$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: Hua61NPehuvPv+fpz/9Djtxs9Bg00ZcU2K5903x7cMc= Subject key identifier: E2:C9:B6:D4:37:F9:61:C1:80:CE:3E:DF:44:21:8B:F5:5A:37:B5:E3 Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 149C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 1488 Signing time: Mon 04 Aug 2025 17:05:11 +0000 Manifest this update: Mon 04 Aug 2025 17:05:11 +0000 Manifest next update: Mon 11 Aug 2025 17:05:11 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: PECcgzilXXlD+k3NGnf3c9n7GjIsS2jG0GBQ1f/b6b4=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 17:05:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5276 (0x149c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Aug 4 17:05:11 2025 GMT Not After : Aug 11 17:05:11 2025 GMT Subject: CN=6890e847-7439 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5c:d7:db:6e:b2:94:b3:0c:79:46:b1:0d:59: e5:f8:6d:74:93:f1:2e:c9:3d:50:63:b6:b4:68:dd: e4:1d:07:df:cc:12:dd:09:cc:69:df:ee:dc:fb:8e: 69:55:e7:4f:bb:da:c2:af:1f:88:32:3b:b3:17:05: 6f:55:34:b5:c0:ac:35:41:36:3e:2a:82:3f:25:a4: b1:c5:0e:a8:52:e5:00:26:e8:fc:29:e5:ae:4d:fc: d5:ad:07:3b:19:70:2d:35:11:29:a5:8d:7a:f3:ac: 24:81:f0:da:9b:36:35:7c:4b:69:bc:46:f5:af:9c: 6d:8e:93:21:91:e2:70:c4:3a:64:39:8e:3d:95:c2: e8:45:89:6a:80:8e:6a:dc:6f:73:42:6e:fd:da:82: a3:f7:ed:5e:c9:49:53:35:8c:cf:16:6a:ed:c5:e6: 95:ae:96:10:78:85:9c:1b:71:81:58:00:22:3c:69: 3a:d5:96:b7:56:e5:1a:73:26:82:7e:ee:8e:3e:17: 57:83:40:19:ee:48:93:69:40:a8:6f:1d:b5:a3:77: 4e:d0:41:5b:6b:4f:a5:fc:e8:f1:4e:89:bd:5a:b2: 59:56:0b:07:48:45:37:01:ef:a6:b6:85:c7:6e:0b: 6d:82:eb:76:22:85:87:a7:c6:88:36:85:e4:df:fd: c1:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:C9:B6:D4:37:F9:61:C1:80:CE:3E:DF:44:21:8B:F5:5A:37:B5:E3 X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:b4:7f:03:87:66:5c:52:18:c0:34:d6:3f:bb:04:27:e8:a6: 51:2e:f9:29:b7:03:fe:ab:e1:77:41:0e:b6:91:6a:ca:51:87: 2d:89:76:73:9e:6b:01:6f:82:12:12:9a:c5:e0:d4:11:05:42: 9e:cf:32:1b:19:36:fa:33:d8:e8:92:f4:e2:88:bc:60:37:5d: be:35:c8:4e:1a:f9:92:b3:32:c0:e2:ff:28:cb:96:8f:84:7e: c2:97:77:ee:35:70:01:b8:2e:64:15:ab:d8:c0:d3:87:11:63: 3f:27:aa:d0:9b:1c:6c:60:0f:06:cc:6e:46:08:f3:68:e7:3b: ab:21:c8:aa:ab:ca:96:e8:a5:af:aa:fd:30:56:82:48:31:df: 12:8b:9d:e5:c5:59:ea:9b:54:2b:b5:ed:b7:4a:32:33:c9:f5: 43:a6:b8:ae:b0:81:9a:c4:be:04:6a:36:b0:57:46:78:e6:a1: 50:49:ca:5f:63:33:c7:a9:19:3e:d7:97:6f:0a:9f:b8:df:3a: 2a:b9:11:b8:94:b2:6b:91:f0:9f:26:97:5e:b7:28:99:b3:42: e3:a9:4e:39:de:fa:20:ed:74:be:94:0f:03:d2:e4:4d:04:be: fc:a6:a0:1b:cd:cd:cc:ee:fe:41:2a:a2:1f:f2:cf:14:04:77: 9d:bc:a5:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUwODA0MTcwNTExWhcNMjUwODExMTcwNTExWjAYMRYwFAYD VQQDEw02ODkwZTg0Ny03NDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw1zX226ylLMMeUaxDVnl+G10k/EuyT1QY7a0aN3kHQffzBLdCcxp3+7c+45p VedPu9rCrx+IMjuzFwVvVTS1wKw1QTY+KoI/JaSxxQ6oUuUAJuj8KeWuTfzVrQc7 GXAtNREppY1686wkgfDamzY1fEtpvEb1r5xtjpMhkeJwxDpkOY49lcLoRYlqgI5q 3G9zQm792oKj9+1eyUlTNYzPFmrtxeaVrpYQeIWcG3GBWAAiPGk61Za3VuUacyaC fu6OPhdXg0AZ7kiTaUCobx21o3dO0EFba0+l/OjxTom9WrJZVgsHSEU3Ae+mtoXH bgttgut2IoWHp8aINoXk3/3BWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOLJttQ3 +WHBgM4+30Qhi/VaN7XjMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZtH8Dh2ZcUhjANNY/uwQn6KZRLvkptwP+q+F3QQ62kWrKUYctiXZz nmsBb4ISEprF4NQRBUKezzIbGTb6M9jokvTiiLxgN12+NchOGvmSszLA4v8oy5aP hH7Cl3fuNXABuC5kFavYwNOHEWM/J6rQmxxsYA8GzG5GCPNo5zurIciqq8qW6KWv qv0wVoJIMd8Si53lxVnqm1Qrte23SjIzyfVDpriusIGaxL4EajawV0Z45qFQScpf YzPHqRk+15dvCp+43zoquRG4lLJrkfCfJpdetyiZs0LjqU453vog7XS+lA8D0uRN BL78pqAbzc3M7v5BKqIf8s8UBHedvKWt -----END CERTIFICATE-----Generated at Wed Aug 6 00:53:23 2025 by rpki-client