$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: ESHXqFlmBvVDjvPsmfhQiSPIxcBz7V8HY33pGblWuLI= Subject key identifier: DD:8F:02:3B:19:A1:A1:ED:D2:69:09:16:EA:D5:55:B8:F7:2E:0F:95 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 57 Signing time: Mon 11 Aug 2025 07:28:27 +0000 Manifest this update: Mon 11 Aug 2025 07:28:27 +0000 Manifest next update: Mon 18 Aug 2025 07:28:27 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: UB2+akmArct+UkUOj8FBnplb+KgMI7dHdKiRhUgpYkE=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 Aug 2025 07:28:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 89 (0x59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985, serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Validity Not Before: Aug 11 07:28:27 2025 GMT Not After : Aug 18 07:28:27 2025 GMT Subject: CN=68999b9b-a96d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:32:83:8d:af:20:f9:ca:b5:23:1b:e0:fe:ac: d1:e6:52:81:d7:2b:6b:60:39:e4:39:2f:7b:40:94: b0:52:d3:39:85:df:e1:a6:fd:16:39:ca:1c:3f:e8: df:a8:82:18:e1:cf:cb:eb:54:7a:97:b0:1c:96:c7: 1c:5d:b8:e8:a3:fe:2d:84:f9:86:52:3e:c8:f6:35: 91:e2:6d:f7:e7:b7:be:23:b7:6c:f5:56:37:a0:d1: 16:83:48:12:33:53:f8:92:52:dc:ea:43:31:6d:51: c6:52:2b:63:95:79:a4:ba:c2:59:44:15:e1:72:38: 4b:5f:76:f8:ab:e3:5f:e2:27:0a:8a:a5:72:e4:fe: a7:ee:18:25:6d:c9:fa:d5:10:ff:cd:95:3b:f2:51: 56:d4:b4:f0:8b:cf:2a:b6:94:9b:d0:4c:be:44:3c: c6:65:09:82:61:74:96:14:dc:14:01:63:0f:e8:28: b7:0e:2b:a2:b2:45:67:46:06:64:cb:bf:8a:f7:c2: 57:52:45:fc:45:33:6d:34:73:c4:13:61:c5:66:ab: a1:84:68:35:df:f8:17:5b:09:2d:ea:2f:07:5b:d4: d3:e7:72:c4:6a:d7:54:7d:bd:f7:fb:08:18:60:40: 8e:a2:6f:d0:89:51:b5:44:bf:0e:e7:94:5e:58:db: 3e:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:8F:02:3B:19:A1:A1:ED:D2:69:09:16:EA:D5:55:B8:F7:2E:0F:95 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:87:99:c5:d6:ae:e6:04:72:0e:ca:a6:ff:3c:d7:82:42:4e: 9b:30:54:e3:59:9b:05:eb:d1:29:75:bc:cd:05:25:e9:d4:9b: ef:76:8e:2d:9e:6f:b9:cf:48:24:d3:38:79:48:54:9c:b2:25: ae:38:d8:fb:61:75:b2:c8:7f:17:ac:40:d1:e9:8f:40:3e:41: 82:a8:d6:97:d1:ec:90:52:a6:6d:c1:ee:be:02:e5:e0:d6:27: 39:6e:2b:ca:a7:76:da:f0:38:d0:12:84:45:9f:9b:1d:34:66: 9a:45:7a:d1:d4:94:c5:6d:96:55:7f:ce:b5:13:cb:ac:3f:e3: 70:00:38:30:39:0a:30:09:34:11:3f:df:93:ce:6e:fd:e9:1c: 85:75:e7:b4:6a:93:ec:15:70:ff:27:37:1d:9a:86:8a:3a:d8: 95:1b:6c:89:6b:24:7e:b7:94:44:4b:8a:94:0b:c9:a0:ca:9e: 3a:da:c7:96:51:7c:17:33:c0:28:f0:40:01:6c:b2:12:3a:f1: 98:70:9e:1e:62:53:f1:25:06:9d:fe:d6:40:2b:32:78:b6:83: 1e:75:2d:0e:f4:f3:ca:ad:b2:d0:ba:fb:f7:9f:a4:ad:63:db: 67:4c:15:df:b8:a0:bf:88:83:cb:a3:d2:21:81:89:b4:0c:e3: 79:e9:09:27 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Qzk4NTExMC8GA1UEBRMoMjlBREIzOUI2MjBFQUUzQ0I4QUZDQTJDQTE4NUY1QzQ4 NzZGRDA0MzAeFw0yNTA4MTEwNzI4MjdaFw0yNTA4MTgwNzI4MjdaMBgxFjAUBgNV BAMTDTY4OTk5YjliLWE5NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDMoONryD5yrUjG+D+rNHmUoHXK2tgOeQ5L3tAlLBS0zmF3+Gm/RY5yhw/6N+o ghjhz8vrVHqXsByWxxxduOij/i2E+YZSPsj2NZHibffnt74jt2z1Vjeg0RaDSBIz U/iSUtzqQzFtUcZSK2OVeaS6wllEFeFyOEtfdvir41/iJwqKpXLk/qfuGCVtyfrV EP/NlTvyUVbUtPCLzyq2lJvQTL5EPMZlCYJhdJYU3BQBYw/oKLcOK6KyRWdGBmTL v4r3wldSRfxFM200c8QTYcVmq6GEaDXf+BdbCS3qLwdb1NPncsRq11R9vff7CBhg QI6ib9CJUbVEvw7nlF5Y2z6JAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3Y8COxmh oe3SaQkW6tVVuPcuD5UwHwYDVR0jBBgwFoAUKa2zm2IOrjy4r8osoYX1xIdv0EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDOTg1LzY3M0FBMkY0RjVC NzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Eyem0ySU9yank0cjhvc29ZWDF4SWR2MEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD OTg1LzY3M0FBMkY0RjVCNzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5 NHI4b3NvWVgxeElkdjBFTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG+HmcXWruYEcg7Kpv8814JCTpswVONZmwXr0Sl1vM0FJenUm+92ji2e b7nPSCTTOHlIVJyyJa442PthdbLIfxesQNHpj0A+QYKo1pfR7JBSpm3B7r4C5eDW JzluK8qndtrwONAShEWfmx00ZppFetHUlMVtllV/zrUTy6w/43AAODA5CjAJNBE/ 35PObv3pHIV157Rqk+wVcP8nNx2ahoo62JUbbIlrJH63lERLipQLyaDKnjrax5ZR fBczwCjwQAFsshI68Zhwnh5iU/ElBp3+1kArMni2gx51LQ7088qtstC6+/efpK1j 22dMFd+4oL+Ig8uj0iGBibQM43npCSc= -----END CERTIFICATE-----Generated at Tue Aug 12 14:04:17 2025 by rpki-client