$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: S/2gcpsVT6B2Jf7k5ST+jz99dNblzfk3K7ga4/mbic8= Subject key identifier: 64:9D:1B:6D:8A:95:61:53:6B:D8:23:CD:0B:77:ED:32:59:94:43:3C Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 90 Signing time: Sat 09 Aug 2025 06:57:25 +0000 Manifest this update: Sat 09 Aug 2025 06:57:25 +0000 Manifest next update: Sat 16 Aug 2025 06:57:25 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: 7At878Gy9WEK7fC7Fh7kL0xqOAcGfKE/WQ+LNwbB3U8=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Aug 9 06:57:25 2025 GMT Not After : Aug 16 06:57:25 2025 GMT Subject: CN=6896f155-7bfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:8c:93:8b:47:f2:0a:68:fa:5a:82:cd:9c:82: 75:b1:73:d4:b3:b7:47:94:43:9c:d0:72:4e:38:34: 10:db:69:9c:05:aa:55:09:f8:ad:3c:96:c3:90:30: 02:90:9c:a4:38:3a:d2:ee:d2:99:07:6b:5a:dc:c7: a6:b6:75:08:5f:61:4d:29:d2:d5:23:83:0f:9f:4a: 70:98:e6:0a:76:bc:c8:1b:3a:a4:6b:32:13:96:eb: 4a:e5:98:4f:49:e6:6d:ab:69:94:db:f9:ed:18:ab: be:d8:1a:97:44:32:06:f4:a1:85:35:f1:2a:06:25: ed:38:21:29:bb:8e:a6:61:ce:e0:c0:2a:74:a1:9d: aa:77:bd:50:35:b5:65:6d:ad:41:d4:27:98:70:cf: 01:38:10:be:41:ec:af:14:09:9d:07:37:cd:06:84: 34:4b:10:55:08:99:32:86:26:02:f7:6f:ef:b3:3e: d6:f2:78:9e:8b:f2:32:6d:34:ea:1b:88:d3:a7:4e: 68:23:d7:1b:b9:c8:37:91:11:49:6b:fe:ef:6f:9e: 31:af:b7:f0:62:2c:00:fe:a7:10:a7:31:f9:2a:3a: f7:66:3d:7b:03:3e:f9:4a:cf:98:e1:ef:98:3e:7d: 11:5c:03:51:00:0c:52:6b:f5:f6:94:a3:e8:13:0e: 6d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:9D:1B:6D:8A:95:61:53:6B:D8:23:CD:0B:77:ED:32:59:94:43:3C X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:16:4b:fc:46:6f:55:af:3e:89:b1:c6:55:5c:4b:df:5e:7c: e5:12:25:8c:27:ff:e3:e4:c8:54:e2:c8:bf:f4:58:51:77:7a: a3:8f:9e:b4:c1:40:2e:f9:e9:48:04:8c:73:33:98:e7:5d:4d: b2:a3:8a:2b:27:ef:35:7b:e6:a7:87:f2:5d:f6:e1:98:1e:be: 8f:da:9c:28:9c:18:92:75:21:c9:40:2d:1a:99:bc:eb:6b:60: fe:68:03:58:4f:bc:bd:5a:a9:da:f3:f6:49:48:41:b1:ef:72: f7:f1:52:95:63:b0:44:aa:8e:e0:42:2e:18:a8:83:fe:21:04: 14:63:68:16:5d:80:3a:f1:fd:1d:0d:ce:58:b7:d4:db:00:4c: 82:12:0b:d6:55:56:d8:4c:ab:e4:bf:b7:14:ae:9c:42:d8:da: 95:e4:0e:d5:ee:ac:08:d5:90:f1:70:9a:3a:d8:bc:e0:30:1e: ed:be:c7:2e:d6:d7:f2:f4:45:32:e6:43:cb:bd:50:6e:3a:6d: 72:32:d9:5d:2d:14:ad:45:4c:b3:46:86:c6:dc:4c:d0:4d:70: ed:d9:24:bd:4f:15:db:ad:0d:4b:72:5c:64:af:18:2b:76:1b: 71:6b:34:85:dd:f9:de:8a:09:89:e0:5a:de:15:a8:41:02:5f: 71:55:55:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUwODA5MDY1NzI1WhcNMjUwODE2MDY1NzI1WjAYMRYwFAYD VQQDEw02ODk2ZjE1NS03YmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwIyTi0fyCmj6WoLNnIJ1sXPUs7dHlEOc0HJOODQQ22mcBapVCfitPJbDkDAC kJykODrS7tKZB2ta3MemtnUIX2FNKdLVI4MPn0pwmOYKdrzIGzqkazITlutK5ZhP SeZtq2mU2/ntGKu+2BqXRDIG9KGFNfEqBiXtOCEpu46mYc7gwCp0oZ2qd71QNbVl ba1B1CeYcM8BOBC+QeyvFAmdBzfNBoQ0SxBVCJkyhiYC92/vsz7W8niei/IybTTq G4jTp05oI9cbucg3kRFJa/7vb54xr7fwYiwA/qcQpzH5Kjr3Zj17Az75Ss+Y4e+Y Pn0RXANRAAxSa/X2lKPoEw5tcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGSdG22K lWFTa9gjzQt37TJZlEM8MB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaFkv8Rm9Vrz6JscZVXEvfXnzlEiWMJ//j5MhU4si/9FhRd3qjj560 wUAu+elIBIxzM5jnXU2yo4orJ+81e+anh/Jd9uGYHr6P2pwonBiSdSHJQC0ambzr a2D+aANYT7y9Wqna8/ZJSEGx73L38VKVY7BEqo7gQi4YqIP+IQQUY2gWXYA68f0d Dc5Yt9TbAEyCEgvWVVbYTKvkv7cUrpxC2NqV5A7V7qwI1ZDxcJo62LzgMB7tvscu 1tfy9EUy5kPLvVBuOm1yMtldLRStRUyzRobG3EzQTXDt2SS9TxXbrQ1Lclxkrxgr dhtxazSF3fneigmJ4FreFahBAl9xVVWX -----END CERTIFICATE-----Generated at Sat Aug 9 14:21:20 2025 by rpki-client