$ rpki-client -vvf rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft File: DfoUcOPJ6yHxewN7BM9O1UJO88k.mft (raw, json) Hash identifier: FJJ99raVKKl8qMzTjFNyTq+G+yIirGmkpUL9Mt8vwSg= Subject key identifier: 3A:FA:2D:B5:86:15:9C:9C:FA:A9:5A:06:37:7C:39:8E:40:68:66:0F Authority key identifier: 0D:FA:14:70:E3:C9:EB:21:F1:7B:03:7B:04:CF:4E:D5:42:4E:F3:C9 Certificate issuer: /CN=A91B588F/serialNumber=0DFA1470E3C9EB21F17B037B04CF4ED5424EF3C9 Certificate serial: 1D58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft Manifest number: 1D49 Signing time: Fri 22 Aug 2025 16:11:41 +0000 Manifest this update: Fri 22 Aug 2025 16:11:41 +0000 Manifest next update: Fri 29 Aug 2025 16:11:41 +0000 Files and hashes: 1: DfoUcOPJ6yHxewN7BM9O1UJO88k.crl (hash: RtpN31poZht8Hz8rylHMteTfY+n1WLmJFcYRumvUeI4=) 2: 234A77E28D2111ECB33BB01AC4F9AE02.roa (hash: k8TIUAQe/uhiGTZr6cgQAthXD90vdh6WA7DCNugyFL0=) 3: 09DBF798B76311E6AF11523EC4F9AE02.roa (hash: KJtFM/La7mL3fu5dlcMqDcraRcAtERap2FuVwdqAgkc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.crl rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:11:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7512 (0x1d58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B588F, serialNumber=0DFA1470E3C9EB21F17B037B04CF4ED5424EF3C9 Validity Not Before: Aug 22 16:11:41 2025 GMT Not After : Aug 29 16:11:41 2025 GMT Subject: CN=68a896bd-bf43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b2:d3:17:4a:1a:dd:ac:c3:6a:75:dd:49:7d: 83:9b:16:8a:bf:62:49:a9:d0:a3:22:f8:3e:4a:0b: 54:dd:6b:9a:78:51:4a:f5:f5:9e:cd:eb:ca:93:3c: 5d:4c:40:8d:30:e9:9a:66:20:6a:15:3a:3a:9c:9b: e4:c5:a9:fa:2b:13:7c:ef:58:38:c0:db:44:d5:2c: 6b:a4:c5:5b:e8:91:75:cd:66:d7:77:d0:fb:87:32: 37:27:13:5e:f8:f9:c8:43:57:0c:3a:1b:f9:83:de: e6:ce:73:6e:92:19:a1:aa:b3:55:fc:77:e3:0e:75: 1f:b5:cf:3c:38:c4:ae:dc:ab:4b:6e:6c:a9:71:65: aa:ef:ea:59:02:ba:e7:67:c8:e8:f2:af:b7:c8:c5: 5f:7b:33:85:72:f4:f2:3a:4c:ed:c6:c6:ef:93:22: 40:6b:b1:20:cf:67:53:88:2d:8b:c2:0b:46:af:67: 1d:83:b9:5e:c1:c1:e0:fa:11:73:62:7b:21:c0:1e: 89:4b:28:a9:0d:7b:a0:7c:a3:01:cd:87:1e:a7:bf: 79:20:bb:1d:44:33:10:3b:dd:b2:79:bf:e1:be:aa: 06:d4:53:0a:18:38:84:d9:23:14:d5:ca:1a:cf:af: 2d:89:be:b5:cc:87:46:7a:90:d6:8a:0d:75:c2:5c: 2e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:FA:2D:B5:86:15:9C:9C:FA:A9:5A:06:37:7C:39:8E:40:68:66:0F X509v3 Authority Key Identifier: keyid:0D:FA:14:70:E3:C9:EB:21:F1:7B:03:7B:04:CF:4E:D5:42:4E:F3:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:87:68:fd:6f:5c:31:4e:e7:47:38:d5:bb:57:db:96:4f:bb: d0:16:5f:2b:22:b8:19:43:de:a2:7b:52:bc:50:17:93:48:dc: 28:be:35:84:f8:d2:48:c1:8a:cf:81:dd:c4:51:dd:65:6c:86: 66:d7:2b:6c:84:a5:ad:77:3e:fc:f5:0a:4b:9a:b0:ff:cd:64: 56:39:84:91:08:4b:44:64:d7:4d:7c:8f:7b:10:9a:80:86:21: cb:ad:02:ba:84:63:35:c7:c2:23:cf:51:56:24:52:bb:af:ed: a2:a9:eb:bd:74:f0:b1:46:58:51:7f:9c:20:16:d1:66:c2:8e: 2b:dc:80:1c:36:c2:58:71:28:77:bb:8a:2d:f8:f5:cc:c0:f5: 8d:75:00:07:19:d6:fc:31:dc:93:bd:f0:f8:0d:78:21:97:15: c6:f6:a2:47:53:72:27:df:3f:17:45:ea:ce:11:6f:a2:df:6f: 29:7c:cb:6c:41:ad:84:51:e1:60:15:2d:ed:92:2a:ca:5a:5b: 4c:b9:30:d1:c7:ab:c7:7f:03:5e:54:8a:78:42:f4:4b:fb:3f: 74:1e:e2:96:55:b7:09:e0:70:0d:6c:46:f4:10:f2:8b:57:0b: b5:9e:0a:1a:78:d9:4d:97:23:fd:11:63:0a:4a:ce:fb:05:f7: 23:8d:0a:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU4OEYxMTAvBgNVBAUTKDBERkExNDcwRTNDOUVCMjFGMTdCMDM3QjA0Q0Y0RUQ1 NDI0RUYzQzkwHhcNMjUwODIyMTYxMTQxWhcNMjUwODI5MTYxMTQxWjAYMRYwFAYD VQQDEw02OGE4OTZiZC1iZjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7LTF0oa3azDanXdSX2DmxaKv2JJqdCjIvg+SgtU3WuaeFFK9fWezevKkzxd TECNMOmaZiBqFTo6nJvkxan6KxN871g4wNtE1SxrpMVb6JF1zWbXd9D7hzI3JxNe +PnIQ1cMOhv5g97mznNukhmhqrNV/HfjDnUftc88OMSu3KtLbmypcWWq7+pZArrn Z8jo8q+3yMVfezOFcvTyOkztxsbvkyJAa7Egz2dTiC2LwgtGr2cdg7lewcHg+hFz YnshwB6JSyipDXugfKMBzYcep795ILsdRDMQO92yeb/hvqoG1FMKGDiE2SMU1coa z68tib61zIdGepDWig11wlwunwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDr6LbWG FZyc+qlaBjd8OY5AaGYPMB8GA1UdIwQYMBaAFA36FHDjyesh8XsDewTPTtVCTvPJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTg4Ri83ODREOTRCOEI3 NjExMUU2QjExNzVBM0NDNEY5QUUwMi9EZm9VY09QSjZ5SHhld043Qk05TzFVSk84 OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Rmb1VjT1BKNnlIeGV3TjdCTTlPMVVKTzg4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NTg4Ri83ODREOTRCOEI3NjExMUU2QjExNzVBM0NDNEY5QUUwMi9EZm9VY09QSjZ5 SHhld043Qk05TzFVSk84OGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMh2j9b1wxTudHONW7V9uWT7vQFl8rIrgZQ96ie1K8UBeTSNwovjWE +NJIwYrPgd3EUd1lbIZm1ytshKWtdz789QpLmrD/zWRWOYSRCEtEZNdNfI97EJqA hiHLrQK6hGM1x8Ijz1FWJFK7r+2iqeu9dPCxRlhRf5wgFtFmwo4r3IAcNsJYcSh3 u4ot+PXMwPWNdQAHGdb8MdyTvfD4DXghlxXG9qJHU3In3z8XRerOEW+i328pfMts Qa2EUeFgFS3tkirKWltMuTDRx6vHfwNeVIp4QvRL+z90HuKWVbcJ4HANbEb0EPKL Vwu1ngoaeNlNlyP9EWMKSs77BfcjjQod -----END CERTIFICATE-----Generated at Sun Aug 24 00:07:59 2025 by rpki-client