$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft File: XhBeDvkNGLn6S4j640EMah3vcZA.mft (raw, json) Hash identifier: x6cXOkx0C3q5rcdSFx2Q4eQCf8mkKoJZH3zdd74ZZ3o= Subject key identifier: E7:E2:F0:DD:43:29:C1:AD:ED:C1:14:AB:F7:FD:29:4F:2E:07:14:1C Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Certificate serial: 0C01 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft Manifest number: 0AC3 Signing time: Tue 12 Aug 2025 20:20:41 +0000 Manifest this update: Tue 12 Aug 2025 20:20:40 +0000 Manifest next update: Tue 19 Aug 2025 20:20:40 +0000 Files and hashes: 1: XhBeDvkNGLn6S4j640EMah3vcZA.crl (hash: qKpl8IuFDqH+cNQtMvHJLxlODiMmqvF1zIkLsaVpveI=) 2: CED9053CE35211EDB7F6B44EC4F9AE02.roa (hash: JmnrBzA6dJ9YsMu7pz9xXLOAQrwChmETl1tBrYYwR4o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 20:20:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3073 (0xc01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Validity Not Before: Aug 12 20:20:40 2025 GMT Not After : Aug 19 20:20:40 2025 GMT Subject: CN=689ba219-0108 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:72:d5:cf:ab:ed:35:6f:d5:f9:87:3e:e1:ba: 29:45:83:21:7c:55:c1:c7:74:f0:c4:53:3d:ec:39: 74:3b:fa:c1:dc:72:61:0c:d6:9e:b8:4e:e2:bd:e8: fc:38:64:f5:45:dd:cc:17:20:d2:71:25:2d:35:fa: be:90:6f:7d:01:a6:12:d3:43:77:0a:6c:8c:a6:dc: d7:81:6c:bb:85:1c:44:f7:74:47:78:f2:56:b1:63: 84:8d:27:f6:76:10:dc:48:cc:bd:75:c8:ba:a2:f5: 66:ef:1e:0c:66:37:f1:94:08:ef:8c:27:70:84:ba: 73:41:99:e0:15:19:56:64:7f:51:7b:44:26:99:61: 2c:1b:4f:fe:e9:44:89:3c:a9:7c:41:42:07:19:9a: 34:01:ed:8e:e2:be:50:6a:8a:03:7d:a3:30:75:09: 57:41:82:8f:e6:ad:58:fe:eb:f9:ea:09:7d:1f:60: a6:8a:9d:1f:59:e0:33:4d:6c:95:71:f7:e0:93:fd: 4e:1d:a5:fd:d4:cf:8f:1d:00:74:c4:98:91:20:18: 1b:a2:27:b2:da:fb:31:e7:f1:ec:d5:26:ef:63:2e: 39:30:b7:de:1b:62:79:96:91:ea:6d:52:0b:03:8f: cd:21:90:c4:1f:c8:d5:fe:6d:12:64:4c:38:b5:2d: c8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:E2:F0:DD:43:29:C1:AD:ED:C1:14:AB:F7:FD:29:4F:2E:07:14:1C X509v3 Authority Key Identifier: keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:72:b3:26:78:a4:55:b6:5f:54:74:22:a3:03:ec:2e:a9:8a: 0e:86:bc:b0:b3:24:20:99:11:99:52:56:31:4e:c1:4b:a2:91: ef:64:a3:92:ee:55:b9:07:6e:c2:c1:24:34:19:1f:a4:75:f5: ed:d2:ee:20:af:57:cd:52:82:85:af:7e:04:fe:b1:af:eb:46: dd:27:02:9e:62:74:20:fc:b0:12:c2:bb:cf:4f:c4:ba:0b:a1: ca:98:0b:c9:98:77:a8:5d:e7:27:a0:8b:f1:b2:2f:16:68:76: 42:c3:67:d9:c1:ce:bd:f6:ef:9e:24:d8:e6:79:dd:01:40:dc: ea:41:91:f5:2a:1c:6e:1f:92:a6:96:c3:36:81:d9:1b:ff:75: 52:35:e9:b0:fd:f8:c4:37:ef:ac:9a:6a:07:3b:1c:a6:0f:e6: 93:a5:65:96:a4:ae:d2:19:1f:97:38:93:6f:1f:4e:11:e8:36: ae:39:3f:24:5e:a1:3b:8d:5b:9c:c8:e4:8f:c8:ad:c3:16:33: a7:c6:e1:75:e1:34:cb:49:39:0b:23:91:59:69:78:26:dd:e0: d5:5e:17:a2:80:6f:95:cf:08:55:1b:eb:56:63:ff:12:d6:e0: ea:d3:4b:35:59:3a:c3:df:7c:d1:5e:19:30:90:9f:68:bb:2c: fc:c6:0e:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB MURFRjcxOTAwHhcNMjUwODEyMjAyMDQwWhcNMjUwODE5MjAyMDQwWjAYMRYwFAYD VQQDEw02ODliYTIxOS0wMTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA23LVz6vtNW/V+Yc+4bopRYMhfFXBx3TwxFM97Dl0O/rB3HJhDNaeuE7ivej8 OGT1Rd3MFyDScSUtNfq+kG99AaYS00N3CmyMptzXgWy7hRxE93RHePJWsWOEjSf2 dhDcSMy9dci6ovVm7x4MZjfxlAjvjCdwhLpzQZngFRlWZH9Re0QmmWEsG0/+6USJ PKl8QUIHGZo0Ae2O4r5QaooDfaMwdQlXQYKP5q1Y/uv56gl9H2Cmip0fWeAzTWyV cffgk/1OHaX91M+PHQB0xJiRIBgboiey2vsx5/Hs1SbvYy45MLfeG2J5lpHqbVIL A4/NIZDEH8jV/m0SZEw4tS3IswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOfi8N1D KcGt7cEUq/f9KU8uBxQcMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjlFNy80NkFBRDZCMjkwNDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdM bjZTNGo2NDBFTWFoM3ZjWkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADcrMmeKRVtl9UdCKjA+wuqYoOhrywsyQgmRGZUlYxTsFLopHvZKOS 7lW5B27CwSQ0GR+kdfXt0u4gr1fNUoKFr34E/rGv60bdJwKeYnQg/LASwrvPT8S6 C6HKmAvJmHeoXecnoIvxsi8WaHZCw2fZwc699u+eJNjmed0BQNzqQZH1KhxuH5Km lsM2gdkb/3VSNemw/fjEN++smmoHOxymD+aTpWWWpK7SGR+XOJNvH04R6DauOT8k XqE7jVucyOSPyK3DFjOnxuF14TTLSTkLI5FZaXgm3eDVXheigG+VzwhVG+tWY/8S 1uDq00s1WTrD33zRXhkwkJ9ouyz8xg6b -----END CERTIFICATE-----Generated at Tue Aug 12 22:53:56 2025 by rpki-client