$ rpki-client -vvf rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft File: 8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft (raw, json) Hash identifier: NAzPUmX9cCKEcnC98w61tTnjnpaKPn2eqiRoAqmDzgc= Subject key identifier: FE:13:FB:05:4A:F0:76:12:76:60:15:74:7D:45:63:E4:14:9F:BF:4A Authority key identifier: F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A Certificate issuer: /CN=A91709F5/serialNumber=F12895792117E90703A0020F4F359831DB2F937A Certificate serial: 6A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft Manifest number: 69 Signing time: Sat 23 Aug 2025 07:12:11 +0000 Manifest this update: Sat 23 Aug 2025 07:12:10 +0000 Manifest next update: Sat 30 Aug 2025 07:12:10 +0000 Files and hashes: 1: 8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl (hash: pLkOHepie8wBQ7dXhZ9K6Mbcv71T+4Jc0jGhxKn2JD8=) 2: A42925E8DFDA11EFB5E94125C4F9AE02.roa (hash: mx4Ct5Tnd5YkFq5qkT60Yq1dgh6KZfYC5nrKRxnyy28=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:12:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 106 (0x6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91709F5, serialNumber=F12895792117E90703A0020F4F359831DB2F937A Validity Not Before: Aug 23 07:12:10 2025 GMT Not After : Aug 30 07:12:10 2025 GMT Subject: CN=68a969ca-ffdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a9:b1:84:e1:65:da:4b:b7:7d:2e:1d:36:7e: 33:4e:fa:f7:b1:80:48:6b:f0:09:65:5c:f6:e8:72: 44:dd:6a:f4:53:3d:0f:4f:01:b2:ef:8f:57:5d:eb: c5:cc:79:1f:10:6d:3d:c6:e0:03:ad:55:6c:90:b9: 15:85:c6:6e:83:f0:93:45:7b:ef:cd:1c:ca:06:d5: b2:df:7c:8f:7a:b7:eb:cf:59:a3:d4:f3:67:cf:23: 2e:02:e6:0c:6c:f4:e8:6f:de:f7:5a:a4:00:6a:72: c4:58:b4:68:dd:45:c8:53:f1:99:11:aa:25:1d:e1: 42:3e:3c:05:5e:b4:cd:e5:0e:c7:27:06:75:03:44: 80:3c:18:04:de:dc:ed:c9:a1:7f:78:ab:09:2a:9c: 80:4e:ab:c8:de:28:3d:87:d3:45:b9:58:fe:2e:d5: f4:2c:99:7d:4d:02:d0:44:cb:13:f4:a7:e4:32:5c: 6f:05:97:ec:ae:c0:a0:10:52:e2:44:0d:62:02:31: 69:9d:ab:24:67:3b:51:2a:b6:9d:ae:c8:71:f4:8a: 54:cb:42:12:d7:ad:0f:c8:97:65:7e:73:2d:eb:e3: 91:0c:34:d6:9a:1f:fe:1f:24:5b:86:5e:e8:21:19: 9a:1d:73:cd:88:f8:1c:dc:60:a7:28:1c:bb:e2:b1: 3b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:13:FB:05:4A:F0:76:12:76:60:15:74:7D:45:63:E4:14:9F:BF:4A X509v3 Authority Key Identifier: keyid:F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:01:60:f7:0a:0a:bd:1c:d7:1f:28:e6:7a:8a:5c:cf:4a:5d: 73:82:89:99:4b:2b:f1:b9:90:26:f8:7a:3c:ec:0f:4f:68:8d: 12:ed:64:7a:14:71:cd:f1:f5:31:ec:62:31:89:8c:44:10:3f: a3:7f:9a:49:17:f2:61:93:2c:6d:25:be:65:c9:89:02:f3:67: 0a:ad:81:1b:22:a1:18:23:30:7f:a0:d5:ee:0f:36:ed:35:90: 79:f8:49:56:41:d1:49:51:cc:fb:8e:f1:7a:a9:69:67:b0:25: 00:9e:39:ec:66:58:a6:85:14:59:9b:88:a0:dd:f8:1e:cd:25: 30:bf:31:55:c7:b0:53:6c:3d:90:da:22:de:a8:0e:be:8f:9a: d0:92:0c:af:e8:c6:a7:3d:04:19:db:f6:a4:8f:70:2c:6c:aa: eb:0b:78:61:f8:b5:6c:94:ec:47:86:34:d7:e7:a5:5e:d4:64: 14:75:2c:55:57:80:b8:cf:42:fa:e2:1f:6f:27:aa:27:c1:53: b0:b9:b8:6c:bd:e2:61:bc:05:ce:ae:41:2a:0f:95:94:91:9f: d9:8e:2d:6f:6c:9e:f6:90:f5:f6:f8:d6:94:d1:a9:75:c2:c9: 45:a6:21:b4:97:2a:f1:cd:fd:76:7c:db:88:48:32:c4:f6:be: cd:d8:d9:a0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MDlGNTExMC8GA1UEBRMoRjEyODk1NzkyMTE3RTkwNzAzQTAwMjBGNEYzNTk4MzFE QjJGOTM3QTAeFw0yNTA4MjMwNzEyMTBaFw0yNTA4MzAwNzEyMTBaMBgxFjAUBgNV BAMTDTY4YTk2OWNhLWZmZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8qbGE4WXaS7d9Lh02fjNO+vexgEhr8AllXPbockTdavRTPQ9PAbLvj1dd68XM eR8QbT3G4AOtVWyQuRWFxm6D8JNFe+/NHMoG1bLffI96t+vPWaPU82fPIy4C5gxs 9Ohv3vdapABqcsRYtGjdRchT8ZkRqiUd4UI+PAVetM3lDscnBnUDRIA8GATe3O3J oX94qwkqnIBOq8jeKD2H00W5WP4u1fQsmX1NAtBEyxP0p+QyXG8Fl+yuwKAQUuJE DWICMWmdqyRnO1Eqtp2uyHH0ilTLQhLXrQ/Il2V+cy3r45EMNNaaH/4fJFuGXugh GZodc82I+BzcYKcoHLvisTvLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/hP7BUrw dhJ2YBV0fUVj5BSfv0owHwYDVR0jBBgwFoAU8SiVeSEX6QcDoAIPTzWYMdsvk3ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwOUY1LzMyODNFN0Q0REZE QTExRUY4QjQ3ODYyNEM0RjlBRTAyLzhTaVZlU0VYNlFjRG9BSVBUeldZTWRzdmsz by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOFNpVmVTRVg2UWNEb0FJUFR6V1lNZHN2azNvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw OUY1LzMyODNFN0Q0REZEQTExRUY4QjQ3ODYyNEM0RjlBRTAyLzhTaVZlU0VYNlFj RG9BSVBUeldZTWRzdmszby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACoBYPcKCr0c1x8o5nqKXM9KXXOCiZlLK/G5kCb4ejzsD09ojRLtZHoU cc3x9THsYjGJjEQQP6N/mkkX8mGTLG0lvmXJiQLzZwqtgRsioRgjMH+g1e4PNu01 kHn4SVZB0UlRzPuO8XqpaWewJQCeOexmWKaFFFmbiKDd+B7NJTC/MVXHsFNsPZDa It6oDr6PmtCSDK/oxqc9BBnb9qSPcCxsqusLeGH4tWyU7EeGNNfnpV7UZBR1LFVX gLjPQvriH28nqifBU7C5uGy94mG8Bc6uQSoPlZSRn9mOLW9snvaQ9fb41pTRqXXC yUWmIbSXKvHN/XZ824hIMsT2vs3Y2aA= -----END CERTIFICATE-----Generated at Sat Aug 23 12:44:22 2025 by rpki-client