$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.mft File: W2pwDO4aU9VRnlolxk0a0ro3zac.mft (raw, json) Hash identifier: vNYrHGG3r/RDQnS5GyKXfvctoj+B9Lwg61pU5EKAPoc= Subject key identifier: 72:DA:35:36:6E:21:C0:82:28:A9:F6:23:35:1F:BB:8E:8C:F3:F9:B9 Authority key identifier: 5B:6A:70:0C:EE:1A:53:D5:51:9E:5A:25:C6:4D:1A:D2:BA:37:CD:A7 Certificate issuer: /CN=A91AAB94/serialNumber=5B6A700CEE1A53D5519E5A25C64D1AD2BA37CDA7 Certificate serial: 028F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W2pwDO4aU9VRnlolxk0a0ro3zac.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.mft Manifest number: 028B Signing time: Sat 23 Aug 2025 01:53:23 +0000 Manifest this update: Sat 23 Aug 2025 01:53:22 +0000 Manifest next update: Sat 30 Aug 2025 01:53:22 +0000 Files and hashes: 1: W2pwDO4aU9VRnlolxk0a0ro3zac.crl (hash: nY7ZnVzeshRYf9BsTaWFkEGapwbN97AsqACJElpT1mE=) 2: 53AA673C16A911ED88058C80C4F9AE02.roa (hash: TZ/n2fdCp6It0G4ugsLwMjkFuDgasyyKStMAe77+R34=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.crl rsync://rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W2pwDO4aU9VRnlolxk0a0ro3zac.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:53:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 655 (0x28f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAB94, serialNumber=5B6A700CEE1A53D5519E5A25C64D1AD2BA37CDA7 Validity Not Before: Aug 23 01:53:22 2025 GMT Not After : Aug 30 01:53:22 2025 GMT Subject: CN=68a91f13-cb10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:85:b8:0f:a8:fd:1b:64:29:88:06:a1:2b:08: 4a:80:fb:9b:1f:5d:a3:2f:3f:c7:d7:c3:67:d2:b5: 7f:f1:19:51:01:b0:ca:34:8e:1a:58:d8:19:b8:59: d7:18:5e:e5:79:9c:fa:fb:98:73:3e:89:eb:07:fe: d7:a5:c7:7e:28:c3:f2:a8:74:52:7d:30:18:06:31: 51:6c:53:0f:96:6f:11:6d:38:20:6f:7f:4c:6e:82: ad:59:9b:6f:77:9e:b9:af:57:0f:d4:a9:14:ac:a0: 08:32:37:db:f3:90:d5:48:4e:3c:a1:01:5f:81:14: 9f:ef:dc:c9:02:19:e1:b1:99:61:3e:6f:7d:9a:46: 33:91:16:a1:d8:88:b4:69:bd:1d:29:ec:7b:5e:fa: 2c:fc:7f:88:8c:30:dc:ed:09:ba:c6:17:19:fc:28: 4c:cf:92:b6:9f:6b:d3:59:52:9f:be:35:87:27:41: 92:f8:68:e6:39:2f:8b:66:30:13:af:54:f0:53:3a: b3:85:10:70:e4:75:9b:91:d2:9e:e3:22:f9:d3:1a: 37:26:d3:07:08:45:28:02:6c:19:a4:51:ec:be:84: 35:9f:ba:ff:93:94:ab:48:c9:78:b5:9a:a2:c6:13: 47:84:ad:58:b2:9d:92:03:e5:58:ed:62:82:f9:0d: 99:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:DA:35:36:6E:21:C0:82:28:A9:F6:23:35:1F:BB:8E:8C:F3:F9:B9 X509v3 Authority Key Identifier: keyid:5B:6A:70:0C:EE:1A:53:D5:51:9E:5A:25:C6:4D:1A:D2:BA:37:CD:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W2pwDO4aU9VRnlolxk0a0ro3zac.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAB94/707023FA16A611EDAC3CA17DC4F9AE02/W2pwDO4aU9VRnlolxk0a0ro3zac.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:0e:9f:05:ee:9d:fc:50:a2:80:8d:be:ae:f5:62:6d:78:6f: a9:93:2a:b0:f5:f7:87:1c:76:19:0b:61:f4:f8:de:30:39:93: 1c:11:6f:55:6a:d9:d3:65:9f:5f:f4:81:63:f2:57:0b:64:39: f8:95:35:46:f8:8f:f6:f6:5d:d2:69:95:11:9a:12:4e:e6:94: 78:3f:e1:f0:a8:b9:b4:93:23:33:68:d9:bd:22:ce:f1:02:0f: 14:78:d2:36:4d:db:26:17:e4:ff:07:60:4e:3d:40:c1:d0:cc: f2:0b:54:47:0b:44:01:ed:e5:67:e6:74:50:ba:2c:1a:cc:e9: 06:1e:49:90:ef:52:d5:64:6d:ba:d2:5e:aa:c8:da:ef:31:42: fe:17:a1:8a:7a:f5:fc:b5:70:d9:12:22:37:36:99:8e:64:ad: 7b:be:de:24:94:5f:47:ec:6d:d7:54:a6:6b:6f:9c:d4:fb:b1: 54:61:96:e0:e5:65:20:a5:ce:61:85:24:de:d3:1e:79:6d:b9: 7d:78:82:d7:a4:87:cf:2f:aa:b0:d8:10:dc:a8:cc:b0:d8:d3: 1a:65:14:b6:59:5f:eb:4a:5a:04:62:e6:b5:e3:62:15:42:36: eb:5e:d6:c5:8d:3a:bf:0d:79:1b:1c:27:7c:f8:ef:31:19:e5: 14:76:10:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFCOTQxMTAvBgNVBAUTKDVCNkE3MDBDRUUxQTUzRDU1MTlFNUEyNUM2NEQxQUQy QkEzN0NEQTcwHhcNMjUwODIzMDE1MzIyWhcNMjUwODMwMDE1MzIyWjAYMRYwFAYD VQQDEw02OGE5MWYxMy1jYjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuoW4D6j9G2QpiAahKwhKgPubH12jLz/H18Nn0rV/8RlRAbDKNI4aWNgZuFnX GF7leZz6+5hzPonrB/7Xpcd+KMPyqHRSfTAYBjFRbFMPlm8RbTggb39MboKtWZtv d565r1cP1KkUrKAIMjfb85DVSE48oQFfgRSf79zJAhnhsZlhPm99mkYzkRah2Ii0 ab0dKex7Xvos/H+IjDDc7Qm6xhcZ/ChMz5K2n2vTWVKfvjWHJ0GS+GjmOS+LZjAT r1TwUzqzhRBw5HWbkdKe4yL50xo3JtMHCEUoAmwZpFHsvoQ1n7r/k5SrSMl4tZqi xhNHhK1Ysp2SA+VY7WKC+Q2ZqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHLaNTZu IcCCKKn2IzUfu46M8/m5MB8GA1UdIwQYMBaAFFtqcAzuGlPVUZ5aJcZNGtK6N82n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUI5NC83MDcwMjNGQTE2 QTYxMUVEQUMzQ0ExN0RDNEY5QUUwMi9XMnB3RE80YVU5VlJubG9seGswYTBybzN6 YWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1cycHdETzRhVTlWUm5sb2x4azBhMHJvM3phYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUI5NC83MDcwMjNGQTE2QTYxMUVEQUMzQ0ExN0RDNEY5QUUwMi9XMnB3RE80YVU5 VlJubG9seGswYTBybzN6YWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnDp8F7p38UKKAjb6u9WJteG+pkyqw9feHHHYZC2H0+N4wOZMcEW9V atnTZZ9f9IFj8lcLZDn4lTVG+I/29l3SaZURmhJO5pR4P+HwqLm0kyMzaNm9Is7x Ag8UeNI2TdsmF+T/B2BOPUDB0MzyC1RHC0QB7eVn5nRQuiwazOkGHkmQ71LVZG26 0l6qyNrvMUL+F6GKevX8tXDZEiI3NpmOZK17vt4klF9H7G3XVKZrb5zU+7FUYZbg 5WUgpc5hhSTe0x55bbl9eILXpIfPL6qw2BDcqMyw2NMaZRS2WV/rSloEYua142IV QjbrXtbFjTq/DXkbHCd8+O8xGeUUdhBi -----END CERTIFICATE-----Generated at Sat Aug 23 16:42:22 2025 by rpki-client