$ rpki-client -vvf rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft File: 8VAZIKVfOnwnEDkUn_oop8HMOPE.mft (raw, json) Hash identifier: Msfz/96JckJUdF05VHAbnlqNKqGjXtI9Fty53KbfVeM= Subject key identifier: A6:1A:DC:B3:87:61:F8:B3:35:E2:05:F8:1F:F6:92:AA:AE:44:67:75 Authority key identifier: F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 Certificate issuer: /CN=A91B49C0/serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Certificate serial: 038B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft Manifest number: 0387 Signing time: Sat 23 Aug 2025 01:04:45 +0000 Manifest this update: Sat 23 Aug 2025 01:04:44 +0000 Manifest next update: Sat 30 Aug 2025 01:04:44 +0000 Files and hashes: 1: 8VAZIKVfOnwnEDkUn_oop8HMOPE.crl (hash: SWgvnfyLWkYlW+vGbMBIYbWKtq31d4HidDn6BLuqEgU=) 2: 8304B142B34711EC90A6DA67C4F9AE02.roa (hash: WXC/B6Dbe8kPnOwbgfCf/9me935cYsiOJufkenUuGQo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:04:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 907 (0x38b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B49C0, serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Validity Not Before: Aug 23 01:04:44 2025 GMT Not After : Aug 30 01:04:44 2025 GMT Subject: CN=68a913ac-39cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:3b:70:c8:56:4e:3d:74:97:65:50:33:90:b5: 98:8c:96:45:fb:7d:85:0b:af:ed:eb:66:a2:af:c8: 33:3d:df:51:84:2f:f6:62:b3:13:20:5d:80:43:e9: eb:33:53:9e:69:9f:99:bd:03:07:33:f4:d0:ba:84: c7:30:4e:b8:8b:45:29:5b:0f:ce:14:f3:1b:0e:dc: bb:42:8a:88:21:f8:00:a3:66:e4:e9:fa:61:b9:a6: 4b:0f:73:bd:49:f4:73:d3:29:e1:d7:39:91:c1:23: 8c:4d:b1:56:29:6e:ef:ae:03:8a:c6:b6:c4:ed:0f: c9:62:01:90:5f:1e:1b:c8:e2:d6:4c:ed:af:b9:83: 69:9f:5d:03:71:54:da:2d:83:5f:5d:44:30:89:95: b7:7e:2d:eb:8f:b5:de:da:b8:c0:12:e6:c8:da:db: ae:ef:6e:b8:2d:0f:f0:e8:30:01:a6:4a:1e:1c:77: 30:e1:5e:6d:04:b3:38:33:6e:64:83:39:d7:41:88: 73:30:7e:48:de:04:80:c4:c4:6c:ce:58:b8:12:af: c4:2b:dc:64:10:3e:a1:65:47:04:24:a7:dc:cf:e1: 13:83:79:92:d8:81:9b:0a:42:93:8f:de:b5:c6:4d: d9:e6:a1:cd:2f:95:4f:54:b9:a7:08:75:f7:cb:98: 78:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:1A:DC:B3:87:61:F8:B3:35:E2:05:F8:1F:F6:92:AA:AE:44:67:75 X509v3 Authority Key Identifier: keyid:F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:fe:05:a3:e7:44:3b:ac:10:d5:f5:46:7c:d2:a9:35:4a:55: 10:53:8b:d1:00:63:a0:9b:01:8b:59:1d:c8:fb:4c:a6:6f:dc: 0a:cb:b8:eb:b9:d6:29:1f:fb:fd:f1:8d:ec:43:ea:7c:c0:26: 13:ba:8d:0b:8e:8e:16:bf:97:c0:25:6f:48:dc:8f:20:c3:86: 4c:f6:f9:5d:68:37:29:cd:05:55:a5:0e:6e:f6:2f:d0:5e:70: a6:0b:2f:6c:c0:e9:d6:ef:40:7e:b7:68:ae:1d:5d:0a:69:b2: 25:ea:d9:96:73:58:a8:43:7f:0c:cd:1f:53:d7:d3:aa:29:5a: be:10:02:1b:14:4d:50:ef:4c:a1:f1:68:3c:de:ed:bd:fd:8f: 63:fe:a5:34:be:b5:fa:5c:5e:c6:d9:5c:68:eb:af:aa:fa:e9: 20:05:9c:64:17:3e:06:22:d8:a0:7d:33:60:43:02:ec:d3:a9: 53:08:6c:54:61:ad:0b:32:eb:d5:18:cb:f9:f8:b9:14:64:89: 0f:13:05:fc:f5:f3:c8:28:14:a8:4b:5e:b1:9a:7e:d3:25:c5: 1f:6e:c7:4e:2a:2e:75:fa:16:f3:44:83:16:3d:d2:bb:b2:67: 37:b1:77:0f:85:f5:4f:4f:45:ec:95:ab:af:d2:96:1d:b3:0a: 60:40:17:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ5QzAxMTAvBgNVBAUTKEYxNTAxOTIwQTU1RjNBN0MyNzEwMzkxNDlGRkEyOEE3 QzFDQzM4RjEwHhcNMjUwODIzMDEwNDQ0WhcNMjUwODMwMDEwNDQ0WjAYMRYwFAYD VQQDEw02OGE5MTNhYy0zOWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1ztwyFZOPXSXZVAzkLWYjJZF+32FC6/t62air8gzPd9RhC/2YrMTIF2AQ+nr M1OeaZ+ZvQMHM/TQuoTHME64i0UpWw/OFPMbDty7QoqIIfgAo2bk6fphuaZLD3O9 SfRz0ynh1zmRwSOMTbFWKW7vrgOKxrbE7Q/JYgGQXx4byOLWTO2vuYNpn10DcVTa LYNfXUQwiZW3fi3rj7Xe2rjAEubI2tuu7264LQ/w6DABpkoeHHcw4V5tBLM4M25k gznXQYhzMH5I3gSAxMRszli4Eq/EK9xkED6hZUcEJKfcz+ETg3mS2IGbCkKTj961 xk3Z5qHNL5VPVLmnCHX3y5h4JwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKYa3LOH YfizNeIF+B/2kqquRGd1MB8GA1UdIwQYMBaAFPFQGSClXzp8JxA5FJ/6KKfBzDjx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDlDMC82Q0IzODM1OEIz NDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9ud25FRGtVbl9vb3A4SE1P UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhWQVpJS1ZmT253bkVEa1VuX29vcDhITU9QRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDlDMC82Q0IzODM1OEIzNDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9u d25FRGtVbl9vb3A4SE1PUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBG/gWj50Q7rBDV9UZ80qk1SlUQU4vRAGOgmwGLWR3I+0ymb9wKy7jr udYpH/v98Y3sQ+p8wCYTuo0Ljo4Wv5fAJW9I3I8gw4ZM9vldaDcpzQVVpQ5u9i/Q XnCmCy9swOnW70B+t2iuHV0KabIl6tmWc1ioQ38MzR9T19OqKVq+EAIbFE1Q70yh 8Wg83u29/Y9j/qU0vrX6XF7G2Vxo66+q+ukgBZxkFz4GItigfTNgQwLs06lTCGxU Ya0LMuvVGMv5+LkUZIkPEwX89fPIKBSoS16xmn7TJcUfbsdOKi51+hbzRIMWPdK7 smc3sXcPhfVPT0Xslauv0pYdswpgQBet -----END CERTIFICATE-----Generated at Sat Aug 23 18:40:41 2025 by rpki-client