$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft File: poP2ckwCoT8tOc8vIVAL4AOA3eM.mft (raw, json) Hash identifier: 4WkA8VsQz8ilrO0YRFN0bfbEBWoGcdpQkgHf9f2OAas= Subject key identifier: 40:6F:97:35:FF:CC:1D:DE:CE:58:2C:5C:22:37:69:7A:CF:BD:F3:A4 Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3 Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3 Certificate serial: 3508 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft Manifest number: 34DA Signing time: Fri 22 Aug 2025 14:44:55 +0000 Manifest this update: Fri 22 Aug 2025 14:44:54 +0000 Manifest next update: Fri 29 Aug 2025 14:44:54 +0000 Files and hashes: 1: poP2ckwCoT8tOc8vIVAL4AOA3eM.crl (hash: bCag8hIjPMC4TCmjwVHv01p9ghVZRR1/ZHIn93AAuUk=) 2: A5FDB194C68611EFB4077137C4F9AE02.roa (hash: 20d7zSG28KO67SoUKSTv5DsgPDhDa3AEuM/R+x5ywro=) 3: A50B2F32C68611EFB4077137C4F9AE02.roa (hash: Npaiqv8wx3x0juj2XPFP6NT15iQeinsY3d+rnK9Ipa8=) 4: A582509EC68611EFB4077137C4F9AE02.roa (hash: htBdLlmm2i58ANdYRz6MXQaGCSG7yL+kzZ3EQqldEig=) 5: 5B5ECC52474711ECA7B2426CC4F9AE02.roa (hash: t8ZApbp8ZgdmZpVbm08QjAGg0vnpe//NggnR/4OMSk8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:44:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13576 (0x3508) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A8D22, serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3 Validity Not Before: Aug 22 14:44:54 2025 GMT Not After : Aug 29 14:44:54 2025 GMT Subject: CN=68a88266-fde4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:a7:40:09:4d:fc:ab:ee:e2:ff:01:c3:02:e4: 28:ef:ea:4b:49:14:0e:df:e1:31:d5:fb:4e:54:8e: 21:fd:82:db:61:cf:1d:d8:c8:b8:ed:f4:25:e0:d5: e6:9f:fc:29:27:bc:11:cf:be:b0:6c:0b:0b:43:4a: b8:c2:f0:81:ec:72:9c:c5:f0:44:28:a2:5a:16:b1: a5:d8:a8:da:b6:f8:80:c8:cd:99:6c:3e:26:6b:a1: 3e:54:bd:b9:a9:fd:bf:93:e8:57:a9:d0:3f:45:48: e2:68:8a:54:db:55:90:ce:4d:41:ed:15:78:b7:35: 37:07:cf:7b:1e:9f:99:39:c5:a9:5b:bd:d4:65:bd: 1c:82:fa:6b:3b:d5:1f:a3:84:fd:6e:0b:cf:5f:1b: 88:1c:7d:0d:28:9e:8e:39:9b:40:05:81:b9:c0:c6: 19:bd:1a:d6:d8:53:4d:9d:31:d9:9c:f5:0b:19:45: d7:79:20:f0:d1:b0:85:87:27:1c:30:1b:1c:8e:58: 01:19:b6:f1:f4:b7:00:67:91:a7:fd:20:05:4c:d5: ca:1a:e6:46:33:5f:1e:8d:9e:15:45:6a:4a:e0:88: ef:3c:e6:8e:46:02:9c:b6:48:97:6b:0b:9b:e0:57: d9:fc:87:a4:bb:1a:a6:b9:ae:23:6e:cd:97:14:84: 8e:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6F:97:35:FF:CC:1D:DE:CE:58:2C:5C:22:37:69:7A:CF:BD:F3:A4 X509v3 Authority Key Identifier: keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:1a:87:99:c5:c7:1e:ae:44:68:18:bd:52:61:4c:4a:a1:ce: e2:e4:ec:1f:9f:aa:8f:84:40:1c:b0:b5:74:a3:4b:79:df:1a: 20:8b:4d:29:69:74:22:a3:2e:97:6a:5f:91:f6:10:f8:45:a2: 49:44:96:59:f7:62:a6:75:1d:9e:fe:c2:65:be:e9:59:c7:da: 14:17:81:44:b0:f8:39:e4:94:de:99:6c:5e:81:9e:7d:5b:4a: 94:86:ff:d7:3a:b0:e0:ba:8f:1f:2b:ca:9b:87:02:d0:ea:f2: 47:01:5c:8e:75:14:aa:5c:25:30:9f:e0:72:1a:35:68:5a:29: 8f:cc:de:a0:05:2d:da:7c:07:e6:d7:28:0a:ef:c9:4a:13:68: 12:7c:78:e4:c8:e7:cb:de:c1:a9:32:fd:31:2d:0b:e6:bf:c8: 4a:2c:5b:1c:a0:8f:6d:c1:9a:46:f8:d7:33:71:1a:1c:7c:47: a1:1b:4f:e1:52:9d:e4:03:fa:c3:13:7a:2b:90:8c:1b:62:f7: 2c:0a:d6:34:db:e5:b3:56:73:37:66:36:53:35:d5:8f:71:74: e6:2b:f3:d8:2c:7a:fe:b9:fc:8c:3e:8a:11:46:ae:4d:9c:56: ab:f5:8b:fa:d2:69:4d:8a:95:77:33:42:c5:8c:89:30:6e:90: 73:12:aa:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw MDM4MERERTMwHhcNMjUwODIyMTQ0NDU0WhcNMjUwODI5MTQ0NDU0WjAYMRYwFAYD VQQDEw02OGE4ODI2Ni1mZGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9KdACU38q+7i/wHDAuQo7+pLSRQO3+Ex1ftOVI4h/YLbYc8d2Mi47fQl4NXm n/wpJ7wRz76wbAsLQ0q4wvCB7HKcxfBEKKJaFrGl2KjatviAyM2ZbD4ma6E+VL25 qf2/k+hXqdA/RUjiaIpU21WQzk1B7RV4tzU3B897Hp+ZOcWpW73UZb0cgvprO9Uf o4T9bgvPXxuIHH0NKJ6OOZtABYG5wMYZvRrW2FNNnTHZnPULGUXXeSDw0bCFhycc MBscjlgBGbbx9LcAZ5Gn/SAFTNXKGuZGM18ejZ4VRWpK4IjvPOaORgKctkiXawub 4FfZ/Iekuxqmua4jbs2XFISOIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEBvlzX/ zB3ezlgsXCI3aXrPvfOkMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OEQyMi8yNTI2OTc5ODFEOTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29U OHRPYzh2SVZBTDRBT0EzZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCGoeZxccerkRoGL1SYUxKoc7i5Owfn6qPhEAcsLV0o0t53xogi00p aXQioy6Xal+R9hD4RaJJRJZZ92KmdR2e/sJlvulZx9oUF4FEsPg55JTemWxegZ59 W0qUhv/XOrDguo8fK8qbhwLQ6vJHAVyOdRSqXCUwn+ByGjVoWimPzN6gBS3afAfm 1ygK78lKE2gSfHjkyOfL3sGpMv0xLQvmv8hKLFscoI9twZpG+NczcRocfEehG0/h Up3kA/rDE3orkIwbYvcsCtY02+WzVnM3ZjZTNdWPcXTmK/PYLHr+ufyMPooRRq5N nFar9Yv60mlNipV3M0LFjIkwbpBzEqpJ -----END CERTIFICATE-----Generated at Sat Aug 23 16:58:12 2025 by rpki-client