$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft File: nTwzrLEQPnH6H_PmAT6dwxEiafw.mft (raw, json) Hash identifier: XHsu+q6h918umIt5PmK8spF+Y5M+FwnnGlz4tFM+tkE= Subject key identifier: 5D:09:32:5B:7C:96:4C:FF:68:5B:1A:C8:3B:50:50:05:5F:E4:D9:87 Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft Manifest number: CF Signing time: Sat 23 Aug 2025 05:51:44 +0000 Manifest this update: Sat 23 Aug 2025 05:51:43 +0000 Manifest next update: Sat 30 Aug 2025 05:51:43 +0000 Files and hashes: 1: nTwzrLEQPnH6H_PmAT6dwxEiafw.crl (hash: qKTNPa+OfcSL3n6lcnB+vvrewuc2der8DwRatkf4LPE=) 2: DD76C09AB16711EFBD483568C4F9AE02.roa (hash: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:51:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Validity Not Before: Aug 23 05:51:43 2025 GMT Not After : Aug 30 05:51:43 2025 GMT Subject: CN=68a956ef-c441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9b:ab:e9:56:07:23:66:b2:d1:2f:80:d3:2d: 82:40:f1:63:34:06:e3:bd:dd:97:76:c3:7e:45:2f: b9:23:45:eb:d2:1b:54:ad:c7:df:33:9c:6e:23:de: 54:7e:c0:27:be:b2:cb:f7:f1:96:6a:4b:48:1d:c0: 2a:e3:bb:28:6d:04:a2:62:f7:1d:da:84:60:77:d7: c0:a4:ca:57:47:2c:29:5d:57:06:64:a8:4b:28:03: de:8b:d4:1c:8a:0f:18:44:48:74:e5:16:1f:d4:14: 37:fd:ce:81:ea:d2:e9:2c:e9:25:51:da:78:15:80: 2c:ae:27:0c:71:c6:a0:0c:3b:3e:9b:fa:ed:10:64: 08:6f:7f:d1:5b:cc:98:d7:e8:59:fe:6f:2b:ba:4c: 86:08:11:3e:4b:b9:50:8c:61:e5:09:61:04:86:8a: c8:8e:71:8d:0e:4c:66:48:03:ec:3e:99:ea:b5:1e: 3c:e9:43:b7:d8:93:da:2f:c8:8d:c6:71:e0:7e:dc: 6f:2d:ed:a8:8a:5d:fe:11:ae:76:74:19:7f:60:49: c8:0b:fa:b3:2a:55:a9:06:b8:4e:e8:16:68:b0:77: 26:f4:e5:ee:2e:2d:6a:2f:8c:f4:dd:78:71:6c:da: 46:80:8e:eb:ce:a4:83:30:eb:79:43:9b:01:df:74: f1:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:09:32:5B:7C:96:4C:FF:68:5B:1A:C8:3B:50:50:05:5F:E4:D9:87 X509v3 Authority Key Identifier: keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:0c:e0:8c:47:5b:47:53:f7:d3:bb:c9:0c:83:51:b8:11:cf: 2b:a9:12:d9:52:73:2c:b0:3c:f2:8e:8c:b4:47:ef:7a:11:15: c0:7d:95:b6:30:6d:2a:f8:9d:00:1d:db:fa:64:94:e8:b5:52: 8f:b6:25:a6:74:3f:bd:d3:a7:f5:08:b1:8f:23:4e:ea:1a:94: 63:32:5f:48:03:39:6c:5a:b9:08:a5:30:9f:e2:3e:ac:8a:00: 02:13:e0:23:8b:a4:b6:69:b9:ac:44:de:04:47:f9:5e:70:d3: 28:5e:97:bf:bc:17:f0:f7:dd:80:b0:5d:e0:43:b3:e2:70:1f: e4:bf:9d:a8:47:03:ae:57:f8:9c:95:85:a3:69:f2:43:12:d4: 72:62:fa:c9:7e:ad:3b:b0:f8:60:a7:0b:f0:82:51:d4:50:7c: 30:0e:10:d2:6a:c7:f6:89:63:ad:0f:ba:65:18:8e:9a:dc:0c: da:70:db:33:6d:92:a2:54:bd:c8:89:93:be:1f:92:25:6f:dd: c5:81:bb:5b:50:bd:4c:b5:86:81:d4:56:d2:13:85:f6:22:dd: ff:87:d1:ef:a8:66:5c:f2:35:66:b6:81:28:6b:e0:68:27:c5: ae:47:24:e7:cd:d1:e9:5c:10:31:5f:78:77:6e:9c:8b:11:a4: 65:c5:7f:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDlEM0MzM0FDQjExMDNFNzFGQTFGRjNFNjAxM0U5REMz MTEyMjY5RkMwHhcNMjUwODIzMDU1MTQzWhcNMjUwODMwMDU1MTQzWjAYMRYwFAYD VQQDEw02OGE5NTZlZi1jNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy5ur6VYHI2ay0S+A0y2CQPFjNAbjvd2XdsN+RS+5I0Xr0htUrcffM5xuI95U fsAnvrLL9/GWaktIHcAq47sobQSiYvcd2oRgd9fApMpXRywpXVcGZKhLKAPei9Qc ig8YREh05RYf1BQ3/c6B6tLpLOklUdp4FYAsricMccagDDs+m/rtEGQIb3/RW8yY 1+hZ/m8rukyGCBE+S7lQjGHlCWEEhorIjnGNDkxmSAPsPpnqtR486UO32JPaL8iN xnHgftxvLe2oil3+Ea52dBl/YEnIC/qzKlWpBrhO6BZosHcm9OXuLi1qL4z03Xhx bNpGgI7rzqSDMOt5Q5sB33TxnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF0JMlt8 lkz/aFsayDtQUAVf5NmHMB8GA1UdIwQYMBaAFJ08M6yxED5x+h/z5gE+ncMRImn8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82MjkxNzY0NDQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBuSDZIX1BtQVQ2ZHd4RWlh ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBu SDZIX1BtQVQ2ZHd4RWlhZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbDOCMR1tHU/fTu8kMg1G4Ec8rqRLZUnMssDzyjoy0R+96ERXAfZW2 MG0q+J0AHdv6ZJTotVKPtiWmdD+906f1CLGPI07qGpRjMl9IAzlsWrkIpTCf4j6s igACE+Aji6S2abmsRN4ER/lecNMoXpe/vBfw992AsF3gQ7PicB/kv52oRwOuV/ic lYWjafJDEtRyYvrJfq07sPhgpwvwglHUUHwwDhDSasf2iWOtD7plGI6a3AzacNsz bZKiVL3IiZO+H5Ilb93FgbtbUL1MtYaB1FbSE4X2It3/h9HvqGZc8jVmtoEoa+Bo J8WuRyTnzdHpXBAxX3h3bpyLEaRlxX9T -----END CERTIFICATE-----Generated at Sat Aug 23 12:43:34 2025 by rpki-client