$ rpki-client -vvf rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft File: rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft (raw, json) Hash identifier: 2TzBWMo+dM9VQ2zFW4jaSQx7AG5mk0tO54ySeJiG5U8= Subject key identifier: A1:15:C5:2C:9B:81:09:B9:0E:DC:1F:AD:E2:10:10:F3:FC:B0:D9:32 Authority key identifier: AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 Certificate issuer: /CN=A91B97DB/serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Certificate serial: 0C41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft Manifest number: 0C38 Signing time: Fri 22 Aug 2025 18:44:59 +0000 Manifest this update: Fri 22 Aug 2025 18:44:58 +0000 Manifest next update: Fri 29 Aug 2025 18:44:58 +0000 Files and hashes: 1: rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl (hash: XTt5D3J7/E9v4Feia8N4uq3cE3tEBUxfBpbdtc/Mxjc=) 2: 5A0FAE220F7011EAB8E21167C4F9AE02.roa (hash: TQZLfyrNNm4rH/joKuV/c0LtGb3rqWKsaid6lV6en3Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:44:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3137 (0xc41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B97DB, serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Validity Not Before: Aug 22 18:44:58 2025 GMT Not After : Aug 29 18:44:58 2025 GMT Subject: CN=68a8baaa-f11d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f5:84:dc:ac:dc:4f:61:e8:64:9e:4b:29:7c: d6:e9:c2:d7:5b:2f:78:be:b0:42:40:a7:a0:87:5d: 62:0e:fe:4e:4b:9b:88:35:d4:e4:0e:39:3b:ce:0b: 3b:3a:78:4a:0c:fa:7c:d6:a3:0d:27:e9:65:62:39: ed:fd:66:ab:64:ce:c6:0c:63:2b:21:11:9b:35:76: 9e:64:b8:4e:83:1b:05:4e:48:c6:b3:00:e8:7b:49: d9:e2:76:ac:9c:f3:4f:5f:6c:51:87:b3:82:97:d2: fc:52:5a:72:7c:87:4a:60:90:7e:21:e4:d5:d1:c7: ce:d1:db:aa:f6:2c:29:85:87:e3:30:05:6e:6d:63: 78:5e:4a:9f:dc:0f:9e:e9:5f:4b:c2:82:c4:0e:a3: 2d:5e:37:d5:ee:04:d6:18:e0:c7:92:ad:e0:15:93: a3:75:00:8e:60:fc:e8:dc:55:03:38:17:04:75:9d: 3d:1b:32:ea:95:5d:7a:b6:af:79:17:b1:97:dd:20: 6d:e3:a6:ca:7b:4e:54:e6:68:e4:cd:96:1c:ba:38: eb:5c:ca:f7:62:59:54:99:e8:11:28:2d:e9:59:59: 73:5c:3a:ef:12:40:a7:af:7c:3b:19:91:87:09:af: 07:09:5e:53:c0:a8:72:d3:c7:17:2f:85:ee:8c:78: eb:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:15:C5:2C:9B:81:09:B9:0E:DC:1F:AD:E2:10:10:F3:FC:B0:D9:32 X509v3 Authority Key Identifier: keyid:AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:c3:98:ec:9e:61:54:53:f2:af:ee:e5:73:e6:25:8f:be:f1: 39:fb:9f:c1:06:a1:cf:98:19:b8:a0:95:05:d2:bf:c7:32:50: d7:37:58:8f:5f:8f:06:0d:92:41:47:77:ec:89:cd:98:7a:5e: 1a:b6:14:a2:6a:46:d0:f9:e9:e0:31:01:b3:0e:49:d9:00:e0: d8:4a:3e:64:d3:ed:85:30:67:35:76:2a:ef:d6:9d:a4:61:b6: 43:88:c2:90:62:48:44:2f:07:7d:44:e1:20:0a:4c:23:eb:42: 58:a8:f5:12:88:b3:59:64:c5:16:82:8c:cb:90:89:35:a6:fe: 21:f6:ee:89:15:6f:39:01:bd:6f:34:1f:55:70:6a:a7:04:fd: 21:35:39:a8:c0:7e:f4:79:c9:ec:9b:28:51:da:4e:85:73:57: c5:93:c7:36:ad:9e:16:f7:be:08:12:bb:8e:3b:23:97:c5:eb: 41:2e:bd:25:12:4f:2e:c6:b1:f5:e5:fd:01:60:fc:9a:f7:4f: f1:10:69:4c:68:2b:2e:3b:c5:35:2a:38:8a:a5:65:a8:79:28: ca:eb:a7:f2:da:0a:e9:7b:c1:8b:0a:c7:c9:d4:c5:ec:9c:3b: 0b:35:34:dd:df:55:bb:ee:5e:aa:95:52:60:f6:e3:aa:51:9f: e3:94:58:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3REIxMTAvBgNVBAUTKEFEM0Q4NzAzODUwQjEyNzFFOEYzMUFFMDNFM0NDOUFD NDY2MEQ5NDIwHhcNMjUwODIyMTg0NDU4WhcNMjUwODI5MTg0NDU4WjAYMRYwFAYD VQQDEw02OGE4YmFhYS1mMTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/WE3KzcT2HoZJ5LKXzW6cLXWy94vrBCQKegh11iDv5OS5uINdTkDjk7zgs7 OnhKDPp81qMNJ+llYjnt/WarZM7GDGMrIRGbNXaeZLhOgxsFTkjGswDoe0nZ4nas nPNPX2xRh7OCl9L8UlpyfIdKYJB+IeTV0cfO0duq9iwphYfjMAVubWN4Xkqf3A+e 6V9LwoLEDqMtXjfV7gTWGODHkq3gFZOjdQCOYPzo3FUDOBcEdZ09GzLqlV16tq95 F7GX3SBt46bKe05U5mjkzZYcujjrXMr3YllUmegRKC3pWVlzXDrvEkCnr3w7GZGH Ca8HCV5TwKhy08cXL4XujHjrZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKEVxSyb gQm5DtwfreIQEPP8sNkyMB8GA1UdIwQYMBaAFK09hwOFCxJx6PMa4D48yaxGYNlC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTdEQi80RTQxMEFDRTBG NkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVuSG84eHJnUGp6SnJFWmcy VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JUMkhBNFVMRW5Ibzh4cmdQanpKckVaZzJVSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTdEQi80RTQxMEFDRTBGNkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVu SG84eHJnUGp6SnJFWmcyVUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADw5jsnmFUU/Kv7uVz5iWPvvE5+5/BBqHPmBm4oJUF0r/HMlDXN1iP X48GDZJBR3fsic2Yel4athSiakbQ+engMQGzDknZAODYSj5k0+2FMGc1dirv1p2k YbZDiMKQYkhELwd9ROEgCkwj60JYqPUSiLNZZMUWgozLkIk1pv4h9u6JFW85Ab1v NB9VcGqnBP0hNTmowH70ecnsmyhR2k6Fc1fFk8c2rZ4W974IEruOOyOXxetBLr0l Ek8uxrH15f0BYPya90/xEGlMaCsuO8U1KjiKpWWoeSjK66fy2grpe8GLCsfJ1MXs nDsLNTTd31W77l6qlVJg9uOqUZ/jlFg0 -----END CERTIFICATE-----Generated at Sat Aug 23 20:58:38 2025 by rpki-client