$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: wQ24VLIr8tfot7lMBUbInSO23WIJmSJImgtro6p+i4I= Subject key identifier: 12:4F:9F:1C:70:EB:0F:A3:9B:1A:67:F9:F2:3A:57:15:CF:9E:2A:ED Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 0132 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 0130 Signing time: Sat 23 Aug 2025 04:42:50 +0000 Manifest this update: Sat 23 Aug 2025 04:42:50 +0000 Manifest next update: Sat 30 Aug 2025 04:42:50 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: rtErlCeyq//eOr/zCXy+6sDjFiP3yDtF+KMv+1n617Q=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:42:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 306 (0x132) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: Aug 23 04:42:50 2025 GMT Not After : Aug 30 04:42:50 2025 GMT Subject: CN=68a946ca-9416 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:eb:fa:10:9b:37:50:c4:47:18:d7:77:6e:1b: 3d:98:03:93:7a:3e:b7:1f:3e:77:af:1e:cc:40:40: 10:a8:ed:89:67:85:84:6b:3f:9e:f9:7a:f5:a4:03: d4:ff:dd:c3:47:db:97:de:37:e9:5c:28:dc:3d:b1: 4e:18:08:98:bb:25:2c:c1:dd:25:ec:53:d7:75:47: 5b:af:4e:82:83:fa:4c:9c:90:37:cc:4d:94:85:fc: f1:45:17:e6:77:ad:ae:16:7c:74:81:72:05:97:c3: e9:ff:22:b0:b3:2c:be:93:6c:41:d7:2e:33:07:a6: ba:88:e1:07:02:fe:ab:96:b9:07:9e:7d:b4:67:a2: 5f:a4:12:2f:4b:4e:55:76:87:81:7d:06:2a:e2:66: fc:83:78:4b:9f:b2:a4:dc:b8:74:e1:fa:ef:72:10: 8b:0b:df:df:74:d6:bc:40:81:e6:5f:b9:22:96:87: 7e:1e:27:6e:ee:2d:43:26:d4:27:62:46:7d:51:1c: 7b:81:6a:78:4e:07:93:88:45:e3:15:ea:c2:72:3a: 19:b6:97:81:54:14:e1:95:63:0f:a0:b2:09:a9:05: d9:a9:c4:6d:39:2c:93:9a:d7:1e:3b:2b:e9:e6:15: 1c:4f:9c:1b:bc:93:e8:ff:fc:58:71:be:5e:58:16: e6:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:4F:9F:1C:70:EB:0F:A3:9B:1A:67:F9:F2:3A:57:15:CF:9E:2A:ED X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:a8:29:b5:ab:a6:b9:7e:c4:08:d1:56:af:33:6a:80:97:90: 36:18:fa:dd:e6:a0:83:14:4f:d8:9c:df:91:9b:c6:5e:73:e6: cc:39:32:26:b1:ea:fa:75:8b:96:f5:84:d7:33:da:21:6b:3f: 73:be:0f:77:ff:86:68:ea:72:57:fa:be:cf:25:e3:89:e2:20: ad:6d:f3:cb:c2:b0:9f:ba:30:30:e9:e1:74:db:8f:be:9a:d8: 5d:7e:ca:a9:14:e1:02:31:57:d8:9e:ff:a9:f9:79:1c:d0:cc: a2:ce:21:7f:d9:fa:05:12:86:40:e9:80:78:fb:41:0e:27:e9: a0:da:48:a9:d4:98:32:97:45:f0:a3:15:c9:ab:3d:d0:c8:2f: 09:b7:18:54:12:56:64:d0:09:7b:94:5a:62:1f:35:f8:bc:e3: 50:a3:a0:ab:fa:55:be:ac:2d:f0:d4:3a:c3:b7:1a:2c:cb:a2: 66:42:49:fb:b0:ac:64:52:8c:74:9c:36:b0:ec:d6:24:92:7a: 78:1c:84:69:13:e7:58:0e:6c:fc:7d:a6:96:45:5e:dd:aa:4c: 9b:ab:cd:d6:de:e3:1b:07:b2:00:87:c8:1e:af:1e:23:ce:2d: e6:5c:ae:c2:c5:e6:f1:2f:7b:03:49:b8:cb:07:98:76:55:3f: ba:05:6f:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUwODIzMDQ0MjUwWhcNMjUwODMwMDQ0MjUwWjAYMRYwFAYD VQQDEw02OGE5NDZjYS05NDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+v6EJs3UMRHGNd3bhs9mAOTej63Hz53rx7MQEAQqO2JZ4WEaz+e+Xr1pAPU /93DR9uX3jfpXCjcPbFOGAiYuyUswd0l7FPXdUdbr06Cg/pMnJA3zE2UhfzxRRfm d62uFnx0gXIFl8Pp/yKwsyy+k2xB1y4zB6a6iOEHAv6rlrkHnn20Z6JfpBIvS05V doeBfQYq4mb8g3hLn7Kk3Lh04frvchCLC9/fdNa8QIHmX7kilod+Hidu7i1DJtQn YkZ9URx7gWp4TgeTiEXjFerCcjoZtpeBVBThlWMPoLIJqQXZqcRtOSyTmtceOyvp 5hUcT5wbvJPo//xYcb5eWBbmXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBJPnxxw 6w+jmxpn+fI6VxXPnirtMB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoqCm1q6a5fsQI0VavM2qAl5A2GPrd5qCDFE/YnN+Rm8Zec+bMOTIm ser6dYuW9YTXM9ohaz9zvg93/4Zo6nJX+r7PJeOJ4iCtbfPLwrCfujAw6eF024++ mthdfsqpFOECMVfYnv+p+Xkc0MyiziF/2foFEoZA6YB4+0EOJ+mg2kip1Jgyl0Xw oxXJqz3QyC8JtxhUElZk0Al7lFpiHzX4vONQo6Cr+lW+rC3w1DrDtxosy6JmQkn7 sKxkUox0nDaw7NYkknp4HIRpE+dYDmz8faaWRV7dqkybq83W3uMbB7IAh8gerx4j zi3mXK7CxebxL3sDSbjLB5h2VT+6BW8M -----END CERTIFICATE-----Generated at Sat Aug 23 19:03:59 2025 by rpki-client