$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.mft File: bX2AV2xLO-av9DH40yM49x_fAd0.mft (raw, json) Hash identifier: hNLqRF9a/vLzi6JQuERJDUt4GVlO9IMBu7Pe7So/DfY= Subject key identifier: E0:CF:B3:69:76:C4:18:F7:02:6F:7C:1D:F9:7D:92:68:71:B7:99:FF Authority key identifier: 6D:7D:80:57:6C:4B:3B:E6:AF:F4:31:F8:D3:23:38:F7:1F:DF:01:DD Certificate issuer: /CN=A91FC1B8/serialNumber=6D7D80576C4B3BE6AFF431F8D32338F71FDF01DD Certificate serial: 0EB9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bX2AV2xLO-av9DH40yM49x_fAd0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.mft Manifest number: 0EB1 Signing time: Mon 04 Aug 2025 17:52:09 +0000 Manifest this update: Mon 04 Aug 2025 17:52:09 +0000 Manifest next update: Mon 11 Aug 2025 17:52:09 +0000 Files and hashes: 1: bX2AV2xLO-av9DH40yM49x_fAd0.crl (hash: dkQhCUQCTR93IV5TgXsSNbZkBHTaH+2ipBCIA7sfD7g=) 2: 4E150C0890FD11E98DB54881C4F9AE02.roa (hash: dB+hpclNcZTfVrplk+B2uDeZoqPu8XwgAkOEwxQUS0E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.crl rsync://rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bX2AV2xLO-av9DH40yM49x_fAd0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 17:52:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3769 (0xeb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC1B8, serialNumber=6D7D80576C4B3BE6AFF431F8D32338F71FDF01DD Validity Not Before: Aug 4 17:52:09 2025 GMT Not After : Aug 11 17:52:09 2025 GMT Subject: CN=6890f349-01d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b5:1e:9f:e7:42:84:8c:04:07:5a:10:fe:ec: 94:1f:93:f3:be:1b:7e:17:fe:9d:25:a2:44:ca:f9: c9:ba:0a:7f:45:6b:77:92:99:ee:95:bf:71:d1:b4: d9:98:39:d2:23:ea:d7:d1:2e:39:7d:e8:f0:cf:f5: 77:ce:ce:71:f7:5e:ed:fc:b4:2f:29:42:16:fa:29: 2c:33:36:2c:b4:be:15:61:37:85:96:91:1d:5d:21: 2a:45:89:a2:c3:3a:92:e3:84:62:5c:34:bc:98:a4: bf:dc:59:22:2f:d4:dd:79:37:9f:5e:59:de:1d:62: 2e:e1:47:60:82:56:9f:23:4b:6c:96:8f:15:2f:3e: 20:60:4c:c9:37:cd:ea:ba:b7:bc:71:60:a8:a4:c5: bf:c4:4f:9c:4a:7e:9f:03:e1:05:8a:34:27:c7:47: ed:00:c2:af:69:85:d5:af:d8:3b:0e:8f:67:9c:94: 94:ba:5e:cd:a5:92:d6:b9:34:d1:30:e0:12:cf:71: 1f:fd:03:25:f7:10:7e:80:98:62:bc:5d:fb:0b:fb: c9:88:c1:9a:2c:40:2f:30:ee:00:eb:70:76:86:60: ef:b9:22:b3:c8:dd:0e:bc:46:5d:7d:65:b1:f5:c6: e4:e3:83:ed:0a:dd:9b:e0:0d:9c:dd:ae:dd:48:92: 60:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:CF:B3:69:76:C4:18:F7:02:6F:7C:1D:F9:7D:92:68:71:B7:99:FF X509v3 Authority Key Identifier: keyid:6D:7D:80:57:6C:4B:3B:E6:AF:F4:31:F8:D3:23:38:F7:1F:DF:01:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bX2AV2xLO-av9DH40yM49x_fAd0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC1B8/FBDE99FA90FB11E992D5987FC4F9AE02/bX2AV2xLO-av9DH40yM49x_fAd0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:89:53:a1:80:e6:ba:91:e4:42:b1:5d:c7:76:68:16:e5:a0: f5:44:ff:77:30:08:fc:63:03:f3:01:15:18:de:96:e2:cf:fb: 86:43:fd:1c:16:fb:59:44:dd:ca:2b:d9:44:d0:4c:52:67:07: b1:58:84:06:0f:d5:fe:09:67:8b:5d:ff:b7:e0:18:12:22:4d: cf:41:72:c8:58:02:83:16:37:8d:93:06:ec:9f:a8:fd:d0:08: a3:ba:b4:be:86:f9:12:87:d6:85:9f:e2:87:76:b1:15:e3:9d: 14:0f:84:3b:db:6e:23:35:3e:65:d2:f3:17:45:ad:5d:52:f5: 5e:34:44:f9:b3:28:cd:da:73:18:c6:8f:0c:b1:dc:d7:05:56: 80:0f:e3:05:7f:0e:47:da:0f:63:f7:ae:8d:8f:2e:00:42:15: aa:d9:dc:41:df:32:cf:75:f0:7f:7d:90:62:4e:50:02:e6:b9: ec:70:c3:90:36:15:b9:1f:a8:a6:86:17:f2:b7:85:3f:22:f5: 21:fb:b7:bf:5b:fe:a6:d5:f6:a0:e3:78:66:5b:d1:ef:37:f0: a5:e0:54:f9:28:ec:e1:f4:02:bc:14:b8:79:07:0d:c5:99:ed: 68:54:c5:dc:02:f3:8d:27:ae:73:0b:25:d1:88:9d:f5:39:10: d0:22:cb:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkMxQjgxMTAvBgNVBAUTKDZEN0Q4MDU3NkM0QjNCRTZBRkY0MzFGOEQzMjMzOEY3 MUZERjAxREQwHhcNMjUwODA0MTc1MjA5WhcNMjUwODExMTc1MjA5WjAYMRYwFAYD VQQDEw02ODkwZjM0OS0wMWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLUen+dChIwEB1oQ/uyUH5Pzvht+F/6dJaJEyvnJugp/RWt3kpnulb9x0bTZ mDnSI+rX0S45fejwz/V3zs5x917t/LQvKUIW+iksMzYstL4VYTeFlpEdXSEqRYmi wzqS44RiXDS8mKS/3FkiL9TdeTefXlneHWIu4UdgglafI0tslo8VLz4gYEzJN83q ure8cWCopMW/xE+cSn6fA+EFijQnx0ftAMKvaYXVr9g7Do9nnJSUul7NpZLWuTTR MOASz3Ef/QMl9xB+gJhivF37C/vJiMGaLEAvMO4A63B2hmDvuSKzyN0OvEZdfWWx 9cbk44PtCt2b4A2c3a7dSJJg2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFODPs2l2 xBj3Am98Hfl9kmhxt5n/MB8GA1UdIwQYMBaAFG19gFdsSzvmr/Qx+NMjOPcf3wHd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQzFCOC9GQkRFOTlGQTkw RkIxMUU5OTJENTk4N0ZDNEY5QUUwMi9iWDJBVjJ4TE8tYXY5REg0MHlNNDl4X2ZB ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JYMkFWMnhMTy1hdjlESDQweU00OXhfZkFkMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QzFCOC9GQkRFOTlGQTkwRkIxMUU5OTJENTk4N0ZDNEY5QUUwMi9iWDJBVjJ4TE8t YXY5REg0MHlNNDl4X2ZBZDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIiVOhgOa6keRCsV3HdmgW5aD1RP93MAj8YwPzARUY3pbiz/uGQ/0c FvtZRN3KK9lE0ExSZwexWIQGD9X+CWeLXf+34BgSIk3PQXLIWAKDFjeNkwbsn6j9 0AijurS+hvkSh9aFn+KHdrEV450UD4Q7224jNT5l0vMXRa1dUvVeNET5syjN2nMY xo8MsdzXBVaAD+MFfw5H2g9j966Njy4AQhWq2dxB3zLPdfB/fZBiTlAC5rnscMOQ NhW5H6imhhfyt4U/IvUh+7e/W/6m1fag43hmW9HvN/Cl4FT5KOzh9AK8FLh5Bw3F me1oVMXcAvONJ65zCyXRiJ31ORDQIstN -----END CERTIFICATE-----Generated at Wed Aug 6 09:37:16 2025 by rpki-client