$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: H3ddT0M+UUX+IL3AdiIdnrzmgNmzK2D0sl8WFI3v/R8= Subject key identifier: A0:AD:D1:1A:13:0F:30:D1:A9:32:1E:A9:D9:85:E0:F1:BF:97:C5:93 Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0FDA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0FA4 Signing time: Fri 08 Aug 2025 17:43:30 +0000 Manifest this update: Fri 08 Aug 2025 17:43:29 +0000 Manifest next update: Fri 15 Aug 2025 17:43:29 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: CY8ThGSkLkmo15EfLrtjNAio+0r2kz4rji5Qpl2LPAo=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: QtpDimKOHqXsxnqa4q87zCBuPpMrfxyNN2d7cp4WlrA=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: 6uU1bRzcclFeMC/RnwQZxh3s9UKuJJHVwL7cdGjMFOc=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: XWm8GaGIPPLP9AKtaT6KRszth65jZeSEF8vfSa7oAA0=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: PNhMIJG2WqhTSsHQs6Q3B5W+HPqAu/8Af4Ot4nkDDLQ=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: t18G/jUeuq8lptvTyxkqs2wnq4jb4g41EOSptQznrUs=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: Jk6V50ct0NhfCUNeq2rSB6SPY6PZ86y8Zd5FDESJ7kI=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: WNk4We2Ht/Om3rf3IbH7SVRsK901hQ7kL7sR1ONDJ8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4058 (0xfda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: Aug 8 17:43:29 2025 GMT Not After : Aug 15 17:43:29 2025 GMT Subject: CN=68963742-4c7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2a:cd:eb:98:4c:11:91:9f:c0:86:5d:ad:fc: 41:e3:33:c9:83:e3:c6:37:0a:61:96:9b:f7:eb:7c: f2:ad:77:31:0b:9f:b2:e9:50:bd:f1:6d:ad:5c:4a: af:60:ae:61:3c:d7:83:c3:10:a2:81:56:6a:9c:35: 5f:0b:f5:0a:7c:19:6c:40:e7:9a:1d:0a:ec:f4:c1: dc:66:cd:f3:34:98:fc:47:79:58:85:81:1f:dd:26: fb:b7:ba:e7:20:9d:c7:17:2d:9b:fb:a8:48:a7:59: 22:33:74:56:78:a4:d2:13:4b:1f:9b:65:9c:21:7c: 4a:77:7e:6e:60:3b:d3:53:42:82:af:af:44:30:d2: a6:f4:0f:11:2e:75:3e:44:97:85:a5:40:4c:5e:4c: 11:12:62:d2:8b:b3:83:59:64:07:83:c9:34:b7:7a: 77:b7:d9:ed:76:11:5f:63:3c:3f:26:b6:23:ee:1b: 72:d6:92:c0:a8:2a:6c:8e:35:bc:bc:c5:de:fb:31: b9:20:3c:27:19:0b:04:31:11:79:b9:92:e4:75:ef: a0:07:f3:2b:a8:1e:10:08:ac:a6:07:37:7e:6d:f9: 77:c0:44:b3:76:cb:92:8d:89:35:ff:af:20:4e:a2: ca:ac:57:fc:3b:a9:75:2f:98:f4:55:c4:16:3f:71: 26:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:AD:D1:1A:13:0F:30:D1:A9:32:1E:A9:D9:85:E0:F1:BF:97:C5:93 X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e1:8d:77:e5:dc:ee:97:04:f7:65:64:b3:73:1e:3a:c7:40:05: c1:4e:73:ad:de:ee:7a:45:88:99:ab:26:3c:65:22:a9:a3:4a: 50:f2:f1:73:40:e3:42:3e:dd:93:98:a3:20:f6:8e:f7:16:d9: 6d:33:1c:7e:f4:c3:64:f1:9c:e7:bc:01:37:cb:95:49:ec:8a: 52:27:0f:7d:39:7f:34:87:b3:d7:fa:68:4a:7f:53:d3:83:55: cd:a8:1c:52:bf:d4:60:0e:ad:3c:5b:b5:a7:84:5f:c1:af:22: 2f:a7:52:15:82:ae:d1:32:ca:75:44:6a:32:a4:66:60:a3:b5: 69:a6:ab:d4:8b:fc:b5:a1:c2:bd:b3:11:bd:62:54:92:af:f1: f0:c8:eb:1a:1e:ba:20:74:d5:3a:0f:2d:f8:64:95:e2:dd:b1: 41:45:3e:11:72:e8:39:87:ce:84:f6:a1:1b:a7:5c:a0:f6:fb: 43:8f:68:97:30:a3:bd:be:44:a2:24:3e:8f:68:eb:f8:09:4a: 02:78:28:1b:e4:87:69:62:54:d7:86:5f:9b:24:2e:af:1c:ad: ac:3b:c0:2d:b3:0c:cf:cd:02:7a:61:4b:5a:ad:49:18:c7:cd: d2:25:46:93:28:62:5f:0b:f0:22:a6:ef:0c:9e:ec:a8:f2:77: 81:96:0b:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwODA4MTc0MzI5WhcNMjUwODE1MTc0MzI5WjAYMRYwFAYD VQQDEw02ODk2Mzc0Mi00YzdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvirN65hMEZGfwIZdrfxB4zPJg+PGNwphlpv363zyrXcxC5+y6VC98W2tXEqv YK5hPNeDwxCigVZqnDVfC/UKfBlsQOeaHQrs9MHcZs3zNJj8R3lYhYEf3Sb7t7rn IJ3HFy2b+6hIp1kiM3RWeKTSE0sfm2WcIXxKd35uYDvTU0KCr69EMNKm9A8RLnU+ RJeFpUBMXkwREmLSi7ODWWQHg8k0t3p3t9ntdhFfYzw/JrYj7hty1pLAqCpsjjW8 vMXe+zG5IDwnGQsEMRF5uZLkde+gB/MrqB4QCKymBzd+bfl3wESzdsuSjYk1/68g TqLKrFf8O6l1L5j0VcQWP3EmcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKCt0RoT DzDRqTIeqdmF4PG/l8WTMB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDhjXfl3O6XBPdlZLNzHjrHQAXBTnOt3u56RYiZqyY8ZSKpo0pQ8vFz QONCPt2TmKMg9o73FtltMxx+9MNk8ZznvAE3y5VJ7IpSJw99OX80h7PX+mhKf1PT g1XNqBxSv9RgDq08W7WnhF/BryIvp1IVgq7RMsp1RGoypGZgo7VppqvUi/y1ocK9 sxG9YlSSr/HwyOsaHrogdNU6Dy34ZJXi3bFBRT4Rcug5h86E9qEbp1yg9vtDj2iX MKO9vkSiJD6PaOv4CUoCeCgb5IdpYlTXhl+bJC6vHK2sO8AtswzPzQJ6YUtarUkY x83SJUaTKGJfC/Aipu8Mnuyo8neBlgtn -----END CERTIFICATE-----Generated at Fri Aug 8 19:25:52 2025 by rpki-client