$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft File: b8Lt8MURUqO-wRSaG9su2yk8nZU.mft (raw, json) Hash identifier: Dfg77M27NMPm93HYxEKTlyeZ+6eZz5rcxf+cCN8qi4Q= Subject key identifier: 29:33:6D:76:C9:84:D1:D6:84:0D:5F:0F:94:2A:43:C7:F0:0A:55:31 Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0D88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft Manifest number: 0D5D Signing time: Fri 22 Aug 2025 18:07:59 +0000 Manifest this update: Fri 22 Aug 2025 18:07:58 +0000 Manifest next update: Fri 29 Aug 2025 18:07:58 +0000 Files and hashes: 1: b8Lt8MURUqO-wRSaG9su2yk8nZU.crl (hash: eGQhZ7TtLwLcERPnH+IdMUypLCf4Vk5AfcvSRDuPdWU=) 2: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (hash: 8r7MWVk5x8o1qlWsJdhw0htq1GLcuT7GZDff98YKUWg=) 3: 11815E36135311EE94A8A114C4F9AE02.roa (hash: 4RiRLEUaqFnMyzAxg+jhTtVSLZnRrw+D1OLV5ZjDtiE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:07:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3464 (0xd88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Aug 22 18:07:58 2025 GMT Not After : Aug 29 18:07:58 2025 GMT Subject: CN=68a8b1ff-1311 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bf:ea:9c:9e:24:15:69:1f:1c:ee:6a:2d:1c: 9d:be:9b:19:43:f2:78:72:ce:02:f0:9e:7d:ba:fb: 48:cb:39:14:41:9e:1d:d1:b1:90:43:6b:fc:5e:34: 7a:c2:87:63:a9:bc:4c:30:0b:0c:85:24:33:69:e0: 16:f8:88:63:11:e6:eb:9c:c7:fe:c1:c4:56:83:e6: 26:d0:4d:cf:26:42:fa:f3:0e:47:ac:e3:1a:69:4f: 10:f6:de:af:73:83:11:08:90:f8:e7:34:df:e3:0b: 86:14:fe:fd:84:44:8a:57:80:04:bc:2a:f1:48:d1: 59:72:aa:41:24:b4:87:b7:98:6e:f4:a3:4f:d3:0b: 1b:4b:64:27:e3:f5:67:e5:08:1e:15:94:74:da:2d: d8:5c:43:5f:0e:27:37:91:ec:c0:89:66:49:51:f3: 27:94:07:4e:3a:6d:10:11:ed:cc:72:cf:d4:d7:42: a1:d9:d2:dd:82:ed:69:39:2a:aa:34:44:77:80:fb: 4f:89:27:4f:73:d1:a0:91:5c:50:72:07:5d:c9:1d: fe:d6:56:fd:42:03:38:aa:22:28:64:39:57:f9:d5: 3e:f6:8c:f4:72:f5:07:02:00:19:bc:05:c4:4c:0b: 7a:1b:5d:a1:5a:68:0b:c2:35:e6:62:8b:13:ac:fc: de:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:33:6D:76:C9:84:D1:D6:84:0D:5F:0F:94:2A:43:C7:F0:0A:55:31 X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:ba:1c:c5:d1:e7:e5:83:ff:87:f3:b1:fe:37:50:ee:cf:8a: 4f:8d:02:f6:c3:4e:cd:8f:9f:c9:dc:1c:2c:5a:06:aa:ca:1b: 3c:f1:88:c8:d3:3b:42:3f:e2:79:b2:74:a2:41:09:f5:4f:cb: 87:57:21:c1:60:8f:c5:56:62:00:eb:5f:c1:a4:79:8b:3d:ff: 08:e2:91:20:60:77:c8:c8:f6:f6:f0:67:a2:50:99:76:be:a2: d9:e1:f5:b6:9e:a1:d1:00:2d:50:93:05:28:6c:d6:c6:8f:84: fa:21:2d:65:7a:da:0c:20:14:16:54:aa:0a:e2:a8:f9:d9:fb: 93:2c:d9:79:b1:bd:89:08:78:48:8b:ed:35:00:f6:7b:47:b3: 76:87:ba:9f:0c:45:c4:5a:ac:0a:d0:cd:70:8c:79:a3:1d:c4: 22:ef:69:f2:bf:5c:08:3d:ee:77:b3:c0:46:63:c9:47:24:59: a8:8c:33:bb:44:d4:15:19:af:00:55:8d:f1:ea:a6:9c:b8:11: f8:9a:a0:d2:1b:27:07:8c:46:42:72:96:ca:8b:ac:b9:84:b5: e9:79:71:d8:a2:7c:f1:45:aa:29:28:56:cc:62:4f:74:9e:cb: 34:37:a3:e6:07:32:b7:96:00:91:60:ac:06:df:13:8d:6b:9a: b1:07:a1:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUwODIyMTgwNzU4WhcNMjUwODI5MTgwNzU4WjAYMRYwFAYD VQQDEw02OGE4YjFmZi0xMzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu7/qnJ4kFWkfHO5qLRydvpsZQ/J4cs4C8J59uvtIyzkUQZ4d0bGQQ2v8XjR6 wodjqbxMMAsMhSQzaeAW+IhjEebrnMf+wcRWg+Ym0E3PJkL68w5HrOMaaU8Q9t6v c4MRCJD45zTf4wuGFP79hESKV4AEvCrxSNFZcqpBJLSHt5hu9KNP0wsbS2Qn4/Vn 5QgeFZR02i3YXENfDic3kezAiWZJUfMnlAdOOm0QEe3Mcs/U10Kh2dLdgu1pOSqq NER3gPtPiSdPc9GgkVxQcgddyR3+1lb9QgM4qiIoZDlX+dU+9oz0cvUHAgAZvAXE TAt6G12hWmgLwjXmYosTrPzeBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCkzbXbJ hNHWhA1fD5QqQ8fwClUxMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTI4Qi8xRTAyNjRBQURCQzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVx Ty13UlNhRzlzdTJ5azhuWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACuhzF0eflg/+H87H+N1Duz4pPjQL2w07Nj5/J3BwsWgaqyhs88YjI 0ztCP+J5snSiQQn1T8uHVyHBYI/FVmIA61/BpHmLPf8I4pEgYHfIyPb28GeiUJl2 vqLZ4fW2nqHRAC1QkwUobNbGj4T6IS1letoMIBQWVKoK4qj52fuTLNl5sb2JCHhI i+01APZ7R7N2h7qfDEXEWqwK0M1wjHmjHcQi72nyv1wIPe53s8BGY8lHJFmojDO7 RNQVGa8AVY3x6qacuBH4mqDSGycHjEZCcpbKi6y5hLXpeXHYonzxRaopKFbMYk90 nss0N6PmBzK3lgCRYKwG3xONa5qxB6Fx -----END CERTIFICATE-----Generated at Sun Aug 24 09:02:54 2025 by rpki-client