$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.mft File: MIoPBCNx10Tky2KrUekE9wys03o.mft (raw, json) Hash identifier: 84V1oe9bnYwKnYSJm03Ez+gJhEoUnP7oMPOUC864V+I= Subject key identifier: 5C:DE:D4:3D:02:6D:4A:79:13:E0:73:B4:77:62:C3:3C:EC:20:54:1A Authority key identifier: 30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A Certificate issuer: /CN=A91B2252/serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A Certificate serial: 07FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.mft Manifest number: 07F4 Signing time: Fri 22 Aug 2025 21:07:29 +0000 Manifest this update: Fri 22 Aug 2025 21:07:29 +0000 Manifest next update: Fri 29 Aug 2025 21:07:29 +0000 Files and hashes: 1: MIoPBCNx10Tky2KrUekE9wys03o.crl (hash: LMokKfN4DPG5mBjeZjHpbLZfsNsMOs0JETt5pLjs3gM=) 2: 727EECD2678811EF99602F53C4F9AE02.roa (hash: WvAkrs/LiVkRHkVog2xW2/ey9F5S8FH9WKoT4JG9/2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.crl rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:07:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2046 (0x7fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2252, serialNumber=308A0F042371D744E4CB62AB51E904F70CACD37A Validity Not Before: Aug 22 21:07:29 2025 GMT Not After : Aug 29 21:07:29 2025 GMT Subject: CN=68a8dc11-ba4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:24:bd:f2:b3:36:d3:4a:b0:89:c0:05:af:73: 0e:c2:82:a0:8a:c0:a0:18:a9:b2:f6:fd:35:3e:1e: 98:3d:6d:fe:88:c6:40:89:fc:6a:16:c1:5d:51:4c: 7a:56:d0:c0:19:ac:c1:f4:e1:3d:da:52:32:92:9f: a4:5d:56:6c:0b:60:7c:d9:51:93:be:5a:8e:f1:61: 68:9a:f1:bb:8f:a7:4b:82:bf:3d:46:c3:d1:54:8d: a9:71:91:78:9c:ee:66:01:7a:45:25:34:f6:06:6b: 83:29:20:35:45:4d:11:c5:b2:e2:3f:c8:5f:7c:18: b7:4d:1a:a0:d3:c4:32:58:f3:86:31:65:4f:55:c1: d8:9e:fb:9c:6f:86:c7:e7:f3:d4:b4:77:c6:73:b4: a1:89:dc:71:e0:92:7c:5a:72:e7:bb:3b:88:cc:a8: e4:d8:86:c2:d2:67:fd:98:84:4e:e1:81:00:e4:f7: d3:dd:62:4b:d1:5c:55:f3:ab:60:87:24:5a:1e:ec: b9:f6:45:a5:5c:b9:1c:bf:15:9a:20:c3:3c:29:4b: 1d:1d:cc:9b:c0:a0:b9:68:ef:fe:c6:4d:85:e4:af: c0:44:ed:87:8c:89:69:d9:ab:c8:33:38:e7:38:31: 49:11:5c:e8:08:e8:1a:eb:96:0a:a6:d6:6e:38:20: 44:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:DE:D4:3D:02:6D:4A:79:13:E0:73:B4:77:62:C3:3C:EC:20:54:1A X509v3 Authority Key Identifier: keyid:30:8A:0F:04:23:71:D7:44:E4:CB:62:AB:51:E9:04:F7:0C:AC:D3:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MIoPBCNx10Tky2KrUekE9wys03o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2252/C58F8B7AF63A11EAB70A361FC4F9AE02/MIoPBCNx10Tky2KrUekE9wys03o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:8a:a1:79:ee:31:d5:1a:54:70:b9:b0:2d:5a:ed:d4:46:c6: a1:a7:db:3e:71:0a:f6:df:02:24:4b:b0:b9:32:c3:2f:7f:16: f4:d3:fa:f3:bd:a5:0e:e3:80:31:3f:c2:4b:7a:00:84:35:31: 6e:bc:bb:ad:cd:45:fa:c9:78:71:d3:18:da:dc:08:df:b3:cc: 26:18:2d:04:0b:c4:92:23:d2:20:e5:62:98:d3:e7:50:df:93: e4:ff:ae:5e:b5:a1:81:0d:7b:b5:f1:d6:4f:bf:e5:0e:e9:d2: 21:e2:ca:c8:fb:14:fe:58:ce:a8:51:5f:d6:30:62:2a:53:42: 88:a8:99:97:a8:41:db:68:d8:42:02:29:9a:b4:cc:b6:2b:e3: 5c:0e:d9:ba:0b:b8:b7:68:0a:d3:6f:9f:59:3c:dd:ec:82:1f: b1:58:02:9f:b9:84:a6:f6:48:96:e0:c6:20:b2:58:4b:1b:a6: d9:2d:ee:c3:90:82:ff:9a:19:07:af:67:f0:27:98:2c:c8:37: c9:1d:0f:e0:13:80:8c:52:35:2c:bf:eb:d0:90:6f:97:e7:f7: cf:7f:0b:bd:cd:6e:c7:07:62:ae:bb:f7:a1:f1:ad:1c:52:e1: 63:23:d9:4c:a6:1b:17:a5:c9:b7:de:ea:4c:a5:37:33:80:9c: 67:99:4c:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjIyNTIxMTAvBgNVBAUTKDMwOEEwRjA0MjM3MUQ3NDRFNENCNjJBQjUxRTkwNEY3 MENBQ0QzN0EwHhcNMjUwODIyMjEwNzI5WhcNMjUwODI5MjEwNzI5WjAYMRYwFAYD VQQDEw02OGE4ZGMxMS1iYTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtSS98rM200qwicAFr3MOwoKgisCgGKmy9v01Ph6YPW3+iMZAifxqFsFdUUx6 VtDAGazB9OE92lIykp+kXVZsC2B82VGTvlqO8WFomvG7j6dLgr89RsPRVI2pcZF4 nO5mAXpFJTT2BmuDKSA1RU0RxbLiP8hffBi3TRqg08QyWPOGMWVPVcHYnvucb4bH 5/PUtHfGc7Shidxx4JJ8WnLnuzuIzKjk2IbC0mf9mIRO4YEA5PfT3WJL0VxV86tg hyRaHuy59kWlXLkcvxWaIMM8KUsdHcybwKC5aO/+xk2F5K/ARO2HjIlp2avIMzjn ODFJEVzoCOga65YKptZuOCBEwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFze1D0C bUp5E+BztHdiwzzsIFQaMB8GA1UdIwQYMBaAFDCKDwQjcddE5Mtiq1HpBPcMrNN6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjI1Mi9DNThGOEI3QUY2 M0ExMUVBQjcwQTM2MUZDNEY5QUUwMi9NSW9QQkNOeDEwVGt5MktyVWVrRTl3eXMw M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01Jb1BCQ054MTBUa3kyS3JVZWtFOXd5czAzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MjI1Mi9DNThGOEI3QUY2M0ExMUVBQjcwQTM2MUZDNEY5QUUwMi9NSW9QQkNOeDEw VGt5MktyVWVrRTl3eXMwM28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsiqF57jHVGlRwubAtWu3URsahp9s+cQr23wIkS7C5MsMvfxb00/rz vaUO44AxP8JLegCENTFuvLutzUX6yXhx0xja3Ajfs8wmGC0EC8SSI9Ig5WKY0+dQ 35Pk/65etaGBDXu18dZPv+UO6dIh4srI+xT+WM6oUV/WMGIqU0KIqJmXqEHbaNhC AimatMy2K+NcDtm6C7i3aArTb59ZPN3sgh+xWAKfuYSm9kiW4MYgslhLG6bZLe7D kIL/mhkHr2fwJ5gsyDfJHQ/gE4CMUjUsv+vQkG+X5/fPfwu9zW7HB2Kuu/eh8a0c UuFjI9lMphsXpcm33upMpTczgJxnmUwi -----END CERTIFICATE-----Generated at Sun Aug 24 06:34:41 2025 by rpki-client