$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft File: nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft (raw, json) Hash identifier: j1TcqdJhxt2hntVE8D8TxtnEnyRLrzRMF9z3ybr5MPY= Subject key identifier: 77:49:8F:A2:C2:6F:F0:C2:D3:B4:4C:3C:31:8E:33:3B:26:A7:3A:44 Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A Certificate issuer: /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Certificate serial: 2A2F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft Manifest number: 2A24 Signing time: Sun 10 Aug 2025 14:23:14 +0000 Manifest this update: Sun 10 Aug 2025 14:23:14 +0000 Manifest next update: Sun 17 Aug 2025 14:23:14 +0000 Files and hashes: 1: nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl (hash: kjuvH2aVL1rIsUMWJCcrUK/GK7HuRwKeKaiXeX9+lpI=) 2: F9722F8255C411E9A0FEF781C4F9AE02.roa (hash: symelOI4KiPwqS+zxOG2abXkQkOu/9Ecrvxkqaxc9Us=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10799 (0x2a2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF19E, serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Validity Not Before: Aug 10 14:23:14 2025 GMT Not After : Aug 17 14:23:14 2025 GMT Subject: CN=6898ab52-a3f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:4d:25:fb:15:43:67:02:ac:de:c9:5f:7e:fe: 50:c2:10:d8:36:d3:b1:e1:47:15:0f:ad:86:9b:7a: 3b:66:c1:da:04:c6:21:7f:1f:78:d9:bb:2b:f6:dc: 73:87:1b:1a:4f:fa:0d:73:4c:8d:74:ac:69:5f:cc: 5b:4a:63:71:1c:e1:44:ad:d9:d0:df:d5:64:1f:ce: 31:11:2e:7f:ac:5b:0a:77:f3:eb:2b:75:cd:4e:13: 80:e1:23:f7:05:15:d2:b6:47:34:2e:dc:24:64:9a: 10:44:7b:90:12:39:90:3b:64:fe:c6:4d:19:52:36: 7c:19:c7:fd:4d:72:40:fd:53:21:00:3d:2f:39:6c: 53:da:59:9f:0a:4f:3f:86:b0:c4:04:22:b3:81:d7: 99:03:38:44:ec:f0:78:6f:55:85:ec:88:9c:00:4b: d4:d4:a3:c9:cc:23:f6:eb:d4:e0:fa:4f:09:d3:6a: 82:ee:7d:8e:7b:a8:df:d3:00:ad:91:39:c4:e9:86: 10:39:e8:c2:1c:32:04:cc:d5:6d:b6:8a:15:6c:ea: a9:2d:2c:f3:7b:3a:3e:e3:1f:2b:d9:32:fc:54:85: 73:1d:3c:2e:14:b9:01:21:b7:62:69:93:2d:cd:2e: b9:de:0b:dc:0e:db:a1:68:e4:86:12:8a:07:91:fa: 68:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:49:8F:A2:C2:6F:F0:C2:D3:B4:4C:3C:31:8E:33:3B:26:A7:3A:44 X509v3 Authority Key Identifier: keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:79:5c:27:b3:74:c9:4a:90:a8:c5:a4:6a:33:84:53:bb:4a: d2:94:1c:d4:60:73:c6:88:c4:6c:8b:29:bf:ca:ab:fb:5e:84: b0:53:fe:32:01:0b:1e:e8:08:87:75:13:4a:2e:d2:71:a9:05: bd:4b:b7:88:4e:6c:80:cc:5b:18:ff:44:ce:5b:7e:55:93:5a: 9d:9d:8c:ee:05:c3:9d:7b:a9:34:9f:99:7e:bb:ec:f9:78:cf: 41:52:fd:ca:bd:f2:9f:a6:f9:42:f9:32:8f:f0:49:e7:ae:c6: fe:7f:09:bb:f4:8a:75:6a:2b:0a:8b:2e:e2:b2:56:88:46:19: d4:64:11:c9:f7:55:f5:d7:35:e8:44:c2:ba:d5:07:e7:d2:1b: 5a:e9:17:5f:9e:30:0f:d1:33:5d:02:34:72:87:e0:55:f5:9f: 9b:b5:a5:f2:85:fd:54:5b:a6:f9:0b:ea:52:bc:57:f6:22:30: ff:b3:92:6b:8a:ec:04:18:48:3d:95:e6:8a:3e:37:29:c4:aa: bd:3a:8a:a1:00:39:fa:52:e9:4c:06:bc:07:af:54:ad:fd:0d: b6:70:69:b5:7e:63:54:2d:56:25:4a:c7:b0:f7:14:b1:f9:d7: 12:8c:91:c7:29:f0:9f:cc:e9:ee:95:96:51:7f:7e:cb:89:bf: df:08:82:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICKi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0 MzhFN0YwOEEwHhcNMjUwODEwMTQyMzE0WhcNMjUwODE3MTQyMzE0WjAYMRYwFAYD VQQDEw02ODk4YWI1Mi1hM2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7U0l+xVDZwKs3slffv5QwhDYNtOx4UcVD62Gm3o7ZsHaBMYhfx942bsr9txz hxsaT/oNc0yNdKxpX8xbSmNxHOFErdnQ39VkH84xES5/rFsKd/PrK3XNThOA4SP3 BRXStkc0LtwkZJoQRHuQEjmQO2T+xk0ZUjZ8Gcf9TXJA/VMhAD0vOWxT2lmfCk8/ hrDEBCKzgdeZAzhE7PB4b1WF7IicAEvU1KPJzCP269Tg+k8J02qC7n2Oe6jf0wCt kTnE6YYQOejCHDIEzNVttooVbOqpLSzzezo+4x8r2TL8VIVzHTwuFLkBIbdiaZMt zS653gvcDtuhaOSGEooHkfpoUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHdJj6LC b/DC07RMPDGOMzsmpzpEMB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0 MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44 SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjE5RS9BOTNFOTkzRTM0MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4 N1NQdkx0cXhub1ZEam44SW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApeVwns3TJSpCoxaRqM4RTu0rSlBzUYHPGiMRsiym/yqv7XoSwU/4y AQse6AiHdRNKLtJxqQW9S7eITmyAzFsY/0TOW35Vk1qdnYzuBcOde6k0n5l+u+z5 eM9BUv3KvfKfpvlC+TKP8Ennrsb+fwm79Ip1aisKiy7islaIRhnUZBHJ91X11zXo RMK61Qfn0hta6RdfnjAP0TNdAjRyh+BV9Z+btaXyhf1UW6b5C+pSvFf2IjD/s5Jr iuwEGEg9leaKPjcpxKq9OoqhADn6UulMBrwHr1St/Q22cGm1fmNULVYlSsew9xSx +dcSjJHHKfCfzOnulZZRf37Lib/fCIJ9 -----END CERTIFICATE-----Generated at Sun Aug 10 16:07:49 2025 by rpki-client