$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: XAvF9DmFxfVXNDwgShlvb8yDHayiE12ThL5hMFqjufQ= Subject key identifier: F1:7B:8F:39:FD:84:D3:FE:C9:35:CA:BC:87:E9:95:0D:2C:6C:02:8F Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 080E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07D8 Signing time: Fri 22 Aug 2025 21:26:55 +0000 Manifest this update: Fri 22 Aug 2025 21:26:55 +0000 Manifest next update: Fri 29 Aug 2025 21:26:55 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: VM3vXVzC3COZCxGQHgppjASxy8PTjw+nW3ei9J8LrLY=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: Z0HHcyxz7rmGLBYwcIWDSL9D03AdZbtYiS469aOTikg=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: AOyufc93Chw9bEWHvFa0LDI+LOdW3FqSZFo43ILQvd0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: ZpHbYhB9ExSCJ+11c8ap/OdAIsKxszdOCjimKJQDTek=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: ftDRlCPQKF+Ib5B7VJZrq540hqlVUdTm8Q2C4Ih+cM8=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HxA8u7nmZWUr6BPYIZAwMw8J3pQQtwxfZZvWeTi7tWI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: YABaqUWE/JPdcjinbFv0PWoHHYymCq6aO+ylU5Xzjo0=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: XhE6x9E/aZ957HcPZHgLlj7Fv56GEXE7hy1IWMNgX6M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:26:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2062 (0x80e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Aug 22 21:26:55 2025 GMT Not After : Aug 29 21:26:55 2025 GMT Subject: CN=68a8e09f-1169 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ed:dd:90:73:eb:f3:53:3f:97:25:84:f3:a7: 0c:37:82:92:55:b1:ab:7b:1f:d7:3b:f4:94:23:37: e2:11:a9:f5:02:ed:3a:cf:08:ac:a3:68:73:56:42: 52:35:84:86:76:9d:43:29:ae:7c:c6:de:74:b8:d5: 4f:1f:a0:14:04:9f:e0:72:82:af:fd:66:19:ab:ff: b7:a0:58:81:20:81:6f:f3:85:01:b0:c5:3a:b1:ad: 06:ad:51:35:3e:a0:7d:56:50:fb:3f:a5:3c:9e:55: 17:8a:8a:e1:2c:86:08:61:0d:86:c5:20:90:af:bb: 49:7e:23:d5:4b:29:4d:25:9a:da:2f:e1:f2:4d:14: 82:09:2c:26:c0:3b:f7:a3:5b:f8:3b:dc:54:42:4e: cd:14:e1:c6:51:7f:f6:ed:a8:0a:58:d0:52:00:f6: e3:7d:25:b9:4e:c5:c3:37:e6:38:87:a4:75:96:ef: b1:3a:ba:59:78:32:40:70:b3:65:92:83:ba:13:ab: b5:27:84:aa:39:dd:21:0a:6b:85:16:dc:07:b8:27: cf:89:c2:81:1c:c7:d8:44:f1:f6:64:bc:7c:2d:38: c2:71:b1:5c:f6:13:24:82:b0:30:76:1d:59:30:0d: 87:70:ae:97:b6:e3:e6:0c:01:fe:3c:ab:14:3e:9d: 63:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:7B:8F:39:FD:84:D3:FE:C9:35:CA:BC:87:E9:95:0D:2C:6C:02:8F X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:28:92:9e:f8:c1:39:a5:d4:36:75:ce:94:aa:35:17:38:d5: 19:e9:67:34:76:42:f1:61:25:9a:66:b6:67:3f:9c:d9:3e:a2: 4f:a6:f7:8b:8c:2d:d2:f1:6c:84:ef:7a:b8:8d:b3:49:33:12: 4f:c7:ff:2f:79:81:ec:ef:59:a9:74:f3:e2:4c:7e:94:09:10: 8d:25:5b:17:8b:c5:7b:ef:e8:c6:8a:ed:0e:67:52:37:e6:59: af:16:ef:8c:01:f6:57:0d:40:96:b8:7f:18:a8:dc:01:c1:0e: 0f:e2:ac:bd:0b:28:0d:5e:72:fe:fa:98:be:96:65:ab:8a:21: 4e:69:de:5a:4c:31:ac:40:78:51:d6:71:13:f1:0e:12:1e:44: 4e:9a:04:aa:97:de:4a:12:28:ec:57:4c:15:b9:13:8e:f9:4e: 98:76:31:7b:74:61:a0:2f:ec:3a:a3:76:2e:ea:de:b3:b0:13: 41:97:18:85:50:04:45:e8:b9:56:9f:39:68:50:6a:b4:c9:e8: bc:3d:97:1f:dc:45:04:6f:6e:33:99:fb:69:b2:f7:f9:19:8d: 00:fe:f1:c0:39:0c:87:23:3f:37:1a:7c:77:2f:47:03:e7:c5: 99:34:4a:6e:72:24:37:4e:e9:a1:fc:0a:27:de:b7:5c:0e:25: 89:59:b1:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwODIyMjEyNjU1WhcNMjUwODI5MjEyNjU1WjAYMRYwFAYD VQQDEw02OGE4ZTA5Zi0xMTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAue3dkHPr81M/lyWE86cMN4KSVbGrex/XO/SUIzfiEan1Au06zwiso2hzVkJS NYSGdp1DKa58xt50uNVPH6AUBJ/gcoKv/WYZq/+3oFiBIIFv84UBsMU6sa0GrVE1 PqB9VlD7P6U8nlUXiorhLIYIYQ2GxSCQr7tJfiPVSylNJZraL+HyTRSCCSwmwDv3 o1v4O9xUQk7NFOHGUX/27agKWNBSAPbjfSW5TsXDN+Y4h6R1lu+xOrpZeDJAcLNl koO6E6u1J4SqOd0hCmuFFtwHuCfPicKBHMfYRPH2ZLx8LTjCcbFc9hMkgrAwdh1Z MA2HcK6XtuPmDAH+PKsUPp1jRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPF7jzn9 hNP+yTXKvIfplQ0sbAKPMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhKJKe+ME5pdQ2dc6UqjUXONUZ6Wc0dkLxYSWaZrZnP5zZPqJPpveL jC3S8WyE73q4jbNJMxJPx/8veYHs71mpdPPiTH6UCRCNJVsXi8V77+jGiu0OZ1I3 5lmvFu+MAfZXDUCWuH8YqNwBwQ4P4qy9CygNXnL++pi+lmWriiFOad5aTDGsQHhR 1nET8Q4SHkROmgSql95KEijsV0wVuROO+U6YdjF7dGGgL+w6o3Yu6t6zsBNBlxiF UARF6LlWnzloUGq0yei8PZcf3EUEb24zmftpsvf5GY0A/vHAOQyHIz83Gnx3L0cD 58WZNEpuciQ3Tumh/Aon3rdcDiWJWbGE -----END CERTIFICATE-----Generated at Sat Aug 23 19:35:47 2025 by rpki-client