$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft File: 5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json) Hash identifier: yQNSmYIkC7HVLhtxF2GRu+Ih4f9myw7NGBJrlo43AWk= Subject key identifier: E9:30:3C:7B:ED:98:1F:A3:C4:07:1A:5B:53:04:CE:2B:54:90:CC:AB Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A Certificate issuer: /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft Manifest number: D6 Signing time: Sat 23 Aug 2025 05:44:06 +0000 Manifest this update: Sat 23 Aug 2025 05:44:06 +0000 Manifest next update: Sat 30 Aug 2025 05:44:06 +0000 Files and hashes: 1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: h+Fgyc3AvhIu8IoSSW80Z6aVzL2K41HsLvnuv1uOodE=) 2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: qNBV2PTtzm82Ja2P5dgUf+ogJinB9ZCYKNbddsnAs34=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:44:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Validity Not Before: Aug 23 05:44:06 2025 GMT Not After : Aug 30 05:44:06 2025 GMT Subject: CN=68a95526-869b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c2:c0:12:9c:32:8c:e7:fe:b6:07:1b:58:94: e7:95:ef:42:b4:70:5d:75:6c:c9:d8:7a:6a:f1:04: e0:4f:e3:ba:66:10:1b:62:b8:36:b2:2f:65:74:a1: bd:88:56:9f:5a:e6:a1:ee:7a:64:ba:6c:a4:68:89: 6f:f6:4c:9c:c0:50:68:4d:de:87:0c:8d:94:1c:a5: 7e:d5:ed:99:a0:b3:1f:fd:15:8c:01:e6:e5:32:39: 9e:e4:34:62:03:c4:63:a2:0c:50:c6:ad:35:6b:a8: df:54:23:50:fb:97:09:de:c3:cf:5e:a2:11:43:91: d8:f5:b5:46:83:dc:ae:46:71:8a:39:b0:f6:a8:08: b4:36:2a:ef:17:f8:13:e0:a2:d0:55:d9:6e:82:4a: 2c:21:e2:a9:35:1c:b5:2a:55:b0:15:c3:85:96:c2: cf:29:1a:dd:f3:47:fc:55:75:54:24:65:22:b7:fb: 8f:ee:52:96:e5:b8:bf:4d:08:36:1b:98:6d:0c:cd: 9f:51:af:ea:30:5d:12:c5:be:26:81:dc:82:cb:d4: d9:65:45:17:86:eb:e8:98:f8:b6:f3:67:72:10:b0: d5:33:cd:59:af:8f:49:2a:b8:0d:9b:c5:38:c1:3b: 32:c0:ed:4e:07:3e:88:19:7a:46:1c:c6:96:77:31: 6a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:30:3C:7B:ED:98:1F:A3:C4:07:1A:5B:53:04:CE:2B:54:90:CC:AB X509v3 Authority Key Identifier: keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:58:1e:7b:61:ec:d6:f6:30:8f:43:3b:79:27:a9:1f:72:20: 92:b5:fa:23:00:0f:d0:b3:67:99:8f:f0:26:96:cf:52:4c:ab: a7:bf:08:35:24:b1:7b:60:6e:62:fd:75:3c:3b:1b:09:db:9b: 97:47:c3:1f:05:c1:8c:6e:4f:fa:16:90:e1:11:d9:96:1b:4f: c5:68:e2:4f:7e:f5:86:09:f1:60:e7:ed:26:8a:f8:65:9c:b7: 5e:b5:dd:68:1c:dc:da:9f:b4:c9:90:4a:3b:dc:69:b6:e5:fe: e0:d2:ac:59:17:43:7c:18:f1:15:9e:d9:ef:ff:69:e8:e7:77: 4e:25:0e:d8:5d:0e:11:72:4b:79:4c:ac:97:af:60:ea:6b:52: 42:21:e1:94:22:06:92:7c:f5:8d:72:78:00:24:a4:17:8f:66: 43:ed:ab:b3:57:be:2c:32:a4:d0:b0:1f:16:32:60:65:70:7a: 36:cc:0a:8d:1e:6e:7b:c7:b5:5b:bc:1d:3e:9c:d3:4c:6d:89: 28:25:02:9e:5e:f7:17:07:55:20:43:26:63:08:a8:9d:d1:c0: 6f:35:98:12:50:33:70:27:08:2d:39:e4:1e:e0:e7:e9:68:e1: c7:8f:21:f0:d0:10:96:27:53:d3:86:5d:36:de:63:19:bf:4a: 7f:45:5d:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF QzdDNzBEMkEwHhcNMjUwODIzMDU0NDA2WhcNMjUwODMwMDU0NDA2WjAYMRYwFAYD VQQDEw02OGE5NTUyNi04NjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApcLAEpwyjOf+tgcbWJTnle9CtHBddWzJ2Hpq8QTgT+O6ZhAbYrg2si9ldKG9 iFafWuah7npkumykaIlv9kycwFBoTd6HDI2UHKV+1e2ZoLMf/RWMAeblMjme5DRi A8RjogxQxq01a6jfVCNQ+5cJ3sPPXqIRQ5HY9bVGg9yuRnGKObD2qAi0NirvF/gT 4KLQVdlugkosIeKpNRy1KlWwFcOFlsLPKRrd80f8VXVUJGUit/uP7lKW5bi/TQg2 G5htDM2fUa/qMF0Sxb4mgdyCy9TZZUUXhuvomPi282dyELDVM81Zr49JKrgNm8U4 wTsywO1OBz6IGXpGHMaWdzFqNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkwPHvt mB+jxAcaW1MEzitUkMyrMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4 RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6 MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJWB57YezW9jCPQzt5J6kfciCStfojAA/Qs2eZj/Amls9STKunvwg1 JLF7YG5i/XU8OxsJ25uXR8MfBcGMbk/6FpDhEdmWG0/FaOJPfvWGCfFg5+0mivhl nLdetd1oHNzan7TJkEo73Gm25f7g0qxZF0N8GPEVntnv/2no53dOJQ7YXQ4Rckt5 TKyXr2Dqa1JCIeGUIgaSfPWNcngAJKQXj2ZD7auzV74sMqTQsB8WMmBlcHo2zAqN Hm57x7VbvB0+nNNMbYkoJQKeXvcXB1UgQyZjCKid0cBvNZgSUDNwJwgtOeQe4Ofp aOHHjyHw0BCWJ1PThl023mMZv0p/RV2q -----END CERTIFICATE-----Generated at Sat Aug 23 20:25:13 2025 by rpki-client