$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: QU+MbpAJdtH0YpxXJoqk3Cfw/ey50NfLcPmcg9M0tq0= Subject key identifier: 66:C7:4E:D5:79:22:16:1F:A7:97:A3:8D:3D:1B:A8:D1:80:8E:46:71 Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12EA Signing time: Tue 12 Aug 2025 17:09:46 +0000 Manifest this update: Tue 12 Aug 2025 17:09:44 +0000 Manifest next update: Tue 19 Aug 2025 17:09:44 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: LYgBf90sU7pMfyVZ+cl4VTLKxQSbANBpjS8kScoo0nI=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 17:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4859 (0x12fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Aug 12 17:09:44 2025 GMT Not After : Aug 19 17:09:44 2025 GMT Subject: CN=689b7559-cbf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:39:d5:c7:61:5a:d0:08:83:a2:9d:3a:68:c5: fc:43:e6:4a:0f:bd:e5:3c:f3:a8:33:f7:5d:2a:39: b9:e0:13:9f:9a:f4:04:ba:53:76:bf:9b:4e:93:c8: e6:48:ef:c6:58:6e:23:4f:b5:71:39:c7:14:1c:e5: 76:8a:fb:02:3b:62:5c:e0:02:99:fa:45:49:19:6b: 45:12:b1:b8:47:6f:59:4c:91:6a:f4:af:c6:ed:44: 35:f9:38:58:86:22:2c:50:e8:57:ee:6a:3b:0a:e5: 1c:0b:95:83:83:b5:2c:2f:e9:3c:35:3f:cf:d2:52: ae:49:33:7c:0c:6b:af:1e:09:12:cf:5a:70:1b:3e: 30:4d:9a:2f:97:7c:6d:10:20:60:97:21:4f:f7:4d: d5:82:18:ab:aa:e9:ed:e6:9d:f7:6f:66:7e:ab:f7: ef:5a:53:ff:6e:fd:75:6d:f9:bd:60:ac:e4:ce:38: 66:fe:99:b3:41:ce:90:87:69:31:83:57:39:b3:a7: 1b:85:af:6a:c4:46:5b:f3:ba:e2:96:b6:ff:4b:5a: a1:0b:a3:18:a8:54:e5:d1:52:98:9c:ee:be:45:32: 1a:a4:6a:46:8b:b4:30:8d:d7:00:54:28:c8:f2:c2: fb:87:48:84:84:5d:6b:90:2c:38:db:ae:49:84:f6: 75:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:C7:4E:D5:79:22:16:1F:A7:97:A3:8D:3D:1B:A8:D1:80:8E:46:71 X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:31:99:12:0f:30:7a:3f:15:4c:b6:6d:a6:c7:ba:e1:a2:b4: c7:65:d2:62:1c:05:5f:a4:e0:67:a1:f4:8c:c8:ed:36:9a:86: 78:d3:d1:a0:c0:5e:25:fb:37:1d:04:c9:35:c0:31:bb:7d:84: 2a:ad:77:e2:50:eb:e6:fb:8a:0a:d0:72:3b:0b:e7:22:cc:fa: 39:49:77:65:09:20:dc:33:54:8a:70:1c:68:1c:c9:7a:e9:ec: 3e:10:89:8a:32:3b:28:76:3c:f1:03:d7:41:c5:0f:77:d9:2f: 76:fa:e3:13:9d:43:2d:30:cd:15:1e:46:c1:40:d1:32:d0:2c: 1e:70:06:ee:cb:03:27:90:35:f4:8c:f4:98:b8:d0:13:b5:86: 33:e6:af:a8:79:30:01:52:50:b0:d9:bd:49:09:e2:ca:47:04: 5f:ba:0f:1b:55:12:2e:d3:73:7e:1b:c6:2b:35:f0:1b:b0:92: 43:ab:e0:76:46:a5:f4:89:7d:cb:ee:c9:f4:8a:d7:f5:f3:5b: 19:f8:c4:9e:ed:42:14:21:0e:9e:22:cb:c0:63:fe:97:a3:7f: 0a:f0:25:ed:f4:7d:0b:d4:e9:c1:4c:eb:b3:78:ef:8b:4d:9d: e7:8b:48:19:32:ae:70:b6:45:c4:39:bc:b0:72:7e:1f:b2:cf: ae:5e:08:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwODEyMTcwOTQ0WhcNMjUwODE5MTcwOTQ0WjAYMRYwFAYD VQQDEw02ODliNzU1OS1jYmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxznVx2Fa0AiDop06aMX8Q+ZKD73lPPOoM/ddKjm54BOfmvQEulN2v5tOk8jm SO/GWG4jT7VxOccUHOV2ivsCO2Jc4AKZ+kVJGWtFErG4R29ZTJFq9K/G7UQ1+ThY hiIsUOhX7mo7CuUcC5WDg7UsL+k8NT/P0lKuSTN8DGuvHgkSz1pwGz4wTZovl3xt ECBglyFP903Vghirqunt5p33b2Z+q/fvWlP/bv11bfm9YKzkzjhm/pmzQc6Qh2kx g1c5s6cbha9qxEZb87rilrb/S1qhC6MYqFTl0VKYnO6+RTIapGpGi7QwjdcAVCjI 8sL7h0iEhF1rkCw4265JhPZ1ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbHTtV5 IhYfp5ejjT0bqNGAjkZxMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7MZkSDzB6PxVMtm2mx7rhorTHZdJiHAVfpOBnofSMyO02moZ409Gg wF4l+zcdBMk1wDG7fYQqrXfiUOvm+4oK0HI7C+cizPo5SXdlCSDcM1SKcBxoHMl6 6ew+EImKMjsodjzxA9dBxQ932S92+uMTnUMtMM0VHkbBQNEy0CwecAbuywMnkDX0 jPSYuNATtYYz5q+oeTABUlCw2b1JCeLKRwRfug8bVRIu03N+G8YrNfAbsJJDq+B2 RqX0iX3L7sn0itf181sZ+MSe7UIUIQ6eIsvAY/6Xo38K8CXt9H0L1OnBTOuzeO+L TZ3ni0gZMq5wtkXEObywcn4fss+uXggE -----END CERTIFICATE-----Generated at Tue Aug 12 22:53:46 2025 by rpki-client