$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: 9Z1qlhWRsNCoer03X/RGabSHBq9LVc0GInxFqzOMOFQ= Subject key identifier: 1A:BF:A2:F5:B7:CB:98:A1:69:7F:75:0C:06:A5:2A:B0:DA:1F:5B:DB Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 020E Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 020A Signing time: Sat 23 Aug 2025 02:22:45 +0000 Manifest this update: Sat 23 Aug 2025 02:22:45 +0000 Manifest next update: Sat 30 Aug 2025 02:22:45 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: O857SqMF4GewyE0hBLD7ClaOm6XdfAk7bKZXm66qdIw=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: tX50rThQWeAbKIESIwrC0zdSKgD+i4OgX2qNIGi6fqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:22:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 526 (0x20e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Aug 23 02:22:45 2025 GMT Not After : Aug 30 02:22:45 2025 GMT Subject: CN=68a925f5-8578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f9:17:8d:27:a6:18:bf:aa:61:40:ca:2e:75: f1:e2:74:c2:88:d2:45:11:50:11:11:36:c0:a0:74: 8e:d3:5b:dc:2e:e8:c6:5a:c1:99:c4:f7:9f:aa:fd: 24:5b:25:1b:75:44:d9:1d:c1:db:0b:9e:df:ab:68: 5e:fa:28:f4:a0:73:5d:c1:c9:6d:1a:f9:5e:10:cc: ac:0d:4e:49:b7:13:44:79:24:79:1f:e3:32:b4:b8: 3a:8e:3b:99:6a:61:48:aa:cb:2b:25:f2:db:5d:83: 09:40:53:31:44:a6:97:c6:59:87:19:14:43:0f:bc: b5:ca:94:09:b0:ab:7c:89:01:2f:fe:2a:49:ef:4e: 18:25:de:53:0c:cf:db:ad:94:9d:8a:cf:80:b2:4f: 58:55:7d:0e:1c:d1:6e:7a:f6:19:a8:34:18:57:19: 76:ed:cd:5e:fd:3e:76:f7:c1:56:fe:5e:d7:e5:8b: f3:7c:a9:86:92:4c:3b:2f:91:4c:d1:64:7d:f5:8e: c1:8c:05:91:29:2c:f2:75:e7:95:06:41:89:ea:1d: a6:a5:e3:4c:db:15:ad:6c:d3:25:9b:f4:51:0a:32: 35:2b:02:86:f5:f6:bb:5c:32:2b:27:13:86:81:1b: 26:f1:ee:37:86:6c:a6:b2:d7:a1:2a:9a:f2:6f:c6: 9d:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:BF:A2:F5:B7:CB:98:A1:69:7F:75:0C:06:A5:2A:B0:DA:1F:5B:DB X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:f5:d3:30:d7:4a:22:bf:55:04:21:e6:a5:4b:3e:8f:e2:1e: 26:d2:30:ca:66:45:73:f3:8f:3e:cc:10:50:90:fc:40:be:f5: 1d:29:61:52:04:6e:f8:b6:4d:c3:66:43:36:d5:51:3c:96:46: 7b:31:81:7a:b9:44:63:0e:a2:18:d8:44:a3:c4:aa:1c:78:d3: 8c:e5:36:98:45:14:98:3e:b3:56:0e:34:e8:62:41:d7:81:90: e9:bb:47:31:c0:dc:df:dc:9b:cb:a2:62:61:d0:46:93:66:23: 6c:e8:fc:8a:86:51:c1:0f:d1:21:7c:aa:71:dd:6d:87:55:8e: 0a:97:e9:63:a1:0f:f8:26:d8:1e:89:87:fa:3b:66:8b:6a:64: d3:a4:01:b2:b8:e7:9f:93:e0:ae:9c:0c:18:26:fe:ba:46:a1: b2:da:3d:eb:ae:32:09:1b:3a:87:09:f2:ab:03:55:c5:b4:cb: aa:c0:1d:f4:1b:1c:67:62:ff:cd:10:7d:c8:b4:e4:83:83:e3: 80:a4:10:06:d4:d2:4e:26:5a:80:9c:ca:a4:c8:dc:e9:cb:68: b4:fd:d7:63:5a:a3:ce:cc:a7:02:e4:2d:0d:e0:98:6d:df:23: bc:64:55:e9:bd:4b:92:c1:60:cc:7c:4d:56:25:f1:48:a8:f1: 26:d6:4e:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUwODIzMDIyMjQ1WhcNMjUwODMwMDIyMjQ1WjAYMRYwFAYD VQQDEw02OGE5MjVmNS04NTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/kXjSemGL+qYUDKLnXx4nTCiNJFEVARETbAoHSO01vcLujGWsGZxPefqv0k WyUbdUTZHcHbC57fq2he+ij0oHNdwcltGvleEMysDU5JtxNEeSR5H+MytLg6jjuZ amFIqssrJfLbXYMJQFMxRKaXxlmHGRRDD7y1ypQJsKt8iQEv/ipJ704YJd5TDM/b rZSdis+Ask9YVX0OHNFuevYZqDQYVxl27c1e/T5298FW/l7X5YvzfKmGkkw7L5FM 0WR99Y7BjAWRKSzydeeVBkGJ6h2mpeNM2xWtbNMlm/RRCjI1KwKG9fa7XDIrJxOG gRsm8e43hmymstehKpryb8adfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBq/ovW3 y5ihaX91DAalKrDaH1vbMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC9dMw10oiv1UEIealSz6P4h4m0jDKZkVz848+zBBQkPxAvvUdKWFS BG74tk3DZkM21VE8lkZ7MYF6uURjDqIY2ESjxKoceNOM5TaYRRSYPrNWDjToYkHX gZDpu0cxwNzf3JvLomJh0EaTZiNs6PyKhlHBD9EhfKpx3W2HVY4Kl+ljoQ/4Jtge iYf6O2aLamTTpAGyuOefk+CunAwYJv66RqGy2j3rrjIJGzqHCfKrA1XFtMuqwB30 GxxnYv/NEH3ItOSDg+OApBAG1NJOJlqAnMqkyNzpy2i0/ddjWqPOzKcC5C0N4Jht 3yO8ZFXpvUuSwWDMfE1WJfFIqPEm1k4y -----END CERTIFICATE-----Generated at Sat Aug 23 23:19:10 2025 by rpki-client