$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft File: XdRoWi6WsUFvfNM1zetK0YIvfes.mft (raw, json) Hash identifier: 0RB1//wiSH7h4HvrrbkCATjEgyqnxdxPovtBRHpEpdI= Subject key identifier: E3:A6:1D:B5:F7:BD:0E:05:08:39:8B:E5:A9:19:75:B2:5A:4B:EB:9E Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft Manifest number: 01AD Signing time: Sat 23 Aug 2025 03:21:48 +0000 Manifest this update: Sat 23 Aug 2025 03:21:48 +0000 Manifest next update: Sat 30 Aug 2025 03:21:48 +0000 Files and hashes: 1: XdRoWi6WsUFvfNM1zetK0YIvfes.crl (hash: eGqDC24oIu1C6lUb1x/Mv5BkooaGIbMxGyk6ce7tgoA=) 2: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (hash: bZ3DvcSU67WmMaGW0gpbOJ7oihqEunDO2oztcjKXnww=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:21:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C, serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Validity Not Before: Aug 23 03:21:48 2025 GMT Not After : Aug 30 03:21:48 2025 GMT Subject: CN=68a933cc-4248 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a4:08:b8:34:d4:d4:ab:db:91:72:5e:c4:4e: bb:95:69:b1:78:f7:f2:5b:0f:3d:f5:e3:8d:be:2e: 62:1b:ad:f6:fe:57:73:0d:89:35:9e:6b:9d:7a:52: a1:52:e0:72:37:94:a3:ef:8f:f8:39:f5:f8:c3:3f: 37:7e:b6:a8:03:6d:15:41:c5:ae:3b:6e:4a:f1:4f: ba:a6:b6:cf:a0:44:ee:8b:f3:87:a6:19:70:63:38: 1b:c1:70:17:e9:74:7b:3d:ad:6a:6b:0b:26:1f:8d: b1:ed:20:4a:da:9e:cb:d7:b9:4a:72:47:90:39:dd: 17:25:e3:31:b6:d1:f6:52:1f:b2:1f:8f:50:36:60: 8c:4f:e6:f6:7e:34:61:90:24:cd:44:06:9e:8c:08: f6:d5:4d:61:09:74:94:10:88:5b:86:9b:21:de:84: dc:aa:3f:a6:07:8a:be:49:c0:61:af:44:ac:b9:cf: 2c:0c:ab:00:17:45:41:3d:99:89:f7:74:90:02:d9: b9:df:d1:22:82:42:b6:ab:46:30:e9:50:bd:4e:c3: b5:bb:00:c0:e1:57:83:ed:7f:ee:22:3a:ae:aa:78: 57:e0:ce:42:1c:78:bd:d7:74:2c:bb:0d:e5:ed:9f: 9e:16:69:b2:17:e0:0d:8f:85:7e:cd:8a:8f:2e:39: 19:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A6:1D:B5:F7:BD:0E:05:08:39:8B:E5:A9:19:75:B2:5A:4B:EB:9E X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:3a:85:ad:77:23:dd:9e:f5:28:e4:cd:5b:6e:85:1b:15:cd: ac:22:9e:5a:3e:21:f1:be:e3:54:3a:2b:5a:99:88:35:13:9f: e1:32:b2:1b:fa:b2:87:41:49:06:90:bd:9f:ab:b9:4c:59:25: eb:7c:9b:60:4a:bf:0f:f6:35:cb:ff:0d:b2:77:0c:00:73:3d: 85:c1:0d:5a:e9:06:37:21:60:13:c6:b5:af:22:c6:6f:f8:73: a2:04:74:db:86:fc:f2:41:25:1f:59:b4:6a:a3:61:80:10:24: 8d:76:ce:5b:ee:cf:5c:cd:00:37:84:1d:49:f0:1a:b9:ba:ee: 5b:dc:df:6c:31:83:99:3a:20:89:49:b3:cd:96:fd:07:5e:09: 36:bf:16:cd:80:59:81:53:25:e4:06:62:24:7e:37:ea:c3:97: 2e:7b:06:f9:b4:a8:2e:9a:a1:c5:f2:ad:59:6d:5a:d6:20:f3: 61:31:c0:f3:a4:ce:93:19:80:80:94:4d:35:e3:0c:b7:02:db: a6:8d:3f:f7:9f:e4:d8:ec:1f:e2:a9:b0:57:bc:1a:38:fc:e6: 88:e8:e7:2d:cb:4f:71:df:01:30:8a:dd:7e:bb:5b:9c:32:ae: 81:71:7f:53:11:52:d5:87:f7:1c:74:d0:e8:a6:de:80:09:96: 8b:08:b2:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx ODIyRjdERUIwHhcNMjUwODIzMDMyMTQ4WhcNMjUwODMwMDMyMTQ4WjAYMRYwFAYD VQQDEw02OGE5MzNjYy00MjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAraQIuDTU1KvbkXJexE67lWmxePfyWw899eONvi5iG632/ldzDYk1nmudelKh UuByN5Sj74/4OfX4wz83fraoA20VQcWuO25K8U+6prbPoETui/OHphlwYzgbwXAX 6XR7Pa1qawsmH42x7SBK2p7L17lKckeQOd0XJeMxttH2Uh+yH49QNmCMT+b2fjRh kCTNRAaejAj21U1hCXSUEIhbhpsh3oTcqj+mB4q+ScBhr0Ssuc8sDKsAF0VBPZmJ 93SQAtm539EigkK2q0Yw6VC9TsO1uwDA4VeD7X/uIjquqnhX4M5CHHi913Qsuw3l 7Z+eFmmyF+ANj4V+zYqPLjkZmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOmHbX3 vQ4FCDmL5akZdbJaS+ueMB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NV RnZmTk0xemV0SzBZSXZmZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvOoWtdyPdnvUo5M1bboUbFc2sIp5aPiHxvuNUOitamYg1E5/hMrIb +rKHQUkGkL2fq7lMWSXrfJtgSr8P9jXL/w2ydwwAcz2FwQ1a6QY3IWATxrWvIsZv +HOiBHTbhvzyQSUfWbRqo2GAECSNds5b7s9czQA3hB1J8Bq5uu5b3N9sMYOZOiCJ SbPNlv0HXgk2vxbNgFmBUyXkBmIkfjfqw5cuewb5tKgumqHF8q1ZbVrWIPNhMcDz pM6TGYCAlE014wy3AtumjT/3n+TY7B/iqbBXvBo4/OaI6Octy09x3wEwit1+u1uc Mq6BcX9TEVLVh/ccdNDopt6ACZaLCLKT -----END CERTIFICATE-----Generated at Sat Aug 23 20:20:13 2025 by rpki-client