$ rpki-client -vvf rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.mft File: Vkbgeg9gJfHiYPHEmW-aaBspIHE.mft (raw, json) Hash identifier: 68uLO2qg39oJVspcR3dA4OYkhIBYItYilSNOrtkzHB0= Subject key identifier: D5:D9:9F:8E:5A:DA:6E:8E:8F:ED:1D:1B:1D:1F:C6:9F:ED:21:83:82 Authority key identifier: 56:46:E0:7A:0F:60:25:F1:E2:60:F1:C4:99:6F:9A:68:1B:29:20:71 Certificate issuer: /CN=A91203DC/serialNumber=5646E07A0F6025F1E260F1C4996F9A681B292071 Certificate serial: 21B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vkbgeg9gJfHiYPHEmW-aaBspIHE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.mft Manifest number: 21A4 Signing time: Fri 22 Aug 2025 15:56:52 +0000 Manifest this update: Fri 22 Aug 2025 15:56:52 +0000 Manifest next update: Fri 29 Aug 2025 15:56:52 +0000 Files and hashes: 1: Vkbgeg9gJfHiYPHEmW-aaBspIHE.crl (hash: GDvFX4IL6xSkzN2upfXctFx9WRWUY///+ts/P6HbJcU=) 2: 1D9DC82A652311EBA8CF3C4CC4F9AE02.roa (hash: dCLTxe5AeU3EWuhpQGl4ZlWRgK483ALuIyneqH0vPGA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.crl rsync://rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vkbgeg9gJfHiYPHEmW-aaBspIHE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:56:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8624 (0x21b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91203DC, serialNumber=5646E07A0F6025F1E260F1C4996F9A681B292071 Validity Not Before: Aug 22 15:56:52 2025 GMT Not After : Aug 29 15:56:52 2025 GMT Subject: CN=68a89344-720d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:2d:5c:32:67:6c:0b:02:26:39:f2:80:27:7f: 1b:31:e3:91:f4:0e:35:3d:0a:84:99:e2:2d:76:63: 65:07:63:fd:99:dc:4a:f3:e0:7d:99:2e:2b:7e:1d: ff:81:55:4d:d7:a1:2e:23:10:44:f9:37:44:95:e2: 19:69:11:13:45:4a:3b:87:f3:c7:eb:b1:14:f2:27: 48:64:92:13:3e:8b:f8:8e:2a:5d:7d:e9:dd:32:c3: 07:07:40:f1:ba:8c:78:ad:dc:43:ed:7a:c2:63:12: b8:75:db:b4:94:c7:3f:16:6f:26:86:14:4f:35:19: e6:90:5f:6d:97:5a:ad:fd:a5:65:4c:cd:df:e0:cf: a7:e7:94:46:85:4a:b1:35:d4:9b:2d:0a:89:3e:db: 16:46:67:ef:87:55:70:ba:eb:80:27:4c:e7:ef:04: 1d:c6:da:50:f4:ba:8d:28:22:c9:55:99:56:1e:72: 40:b6:95:b9:90:b5:68:a3:5d:0c:74:e0:77:71:ce: f6:66:35:0d:7d:66:81:ac:80:fd:8e:5a:77:75:f0: fb:c4:8f:b4:a4:0d:c4:3d:0e:63:29:d8:3b:a2:4c: e3:22:da:7f:66:2c:ce:cd:4f:bd:a3:df:bc:f4:24: e4:87:f3:50:82:7f:4d:2d:ac:52:62:00:e2:87:0f: 7c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:D9:9F:8E:5A:DA:6E:8E:8F:ED:1D:1B:1D:1F:C6:9F:ED:21:83:82 X509v3 Authority Key Identifier: keyid:56:46:E0:7A:0F:60:25:F1:E2:60:F1:C4:99:6F:9A:68:1B:29:20:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vkbgeg9gJfHiYPHEmW-aaBspIHE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91203DC/FAD3D6FCDC4911E5A0625F82C4F9AE02/Vkbgeg9gJfHiYPHEmW-aaBspIHE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:2a:f6:95:98:06:be:e9:26:99:1b:1c:86:de:d9:38:8c:89: 42:2d:fa:51:95:a0:14:86:95:6c:7e:df:fe:4b:97:c6:a9:83: d1:94:6a:5d:3f:a6:d8:19:6f:74:dc:15:08:17:1e:20:08:88: 42:80:5b:a1:bd:6a:df:ef:1b:ed:27:17:84:1e:8c:a9:7a:4e: 7b:0d:d3:47:68:ee:e6:7d:cb:78:04:83:bd:b6:da:7b:0d:48: cf:f2:49:ce:a8:19:1f:96:3a:f6:ac:7b:4e:ce:72:dc:b3:81: 8e:6b:cf:f6:fc:67:02:ca:e0:f7:c1:47:f1:bc:24:ef:b5:6f: fb:65:bd:30:62:ba:61:02:be:e3:9f:e0:16:56:75:56:e8:81: 7b:b6:79:60:ea:aa:b6:d6:59:9e:ce:dc:1c:e8:ec:64:53:ee: a1:90:8a:5b:80:04:1b:28:f4:27:3d:ec:27:a4:6c:21:16:ad: c7:e7:fd:13:15:c0:45:b4:53:d0:2d:5e:4f:4c:84:34:f6:52: 81:75:fc:7e:68:0c:3c:b8:3a:2b:da:94:77:a1:af:86:71:66: 83:cb:26:ef:c7:99:62:59:85:de:ed:75:a9:98:b2:74:70:91: d0:c6:4b:85:91:93:16:f7:ce:b7:69:d4:db:e6:33:c2:6b:4f: b8:95:33:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjAzREMxMTAvBgNVBAUTKDU2NDZFMDdBMEY2MDI1RjFFMjYwRjFDNDk5NkY5QTY4 MUIyOTIwNzEwHhcNMjUwODIyMTU1NjUyWhcNMjUwODI5MTU1NjUyWjAYMRYwFAYD VQQDEw02OGE4OTM0NC03MjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApy1cMmdsCwImOfKAJ38bMeOR9A41PQqEmeItdmNlB2P9mdxK8+B9mS4rfh3/ gVVN16EuIxBE+TdEleIZaRETRUo7h/PH67EU8idIZJITPov4jipdfendMsMHB0Dx uox4rdxD7XrCYxK4ddu0lMc/Fm8mhhRPNRnmkF9tl1qt/aVlTM3f4M+n55RGhUqx NdSbLQqJPtsWRmfvh1VwuuuAJ0zn7wQdxtpQ9LqNKCLJVZlWHnJAtpW5kLVoo10M dOB3cc72ZjUNfWaBrID9jlp3dfD7xI+0pA3EPQ5jKdg7okzjItp/ZizOzU+9o9+8 9CTkh/NQgn9NLaxSYgDihw98hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNXZn45a 2m6Oj+0dGx0fxp/tIYOCMB8GA1UdIwQYMBaAFFZG4HoPYCXx4mDxxJlvmmgbKSBx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMDNEQy9GQUQzRDZGQ0RD NDkxMUU1QTA2MjVGODJDNEY5QUUwMi9Wa2JnZWc5Z0pmSGlZUEhFbVctYWFCc3BJ SEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZrYmdlZzlnSmZIaVlQSEVtVy1hYUJzcElIRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MDNEQy9GQUQzRDZGQ0RDNDkxMUU1QTA2MjVGODJDNEY5QUUwMi9Wa2JnZWc5Z0pm SGlZUEhFbVctYWFCc3BJSEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOKvaVmAa+6SaZGxyG3tk4jIlCLfpRlaAUhpVsft/+S5fGqYPRlGpd P6bYGW903BUIFx4gCIhCgFuhvWrf7xvtJxeEHoypek57DdNHaO7mfct4BIO9ttp7 DUjP8knOqBkfljr2rHtOznLcs4GOa8/2/GcCyuD3wUfxvCTvtW/7Zb0wYrphAr7j n+AWVnVW6IF7tnlg6qq21lmeztwc6OxkU+6hkIpbgAQbKPQnPewnpGwhFq3H5/0T FcBFtFPQLV5PTIQ09lKBdfx+aAw8uDor2pR3oa+GcWaDyybvx5liWYXe7XWpmLJ0 cJHQxkuFkZMW9863adTb5jPCa0+4lTMM -----END CERTIFICATE-----Generated at Sat Aug 23 14:26:55 2025 by rpki-client