$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft File: U4XhOhtYRftEzutr7Y3rTomvOCk.mft (raw, json) Hash identifier: W3mOv+Yd6mcriGa8rjNdnK/6B19HPpyzgqRTwhOD1M4= Subject key identifier: AF:E8:FD:65:98:54:C1:59:34:2C:AA:77:C3:D1:92:69:C0:58:A7:2E Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 09A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft Manifest number: 0997 Signing time: Fri 22 Aug 2025 20:13:00 +0000 Manifest this update: Fri 22 Aug 2025 20:13:00 +0000 Manifest next update: Fri 29 Aug 2025 20:13:00 +0000 Files and hashes: 1: U4XhOhtYRftEzutr7Y3rTomvOCk.crl (hash: 4dQBt2FsUwhmEaKUUsVsAhG0W0al75WquxOp7ldlRwQ=) 2: 3636BCD2937011EA8A795583C4F9AE02.roa (hash: Xd/9pByFb2cbZ9xoUnmDVjNmjmus87X0lFOERhfsZNI=) 3: 35831FCE937011EA8A795583C4F9AE02.roa (hash: N79J5/addSjvuTRJUjHpGEDoonJ5OZtfdl2v8Aonsr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:13:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2471 (0x9a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Validity Not Before: Aug 22 20:13:00 2025 GMT Not After : Aug 29 20:13:00 2025 GMT Subject: CN=68a8cf4c-d6cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:48:26:d2:d4:4f:af:54:61:31:62:35:53:6a: 1f:ab:c0:6c:10:b0:57:fc:c7:f7:57:04:8c:5c:8d: a3:6c:4c:d2:e0:b8:89:60:f9:da:8c:23:84:72:63: 01:43:7c:f6:3c:57:ee:12:07:7f:39:92:85:e8:b0: e2:da:a4:39:4d:35:80:43:c3:05:9d:7d:d7:13:4e: 75:ff:56:9b:a3:e0:e8:a6:6a:5e:ed:df:85:01:cf: 95:b6:34:08:4d:28:05:ac:d2:b7:84:a7:06:6a:f4: 9e:11:41:b6:5e:08:f9:29:7f:c3:1f:03:55:96:61: 4f:07:a9:eb:7a:a3:dd:9a:34:72:74:c6:b9:a6:69: eb:4f:d2:06:9e:e1:0c:a5:67:08:ab:55:0e:54:78: 9e:4c:5e:65:9b:8f:3e:c5:75:5d:91:79:9f:50:06: 40:4f:71:52:9b:b8:e8:a2:5a:89:51:58:56:4d:c1: bf:e9:c4:54:12:ba:83:78:e4:f2:56:f9:61:48:59: 6a:af:40:66:0d:b6:b2:96:db:8a:82:f1:05:7e:de: 27:27:c8:86:db:e0:97:3a:05:0a:e8:ab:cf:16:55: e0:12:f1:3a:0d:23:d4:95:e6:fa:cb:15:4a:22:3b: 89:f8:f9:8e:fc:06:46:e5:85:c2:bf:ec:81:88:d5: ac:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:E8:FD:65:98:54:C1:59:34:2C:AA:77:C3:D1:92:69:C0:58:A7:2E X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:3b:a5:6a:c9:dc:d7:58:bf:6c:09:45:7d:ee:52:bd:2b:7f: b2:03:fe:0b:42:89:17:da:28:16:a5:da:f2:cb:a6:f0:49:cd: da:50:53:90:a6:6e:3f:6b:87:71:16:19:d9:ce:ad:3a:84:3a: 1c:b9:92:c7:d9:af:1b:86:b5:50:d8:92:1c:3d:88:3c:f9:a3: e2:23:b7:1f:55:e2:0f:cd:8c:8c:54:7e:73:67:6b:be:ec:dd: fc:d7:7a:f5:97:7a:56:e0:08:e2:cd:0e:83:9a:6c:e4:1f:f3: f0:b2:04:d4:d7:5c:79:e1:44:15:8a:27:f0:3a:df:0e:e1:f2: eb:00:d7:74:87:59:8c:c2:9e:cc:73:c3:28:86:ab:ac:a6:73: 28:e4:4c:f9:89:28:cf:85:91:ab:dd:8f:aa:d8:96:e8:4c:e4: a6:bc:51:4b:e5:dd:89:9d:34:c2:4f:21:5f:fa:1e:37:89:1e: fe:30:f6:68:fd:ef:48:9e:ac:12:d6:25:60:bd:f6:62:b0:5f: 31:9a:d0:b0:8b:ca:60:0f:8a:77:3f:51:32:c9:50:50:e7:80: 73:ac:ed:c1:c2:86:ba:2e:b4:ea:e7:6d:0d:60:3b:35:88:ea: 99:5c:81:5a:32:75:65:9f:be:a7:78:f9:8b:0a:e9:64:bd:cf: a1:a5:38:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjUwODIyMjAxMzAwWhcNMjUwODI5MjAxMzAwWjAYMRYwFAYD VQQDEw02OGE4Y2Y0Yy1kNmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwUgm0tRPr1RhMWI1U2ofq8BsELBX/Mf3VwSMXI2jbEzS4LiJYPnajCOEcmMB Q3z2PFfuEgd/OZKF6LDi2qQ5TTWAQ8MFnX3XE051/1abo+Dopmpe7d+FAc+VtjQI TSgFrNK3hKcGavSeEUG2Xgj5KX/DHwNVlmFPB6nreqPdmjRydMa5pmnrT9IGnuEM pWcIq1UOVHieTF5lm48+xXVdkXmfUAZAT3FSm7joolqJUVhWTcG/6cRUErqDeOTy VvlhSFlqr0BmDbayltuKgvEFft4nJ8iG2+CXOgUK6KvPFlXgEvE6DSPUleb6yxVK IjuJ+PmO/AZG5YXCv+yBiNWslQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/o/WWY VMFZNCyqd8PRkmnAWKcuMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0ZFQi9DQjJDMzNFNjkzNkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJm dEV6dXRyN1kzclRvbXZPQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXO6VqydzXWL9sCUV97lK9K3+yA/4LQokX2igWpdryy6bwSc3aUFOQ pm4/a4dxFhnZzq06hDocuZLH2a8bhrVQ2JIcPYg8+aPiI7cfVeIPzYyMVH5zZ2u+ 7N3813r1l3pW4AjizQ6DmmzkH/PwsgTU11x54UQViifwOt8O4fLrANd0h1mMwp7M c8MohquspnMo5Ez5iSjPhZGr3Y+q2JboTOSmvFFL5d2JnTTCTyFf+h43iR7+MPZo /e9InqwS1iVgvfZisF8xmtCwi8pgD4p3P1EyyVBQ54BzrO3Bwoa6LrTq520NYDs1 iOqZXIFaMnVln76nePmLCulkvc+hpTji -----END CERTIFICATE-----Generated at Sat Aug 23 23:57:30 2025 by rpki-client