$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft File: CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft (raw, json) Hash identifier: 1DOWb4hi/F7492f1P/bJWD2oaV3K9wo/QqJj6XlcTCg= Subject key identifier: C0:A5:73:0C:04:79:E0:C6:08:15:05:98:FE:19:2D:A5:77:42:CF:0B Authority key identifier: 09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E Certificate issuer: /CN=A91E9D1A/serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Certificate serial: 34E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft Manifest number: 34C9 Signing time: Mon 04 Aug 2025 14:19:44 +0000 Manifest this update: Mon 04 Aug 2025 14:19:43 +0000 Manifest next update: Mon 11 Aug 2025 14:19:43 +0000 Files and hashes: 1: CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl (hash: 4GW8LDFgUGHmZnRpKEkXtl25DgNFncBQluatl3UXuPk=) 2: 81C9B5A4BBFA11ED99272016C4F9AE02.roa (hash: 5TYvs++Mvewysf2Y0/6vpFA2+467A8J4q0CP6JqLCQs=) 3: E404430CB0F811E595E0F761C4F9AE02.roa (hash: aPLpTjVx3H8dG+sQrN1VcBaFu+dKTfAESi5mspAt7yo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:19:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13545 (0x34e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9D1A, serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Validity Not Before: Aug 4 14:19:43 2025 GMT Not After : Aug 11 14:19:43 2025 GMT Subject: CN=6890c180-eb11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ab:39:3c:e2:81:a5:cb:f1:32:20:f4:70:c1: 86:70:a5:41:7b:95:0d:7d:fe:a6:03:ef:cd:a9:ad: d3:52:dd:30:12:f9:08:20:ee:a6:64:7c:ea:19:02: fc:ba:26:e2:64:cf:b8:83:48:71:a3:a8:5a:f6:54: 97:15:2d:65:52:8b:e9:35:87:91:34:b9:4e:d3:c1: d6:a4:71:ff:49:eb:aa:74:2f:c3:c7:e9:a6:90:c4: b6:19:e7:7a:50:96:39:45:35:00:23:15:3b:07:c0: 33:ee:2f:04:74:90:1f:e5:22:e1:74:56:46:c5:8c: b9:9b:ce:b7:af:fb:69:b7:78:99:cc:cd:db:f8:a6: 35:f1:0a:4c:28:b3:83:2f:5b:35:07:ab:ba:ea:78: 0f:d7:99:f8:42:33:3f:9f:84:21:bc:4e:44:81:ce: 25:99:6c:81:70:29:83:86:21:6b:84:5a:44:6e:33: df:72:ad:23:be:9d:9e:d1:2e:0c:b6:3a:83:bf:4b: 71:34:f5:24:92:89:31:18:38:8d:2e:bc:9f:9b:1a: 54:0a:eb:c1:8a:1c:9a:a0:fb:26:cb:be:dc:bd:f9: ff:2c:f7:bc:ae:dc:9c:93:88:77:69:94:e9:f8:83: 5a:55:a7:cd:b1:b8:21:9d:6e:e6:0b:c9:85:d8:4b: a4:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:A5:73:0C:04:79:E0:C6:08:15:05:98:FE:19:2D:A5:77:42:CF:0B X509v3 Authority Key Identifier: keyid:09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:e5:be:79:71:57:d5:db:0a:19:5e:7a:5e:ff:58:dd:b2:02: 85:8f:65:02:ec:22:c0:31:a2:4f:89:35:c3:bb:b9:6e:4f:5a: 6f:93:9b:50:3f:c7:b5:ee:fb:96:80:56:80:db:00:74:93:17: 82:dd:6d:bc:06:c5:8a:27:62:50:8d:e6:70:64:43:bb:43:1a: 7e:dc:c4:30:26:e8:51:b9:d1:9c:76:41:b6:89:39:be:dd:81: ce:32:e9:79:0c:95:ff:d2:6f:6c:6e:b1:17:c1:be:8d:a9:61: cf:65:86:99:e2:41:92:25:e7:5e:60:a5:c9:63:5a:c6:23:8e: 1d:f0:a9:81:91:5a:3b:31:d2:64:9b:20:9f:73:a8:84:f3:4e: 95:df:23:88:27:9a:44:47:59:a4:5a:bb:6f:ca:57:4e:43:ae: 55:6e:0e:b6:62:1a:4c:0d:57:a0:67:4e:14:94:7a:18:ad:43: 8f:f7:96:a1:6b:67:e2:7a:83:55:8a:a9:a7:da:fd:e0:91:e3: 04:51:0b:97:87:70:ee:62:9f:db:03:ad:c8:97:25:63:f0:27: 91:0f:04:37:de:9a:b1:fd:88:aa:3d:81:dd:c3:ec:c7:d4:a6: 8c:b3:4a:02:bf:0b:a1:c5:e7:3f:54:74:78:52:25:1c:6e:d1: 25:93:66:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlEMUExMTAvBgNVBAUTKDA5NzZGQzNEMjMxODZENDhDNjcxNzczNzQwODkxQ0Y1 NEUzMUI4MEUwHhcNMjUwODA0MTQxOTQzWhcNMjUwODExMTQxOTQzWjAYMRYwFAYD VQQDEw02ODkwYzE4MC1lYjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7Ks5POKBpcvxMiD0cMGGcKVBe5UNff6mA+/Nqa3TUt0wEvkIIO6mZHzqGQL8 uibiZM+4g0hxo6ha9lSXFS1lUovpNYeRNLlO08HWpHH/SeuqdC/Dx+mmkMS2Ged6 UJY5RTUAIxU7B8Az7i8EdJAf5SLhdFZGxYy5m863r/tpt3iZzM3b+KY18QpMKLOD L1s1B6u66ngP15n4QjM/n4QhvE5Egc4lmWyBcCmDhiFrhFpEbjPfcq0jvp2e0S4M tjqDv0txNPUkkokxGDiNLryfmxpUCuvBihyaoPsmy77cvfn/LPe8rtyck4h3aZTp +INaVafNsbghnW7mC8mF2Euk9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMClcwwE eeDGCBUFmP4ZLaV3Qs8LMB8GA1UdIwQYMBaAFAl2/D0jGG1IxnF3N0CJHPVOMbgO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUQxQS9DNTlCMDJEQTFE NzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJVakdjWGMzUUlrYzlVNHh1 QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NYYjhQU01ZYlVqR2NYYzNRSWtjOVU0eHVBNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUQxQS9DNTlCMDJEQTFENzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJV akdjWGMzUUlrYzlVNHh1QTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBt5b55cVfV2woZXnpe/1jdsgKFj2UC7CLAMaJPiTXDu7luT1pvk5tQ P8e17vuWgFaA2wB0kxeC3W28BsWKJ2JQjeZwZEO7Qxp+3MQwJuhRudGcdkG2iTm+ 3YHOMul5DJX/0m9sbrEXwb6NqWHPZYaZ4kGSJedeYKXJY1rGI44d8KmBkVo7MdJk myCfc6iE806V3yOIJ5pER1mkWrtvyldOQ65Vbg62YhpMDVegZ04UlHoYrUOP95ah a2fieoNViqmn2v3gkeMEUQuXh3DuYp/bA63IlyVj8CeRDwQ33pqx/YiqPYHdw+zH 1KaMs0oCvwuhxec/VHR4UiUcbtElk2Z1 -----END CERTIFICATE-----Generated at Wed Aug 6 04:03:26 2025 by rpki-client