$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft File: 4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json) Hash identifier: ngN4++Rl+PAqhvVqS1ZbZyC+YSH8XMa4QPWPc34ZWRY= Subject key identifier: 9A:72:F9:5C:C2:04:10:CE:AD:10:C7:BE:1E:23:03:2D:E6:E6:F0:A4 Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Certificate serial: 0832 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft Manifest number: 082A Signing time: Fri 08 Aug 2025 21:09:13 +0000 Manifest this update: Fri 08 Aug 2025 21:09:12 +0000 Manifest next update: Fri 15 Aug 2025 21:09:12 +0000 Files and hashes: 1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: IXEYjKf2+44fYwS/LkubTul95LmVicdDR3K9JK09u1s=) 2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2098 (0x832) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Validity Not Before: Aug 8 21:09:12 2025 GMT Not After : Aug 15 21:09:12 2025 GMT Subject: CN=68966778-8461 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:67:ea:ff:30:49:bf:6b:14:a4:ed:6f:e0:e3: 3f:9e:19:0e:4f:1e:8f:2c:0a:17:c1:2f:fc:6d:3f: 51:35:11:bd:e0:13:62:8c:de:79:bb:87:25:4b:7d: 1f:e2:f8:c0:8b:a6:8c:ea:da:e1:10:e4:a8:be:71: 7e:0a:89:dd:0e:a1:3c:e2:da:6a:f7:1b:04:35:9b: 28:21:56:31:ca:f0:73:61:39:e3:5d:14:59:e4:0f: 3b:14:da:56:27:7e:86:12:5e:a0:15:21:89:24:1f: 20:58:e4:ba:43:79:86:db:67:68:52:63:4e:e6:97: ac:a4:50:fa:b1:94:7f:18:e2:db:ed:b0:8a:43:61: f3:66:56:71:ee:8e:da:b6:d3:90:8f:9b:cc:54:8d: a6:7d:40:8a:1f:4f:75:79:98:fd:19:8c:78:de:c7: 9d:ae:07:e2:42:d5:48:44:8d:48:e9:01:aa:cf:82: 78:ad:cf:b7:5f:62:2e:3f:c7:07:4b:69:1d:3f:0d: 25:bc:91:17:f9:61:9d:5f:19:08:dc:7b:79:50:7f: 39:2a:a1:a7:ec:2d:aa:ff:e9:96:66:af:7b:b2:85: df:12:c7:5b:1e:17:91:8b:fb:a2:5d:fb:2c:96:f9: 39:0c:bb:a7:33:bd:ef:f5:19:fe:7c:20:fb:b9:b5: 82:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:72:F9:5C:C2:04:10:CE:AD:10:C7:BE:1E:23:03:2D:E6:E6:F0:A4 X509v3 Authority Key Identifier: keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:b5:73:c2:08:e2:3f:af:ba:bd:8f:e1:bb:81:d2:bb:1e:2b: c8:5a:34:94:4f:e1:60:e7:52:b4:55:dd:f3:3e:d3:e5:4e:88: f8:db:bd:f3:14:45:32:08:51:52:e8:43:98:95:0c:ca:35:ac: c0:4e:fd:d4:49:cd:5a:e9:2e:83:d0:e1:90:e9:c4:dc:1e:7d: 37:e6:70:ae:57:f4:3e:89:31:ab:81:11:30:e2:25:88:dd:5c: 15:12:fc:8d:88:5f:cc:71:87:86:48:a0:57:69:67:7d:29:ae: 4e:16:39:d2:50:d0:b8:a8:b6:72:ee:20:04:6b:51:27:59:d1: 2a:87:18:94:95:1f:5c:84:43:8e:17:fd:83:0f:e7:f4:f2:db: 28:03:28:64:d2:78:5d:3c:70:18:7c:0f:2c:4e:e2:c5:be:15: c9:34:9f:20:41:d3:69:d7:62:88:25:05:a4:30:39:b6:3b:27: df:ac:d1:c9:6c:28:7b:03:0a:8b:cf:37:ae:89:38:b2:86:1f: ec:b9:2c:c1:ba:ee:34:76:49:56:a7:76:80:7a:11:8b:cf:b2: bc:91:59:a4:47:cd:86:43:9e:a6:5e:20:c0:fd:a7:61:e8:e2: f6:81:f9:6c:44:f2:55:e8:19:d3:89:19:49:08:8d:80:75:aa: 76:a4:f6:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG QUQxRDM1MzIwHhcNMjUwODA4MjEwOTEyWhcNMjUwODE1MjEwOTEyWjAYMRYwFAYD VQQDEw02ODk2Njc3OC04NDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0mfq/zBJv2sUpO1v4OM/nhkOTx6PLAoXwS/8bT9RNRG94BNijN55u4clS30f 4vjAi6aM6trhEOSovnF+CondDqE84tpq9xsENZsoIVYxyvBzYTnjXRRZ5A87FNpW J36GEl6gFSGJJB8gWOS6Q3mG22doUmNO5pespFD6sZR/GOLb7bCKQ2HzZlZx7o7a ttOQj5vMVI2mfUCKH091eZj9GYx43sedrgfiQtVIRI1I6QGqz4J4rc+3X2IuP8cH S2kdPw0lvJEX+WGdXxkI3Ht5UH85KqGn7C2q/+mWZq97soXfEsdbHheRi/uiXfss lvk5DLunM73v9Rn+fCD7ubWCewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJpy+VzC BBDOrRDHvh4jAy3m5vCkMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjtXPCCOI/r7q9j+G7gdK7HivIWjSUT+Fg51K0Vd3zPtPlToj4273z FEUyCFFS6EOYlQzKNazATv3USc1a6S6D0OGQ6cTcHn035nCuV/Q+iTGrgREw4iWI 3VwVEvyNiF/McYeGSKBXaWd9Ka5OFjnSUNC4qLZy7iAEa1EnWdEqhxiUlR9chEOO F/2DD+f08tsoAyhk0nhdPHAYfA8sTuLFvhXJNJ8gQdNp12KIJQWkMDm2OyffrNHJ bCh7AwqLzzeuiTiyhh/suSzBuu40dklWp3aAehGLz7K8kVmkR82GQ56mXiDA/adh 6OL2gflsRPJV6BnTiRlJCI2Adap2pPbR -----END CERTIFICATE-----Generated at Sat Aug 9 10:45:47 2025 by rpki-client