$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft File: cJdlx9TTMfTDasa-NH-mah8CNJA.mft (raw, json) Hash identifier: eGgu1I8cKryCD7r/zgA0e60lpXzZTdZu5b/8kz5fDVM= Subject key identifier: C9:22:FF:28:CB:3A:43:8F:14:E6:34:DB:64:A3:C3:9C:64:7B:8B:54 Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Certificate serial: 3511 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft Manifest number: 34DE Signing time: Fri 22 Aug 2025 14:18:19 +0000 Manifest this update: Fri 22 Aug 2025 14:18:18 +0000 Manifest next update: Fri 29 Aug 2025 14:18:18 +0000 Files and hashes: 1: cJdlx9TTMfTDasa-NH-mah8CNJA.crl (hash: mvGZIZzI3ALM5Fmup/w6d4l1YIbOkImD4D6kjsMn6BY=) 2: 392987D254F611E79DF7E643C4F9AE02.roa (hash: E8L7EMY++G+/jL4fto/6X8FIxPH0nU/qyOAGKr50fbg=) 3: 09E2DC32B12B11E59337F35AC4F9AE02.roa (hash: cZP7pPe4Y/msfUjF/3Xl+aRlpqp1LPFsqoN3iYA504I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:18:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13585 (0x3511) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE85E, serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Validity Not Before: Aug 22 14:18:18 2025 GMT Not After : Aug 29 14:18:18 2025 GMT Subject: CN=68a87c2a-e8bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:da:2c:31:0c:cb:30:b5:22:f7:3a:d0:72:61: 40:5c:b3:3a:56:ec:94:dc:74:6b:01:ab:0d:cb:2b: 5d:3a:ba:ca:f9:10:20:b5:37:6a:58:b3:6c:b2:00: f2:72:f1:fd:e8:9d:f4:22:ea:fc:5a:3d:ed:3f:88: eb:78:da:ef:1d:3b:f7:6b:e4:e8:f9:3d:a3:83:a9: 13:f4:17:61:18:1b:7c:63:06:c5:9b:0b:35:f5:d3: 8d:08:39:d3:67:53:b5:f2:bf:86:f2:e1:1d:eb:be: f7:97:06:c3:1f:27:55:87:b3:24:84:be:e4:da:f3: d1:60:6d:09:5e:cd:da:6f:13:c9:e4:63:b8:03:ad: 42:c3:9b:c8:d3:c9:a8:0b:84:71:6c:b9:8b:db:54: 0b:17:01:83:10:7f:85:87:b7:38:44:a6:80:8c:f8: 7f:17:d8:a4:df:fb:de:93:c7:13:af:53:c5:28:19: f0:4e:2f:14:5f:3e:05:dc:9b:8c:48:ab:a1:fa:ed: 56:d2:bc:73:83:ec:e9:ae:00:ae:c8:54:b4:ed:7c: 4e:7c:c4:63:89:8c:81:29:f8:06:fd:fe:88:1a:44: 10:c7:1e:a2:16:6e:96:f6:60:39:1e:2f:bd:93:4a: 82:53:c1:ff:8f:0f:f5:f2:47:64:49:23:d1:88:2a: 00:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:22:FF:28:CB:3A:43:8F:14:E6:34:DB:64:A3:C3:9C:64:7B:8B:54 X509v3 Authority Key Identifier: keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:3d:45:1f:5c:3d:8d:3d:c9:de:59:7f:e2:c1:67:61:76:f9: 7d:8a:3a:ff:00:fa:32:0f:3c:99:9b:d2:91:d4:77:03:97:29: f0:2f:e4:6a:ea:43:77:72:60:f5:66:b4:a7:91:58:1e:47:83: cc:42:f4:19:b5:fe:50:7b:9e:24:bb:dd:91:43:67:bc:93:e4: 8d:2f:57:e5:d4:50:e5:47:89:9b:f4:b5:77:b8:1f:22:e1:25: 22:49:8f:47:c4:03:33:60:f3:01:0d:89:25:50:c7:34:2b:36: 2b:30:42:83:eb:f9:bd:21:f4:f3:de:52:39:ef:5e:ad:40:24: 97:02:9d:29:c0:8a:36:4a:89:00:31:84:eb:c2:93:c5:44:e3: 8f:93:aa:fd:00:9b:7a:b1:41:44:9e:86:17:88:0c:4f:1f:00: 78:1d:b2:0e:44:c7:4f:1c:a3:6c:43:85:66:73:73:24:99:3e: 92:98:4e:c6:d5:ea:b5:c3:78:8d:f2:72:19:70:4d:b5:16:31: e5:25:e3:05:44:6f:8a:d5:da:f1:33:e6:4a:9b:4c:bb:bc:51: ec:fb:1f:47:32:9c:41:6f:4e:eb:64:9a:a2:63:44:24:22:42: cc:7b:1d:bd:3f:02:72:d3:a5:2f:b1:2f:20:89:ea:b0:68:96: b3:26:c9:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB MUYwMjM0OTAwHhcNMjUwODIyMTQxODE4WhcNMjUwODI5MTQxODE4WjAYMRYwFAYD VQQDEw02OGE4N2MyYS1lOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy9osMQzLMLUi9zrQcmFAXLM6VuyU3HRrAasNyytdOrrK+RAgtTdqWLNssgDy cvH96J30Iur8Wj3tP4jreNrvHTv3a+To+T2jg6kT9BdhGBt8YwbFmws19dONCDnT Z1O18r+G8uEd6773lwbDHydVh7MkhL7k2vPRYG0JXs3abxPJ5GO4A61Cw5vI08mo C4RxbLmL21QLFwGDEH+Fh7c4RKaAjPh/F9ik3/vek8cTr1PFKBnwTi8UXz4F3JuM SKuh+u1W0rxzg+zprgCuyFS07XxOfMRjiYyBKfgG/f6IGkQQxx6iFm6W9mA5Hi+9 k0qCU8H/jw/18kdkSSPRiCoA0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMki/yjL OkOPFOY022Sjw5xke4tUMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTg1RS8wQkVEMzUyNjFENkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1m VERhc2EtTkgtbWFoOENOSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKPUUfXD2NPcneWX/iwWdhdvl9ijr/APoyDzyZm9KR1HcDlynwL+Rq 6kN3cmD1ZrSnkVgeR4PMQvQZtf5Qe54ku92RQ2e8k+SNL1fl1FDlR4mb9LV3uB8i 4SUiSY9HxAMzYPMBDYklUMc0KzYrMEKD6/m9IfTz3lI5716tQCSXAp0pwIo2SokA MYTrwpPFROOPk6r9AJt6sUFEnoYXiAxPHwB4HbIORMdPHKNsQ4Vmc3MkmT6SmE7G 1eq1w3iN8nIZcE21FjHlJeMFRG+K1drxM+ZKm0y7vFHs+x9HMpxBb07rZJqiY0Qk IkLMex29PwJy06UvsS8gieqwaJazJsmm -----END CERTIFICATE-----Generated at Sat Aug 23 19:08:26 2025 by rpki-client