$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.mft File: lAiiAfAOWP6SWY7gOTkHi673d5U.mft (raw, json) Hash identifier: ZckrTpIHmx0PugJSZhf9IQ7LBsf4NDuXdBEQPPRUfF8= Subject key identifier: 89:5F:7F:C7:4E:A7:71:61:B7:45:67:94:C6:75:11:26:B5:C2:85:33 Authority key identifier: 94:08:A2:01:F0:0E:58:FE:92:59:8E:E0:39:39:07:8B:AE:F7:77:95 Certificate issuer: /CN=A91A6F68/serialNumber=9408A201F00E58FE92598EE03939078BAEF77795 Certificate serial: 6A Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lAiiAfAOWP6SWY7gOTkHi673d5U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.mft Manifest number: 6A Signing time: Sat 23 Aug 2025 07:11:29 +0000 Manifest this update: Sat 23 Aug 2025 07:11:28 +0000 Manifest next update: Sat 30 Aug 2025 07:11:28 +0000 Files and hashes: 1: lAiiAfAOWP6SWY7gOTkHi673d5U.crl (hash: nqo5GUE5pSrf95ubDrfuYzlyA2Bx1suP3Yepdw/iEnU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.crl rsync://rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lAiiAfAOWP6SWY7gOTkHi673d5U.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:11:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 106 (0x6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6F68, serialNumber=9408A201F00E58FE92598EE03939078BAEF77795 Validity Not Before: Aug 23 07:11:28 2025 GMT Not After : Aug 30 07:11:28 2025 GMT Subject: CN=68a969a1-f075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f4:a2:b6:bb:9d:80:91:e3:d9:af:7f:e2:14: 68:77:82:98:bd:df:44:c0:5b:ef:f6:fe:25:f4:de: ce:d2:0c:8b:4e:67:0c:b2:b5:4e:db:08:13:9a:68: 6f:de:61:7b:3a:be:b8:05:51:ae:da:1e:0e:6b:e7: 6d:bf:13:b9:44:d3:b9:33:6f:6a:3f:5b:e3:b3:ab: a8:90:13:62:c6:36:83:73:a9:12:6b:95:af:71:cd: 1c:50:12:79:37:08:76:da:07:b2:69:6d:2e:e3:6a: 88:27:da:45:4e:14:ba:19:c0:42:4b:fa:bc:d2:a4: a9:23:e7:1c:13:1d:b4:e2:ce:57:6a:08:88:66:2b: 41:2c:75:19:3e:51:b7:c0:d6:8a:31:46:27:46:bc: e5:88:6a:de:af:41:ef:ab:d3:eb:44:b3:e5:b5:ca: 2c:5c:c2:15:bb:b6:c6:6b:0c:08:e3:ca:cd:8a:f2: a1:78:1b:dc:4b:39:40:24:31:4d:1d:ce:d6:31:0f: c9:2b:5a:ed:89:2b:0b:bb:08:d1:08:e0:0d:41:a4: 7e:a8:f4:99:b7:3a:79:4f:0b:a6:30:3b:d5:62:78: f5:cf:0b:4c:21:94:e9:6e:5f:d8:62:b7:d3:8a:9d: 58:b0:27:12:53:fd:82:ce:2a:93:15:51:c4:2d:8b: bf:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:5F:7F:C7:4E:A7:71:61:B7:45:67:94:C6:75:11:26:B5:C2:85:33 X509v3 Authority Key Identifier: keyid:94:08:A2:01:F0:0E:58:FE:92:59:8E:E0:39:39:07:8B:AE:F7:77:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lAiiAfAOWP6SWY7gOTkHi673d5U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F68/BA565F5CDF2111EF833F4F2CC4F9AE02/lAiiAfAOWP6SWY7gOTkHi673d5U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:6f:be:4a:50:6a:6c:b5:85:e6:35:8f:52:b4:62:7e:bf:b8: b4:2a:a0:02:c2:ca:f7:4e:99:87:ae:f6:c6:39:5c:a0:26:31: 6e:8a:ee:a7:a5:fd:4b:9c:a1:3d:73:93:f3:33:75:b3:77:1b: fd:63:1a:bc:8f:9c:63:63:ed:c2:c9:ff:dc:5e:3c:1e:b4:3a: d3:6e:76:b5:bc:e8:3f:61:b3:7d:88:ac:45:4e:f7:d5:74:b4: 3c:66:0c:67:b4:07:25:4b:d3:b0:13:dd:fb:9a:84:6a:39:96: f2:6b:9f:2a:79:d0:ae:02:48:1d:04:21:d9:71:c7:3b:83:79: 5f:5f:59:35:6b:73:85:38:cc:9b:ef:0e:da:bc:3e:7c:5b:94: 69:52:74:75:74:4b:31:a7:cc:31:f0:55:13:2e:9e:19:9e:7e: 58:8c:61:a7:3f:1c:7c:2a:8c:ca:ae:6d:29:bc:ab:6e:23:6d: 59:f6:6d:b9:e3:ad:9c:d1:68:26:9c:26:47:77:84:0f:f3:fe: 9f:34:21:92:1b:04:35:93:fd:64:cc:d0:d2:9b:98:bb:ac:e1: 7e:cd:66:2d:0b:77:cf:ad:9a:00:64:44:c7:eb:d5:21:51:cd: 52:ce:a7:4f:56:2b:4c:9e:33:38:fa:ad:44:0a:fb:46:34:e5: 01:8a:5a:88 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NkY2ODExMC8GA1UEBRMoOTQwOEEyMDFGMDBFNThGRTkyNTk4RUUwMzkzOTA3OEJB RUY3Nzc5NTAeFw0yNTA4MjMwNzExMjhaFw0yNTA4MzAwNzExMjhaMBgxFjAUBgNV BAMTDTY4YTk2OWExLWYwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDb9KK2u52AkePZr3/iFGh3gpi930TAW+/2/iX03s7SDItOZwyytU7bCBOaaG/e YXs6vrgFUa7aHg5r522/E7lE07kzb2o/W+Ozq6iQE2LGNoNzqRJrla9xzRxQEnk3 CHbaB7JpbS7jaogn2kVOFLoZwEJL+rzSpKkj5xwTHbTizldqCIhmK0EsdRk+UbfA 1ooxRidGvOWIat6vQe+r0+tEs+W1yixcwhW7tsZrDAjjys2K8qF4G9xLOUAkMU0d ztYxD8krWu2JKwu7CNEI4A1BpH6o9Jm3OnlPC6YwO9ViePXPC0whlOluX9hit9OK nViwJxJT/YLOKpMVUcQti7/pAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiV9/x06n cWG3RWeUxnURJrXChTMwHwYDVR0jBBgwFoAUlAiiAfAOWP6SWY7gOTkHi673d5Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2RjY4L0JBNTY1RjVDREYy MTExRUY4MzNGNEYyQ0M0RjlBRTAyL2xBaWlBZkFPV1A2U1dZN2dPVGtIaTY3M2Q1 VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvbEFpaUFmQU9XUDZTV1k3Z09Ua0hpNjczZDVVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2 RjY4L0JBNTY1RjVDREYyMTExRUY4MzNGNEYyQ0M0RjlBRTAyL2xBaWlBZkFPV1A2 U1dZN2dPVGtIaTY3M2Q1VS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADtvvkpQamy1heY1j1K0Yn6/uLQqoALCyvdOmYeu9sY5XKAmMW6K7qel /UucoT1zk/MzdbN3G/1jGryPnGNj7cLJ/9xePB60OtNudrW86D9hs32IrEVO99V0 tDxmDGe0ByVL07AT3fuahGo5lvJrnyp50K4CSB0EIdlxxzuDeV9fWTVrc4U4zJvv Dtq8PnxblGlSdHV0SzGnzDHwVRMunhmefliMYac/HHwqjMqubSm8q24jbVn2bbnj rZzRaCacJkd3hA/z/p80IZIbBDWT/WTM0NKbmLus4X7NZi0Ld8+tmgBkRMfr1SFR zVLOp09WK0yeMzj6rUQK+0Y05QGKWog= -----END CERTIFICATE-----Generated at Sat Aug 23 19:06:25 2025 by rpki-client