk1DnP+i+o9fZF8h8PhyKOUU6qD2NdY1CZqwLqo6MH4UDi6GlSvE4hANWFS fhAiJ5jmFzsuUjyPIECkEo/Bcr1z95Ib8sKQkq+Lh5QSWD0oFJrdnzN0rVCdysXj 7IYNNgrPRMzY8XQlKGBK5P0ISazs1xJDbz+Hvq+wuZOx9kn2VcmcxvfZTyF904FG Vgb3vBJ8Ls/YLA0dniFiCynBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2qF3RLQB aPoFeZPVdHyw/sOgNVMwHwYDVR0jBBgwFoAU5OTCQkd4XDQv81kH9+EcSrs5i4Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzYyMjA2MzNDMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERRdjgxa0g5LUVjU3JzNWk0 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNU9UQ1FrZDRYRFF2ODFrSDktRWNTcnM1aTRNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzYyMjA2MzNDMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERR djgxa0g5LUVjU3JzNWk0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMcwZO1zQr4ypMvqv1wMHEG0FUvFz0R5amcoW4OJsQLtv6PJZN1/Lz9C 6Pe4bmqhvC6ewgEMDKnnLdj2Jq0mpiMXx6EvBzxhLRZzEgNSJDM3RRhgUPwUcbMX cS80CKbMZFFyGebEaq5YnhwgKbFn+NrrwT1R665K5a2217bd2FtwEwDgolcuz1+M i59gQo3TwhAW3SfVwCGgI0gPg8+gUqYw6txGSSB97iSPu1BUOOXk45GBUmVvWgSL 7EBr9Fyh29LQXfGKbF4kbHIh5oWHkgazmI9JUq5lD0O0rtOjAblIuDmHN3T5OlEG l5GBkQHg+jefw9zFDkZDJdDkr5sRnl8= -----END CERTIFICATE-----Generated at Mon Aug 11 01:48:12 2025 by rpki-client