$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft File: zFfgNkMaXqPBcqpyg0Aa88StXFk.mft (raw, json) Hash identifier: J9c7WOngYuVa/N7e/pPOBv7Z7L8sp3kHk4LemWKCrI4= Subject key identifier: A8:8F:FB:9C:6D:CF:3B:F8:A5:22:9B:A1:FA:24:15:5F:9D:2C:64:E5 Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 091F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft Manifest number: 0910 Signing time: Fri 08 Aug 2025 20:41:05 +0000 Manifest this update: Fri 08 Aug 2025 20:41:05 +0000 Manifest next update: Fri 15 Aug 2025 20:41:05 +0000 Files and hashes: 1: zFfgNkMaXqPBcqpyg0Aa88StXFk.crl (hash: TCm/RXYS1CTCYQ9eKHW5YC0k/8zAW2X3ezBvUc6dnXQ=) 2: 6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa (hash: u6H4P2TM61hqsziMp+QKQRj8V8OU+PakHeQt/LegiXU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2335 (0x91f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78, serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Aug 8 20:41:05 2025 GMT Not After : Aug 15 20:41:05 2025 GMT Subject: CN=689660e1-cad1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:f2:6e:b7:1c:12:f3:d2:b8:28:fd:97:bf:11: 3a:54:2f:c6:a5:5a:4b:5a:81:10:40:05:73:8b:fe: 43:d8:0a:4a:71:6c:ca:ea:73:38:f3:19:76:4e:b5: 8c:c0:48:61:f3:cd:c5:78:5e:81:9c:2c:54:79:39: 95:75:7a:91:e5:9a:06:61:b3:6a:a5:30:e9:8d:ee: 63:28:04:f1:57:90:91:5e:8f:fc:cc:9f:7e:ff:9a: c9:08:24:d7:a4:90:c4:5d:91:06:e8:9d:fb:ca:ee: c7:32:8b:b4:9e:71:2b:4c:ab:78:ea:e3:dc:29:d8: 92:8f:be:96:52:84:e8:19:93:ad:e0:83:d7:c9:17: 9c:4c:3b:fc:a0:40:c3:e2:db:fb:57:bd:61:10:fb: 3c:c4:d6:a8:40:6c:95:1b:16:60:1d:d5:3a:65:c2: 5c:a5:ab:9b:58:00:d4:fb:e6:c8:ea:40:0b:72:4d: b0:2a:92:b2:2b:cc:2f:cc:9a:d1:4d:50:02:0d:0e: 23:75:34:c4:6c:6f:cc:7b:54:5c:ce:71:f2:a4:90: 41:f6:de:e0:e3:97:15:c9:f7:cf:c0:e0:54:67:7b: fa:d0:fe:4e:13:22:f9:fe:c4:06:fd:4e:4c:c1:96: b4:17:b8:29:1d:37:be:cf:e7:35:57:67:ea:35:7e: 92:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:8F:FB:9C:6D:CF:3B:F8:A5:22:9B:A1:FA:24:15:5F:9D:2C:64:E5 X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:38:97:ba:a0:5e:89:ed:72:c1:77:78:16:f6:ca:85:9e:02: 76:53:9b:01:99:4f:8f:e2:7b:bb:8f:17:d1:c5:48:b9:af:0c: 81:2a:a3:47:eb:07:b2:78:24:ed:eb:67:88:cc:d0:62:76:80: 6e:d5:0c:a4:50:b9:11:a1:a7:f6:b7:39:1b:32:44:71:68:fb: 31:a8:43:02:4a:30:07:68:17:dd:36:00:84:cc:17:64:83:da: 22:c5:04:b3:78:63:dd:b0:14:74:2f:9b:bd:a3:22:50:0e:48: c5:76:95:02:bd:40:fc:b5:0a:7f:81:bd:80:5e:80:03:5e:6b: 77:83:81:ca:c3:58:e9:ab:74:2e:96:36:08:1a:e2:be:d6:44: 83:99:a5:3d:2e:df:3a:22:bf:80:7e:65:ba:34:42:96:8c:36: 7a:e5:ec:ab:4a:99:73:17:09:ec:17:2e:8f:9f:1e:53:34:5d: 47:98:e1:3f:dd:09:47:aa:4d:6a:22:ca:31:50:bc:71:90:dc: 9c:f8:5a:b6:07:55:6b:89:7a:e1:ba:a6:0a:84:71:67:ef:9d: a7:a2:c1:2c:56:c0:fd:06:18:e1:fa:87:74:5c:b0:02:3d:12: f2:1e:1d:35:01:4b:1b:63:7a:a6:4b:13:ea:82:58:73:3c:fd: cc:fe:b6:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjUwODA4MjA0MTA1WhcNMjUwODE1MjA0MTA1WjAYMRYwFAYD VQQDEw02ODk2NjBlMS1jYWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7fJutxwS89K4KP2XvxE6VC/GpVpLWoEQQAVzi/5D2ApKcWzK6nM48xl2TrWM wEhh883FeF6BnCxUeTmVdXqR5ZoGYbNqpTDpje5jKATxV5CRXo/8zJ9+/5rJCCTX pJDEXZEG6J37yu7HMou0nnErTKt46uPcKdiSj76WUoToGZOt4IPXyRecTDv8oEDD 4tv7V71hEPs8xNaoQGyVGxZgHdU6ZcJcpaubWADU++bI6kALck2wKpKyK8wvzJrR TVACDQ4jdTTEbG/Me1RcznHypJBB9t7g45cVyffPwOBUZ3v60P5OEyL5/sQG/U5M wZa0F7gpHTe+z+c1V2fqNX6SXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKiP+5xt zzv4pSKbofokFV+dLGTlMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhx UEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPOJe6oF6J7XLBd3gW9sqFngJ2U5sBmU+P4nu7jxfRxUi5rwyBKqNH 6weyeCTt62eIzNBidoBu1QykULkRoaf2tzkbMkRxaPsxqEMCSjAHaBfdNgCEzBdk g9oixQSzeGPdsBR0L5u9oyJQDkjFdpUCvUD8tQp/gb2AXoADXmt3g4HKw1jpq3Qu ljYIGuK+1kSDmaU9Lt86Ir+AfmW6NEKWjDZ65eyrSplzFwnsFy6Pnx5TNF1HmOE/ 3QlHqk1qIsoxULxxkNyc+Fq2B1VriXrhuqYKhHFn752nosEsVsD9Bhjh+od0XLAC PRLyHh01AUsbY3qmSxPqglhzPP3M/rbl -----END CERTIFICATE-----Generated at Sun Aug 10 18:56:46 2025 by rpki-client