$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: mN7vxjq3nJa7nOC0fH8UPCi93RLcO0Gh/uu6cJpnDz8= Subject key identifier: 4E:76:F6:58:C8:B2:F2:6A:E5:B6:35:27:03:2A:6B:DD:85:B6:3C:31 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0156 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0154 Signing time: Sat 23 Aug 2025 04:16:48 +0000 Manifest this update: Sat 23 Aug 2025 04:16:48 +0000 Manifest next update: Sat 30 Aug 2025 04:16:48 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: sTdh7BhDJM369NjVe1jzfdMfVQB439Tq7mjNogdD5tE=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 342 (0x156) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Aug 23 04:16:48 2025 GMT Not After : Aug 30 04:16:48 2025 GMT Subject: CN=68a940b0-754b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:19:02:ed:a2:c3:eb:5f:3b:7f:22:ec:ab:f3: e0:f7:85:21:e7:02:3b:e4:15:f0:f8:28:2e:44:64: c1:fc:d0:58:38:ca:b5:6f:3b:32:bb:a0:06:fe:e8: 71:1c:84:15:c2:94:03:3f:81:b5:f3:f8:58:8e:6c: a6:4d:0e:9e:7d:02:23:c7:8a:20:c4:e5:b8:7d:fb: 76:99:9a:43:6c:7b:4f:03:a1:87:05:c6:df:3a:c3: 04:53:79:c9:8b:29:4a:fc:a7:25:6f:a5:4a:74:89: 34:95:bd:b7:23:f5:4d:8d:0e:39:e9:78:ff:72:13: e4:12:a1:01:ff:96:4f:df:4c:c2:1f:48:cd:eb:0a: d9:fd:fe:d4:78:ce:2e:88:9e:26:6f:6a:8e:ad:a8: ee:f0:26:f8:32:83:18:06:8e:7d:e3:0c:99:fb:45: fe:1d:b2:49:31:ac:77:c5:39:eb:73:38:e7:04:5a: dc:6f:da:90:f7:1f:09:8b:91:ea:c2:4d:7a:95:d0: 54:28:1f:d6:12:df:f6:89:48:86:81:5d:6a:85:da: e9:3a:95:83:e8:1b:65:d5:c9:1c:9d:b9:6a:d2:92: 32:93:b5:d2:3d:77:df:c7:56:1e:41:ab:cd:b3:8d: e2:00:64:20:e9:f4:cd:af:4f:9e:55:58:c0:e0:bd: 3c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:76:F6:58:C8:B2:F2:6A:E5:B6:35:27:03:2A:6B:DD:85:B6:3C:31 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:d3:67:b6:c9:3a:79:b1:46:0d:ae:f3:42:77:b7:14:5e:32: a5:a5:1c:8b:d3:08:32:4b:e9:ad:3c:37:f9:b1:bd:4d:a0:ee: 12:8f:73:66:bf:40:22:0b:7a:d2:07:c4:76:c8:f0:3d:e4:80: eb:f4:ed:20:a0:48:68:d7:f6:29:72:7c:89:9f:93:7b:fb:70: 63:ed:68:4d:0b:59:40:97:73:2a:2c:06:d7:5c:d4:94:ec:68: 8f:83:fe:2b:b6:15:7d:cf:b6:a8:c9:aa:c2:e3:a7:c7:44:7d: 6d:dd:2a:c8:d1:29:80:11:f6:47:f7:6e:19:8f:d2:c0:c7:60: 0c:f0:c5:d9:6c:e5:5f:9c:da:80:3f:3f:90:c4:d0:a8:a2:f3: 0c:22:5b:8c:84:64:27:a3:59:ad:10:82:7a:4c:d0:b9:44:94: 3f:1a:7b:19:e3:6b:96:63:4b:ef:d7:51:02:9f:38:26:f6:22: c6:37:46:57:58:64:59:45:89:5d:06:6a:52:4c:2e:1c:f1:be: d3:6a:42:19:f5:27:86:a5:95:56:dd:1e:bb:f2:ee:61:7d:95: bf:90:1f:9d:06:fb:78:a1:85:80:3e:e1:12:e4:e5:fa:aa:20: ed:7b:d2:11:c1:a9:d0:a5:ea:aa:ad:2e:f0:af:76:20:ba:c2: 18:68:f4:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwODIzMDQxNjQ4WhcNMjUwODMwMDQxNjQ4WjAYMRYwFAYD VQQDEw02OGE5NDBiMC03NTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxxkC7aLD6187fyLsq/Pg94Uh5wI75BXw+CguRGTB/NBYOMq1bzsyu6AG/uhx HIQVwpQDP4G18/hYjmymTQ6efQIjx4ogxOW4fft2mZpDbHtPA6GHBcbfOsMEU3nJ iylK/Kclb6VKdIk0lb23I/VNjQ456Xj/chPkEqEB/5ZP30zCH0jN6wrZ/f7UeM4u iJ4mb2qOraju8Cb4MoMYBo594wyZ+0X+HbJJMax3xTnrczjnBFrcb9qQ9x8Ji5Hq wk16ldBUKB/WEt/2iUiGgV1qhdrpOpWD6Btl1ckcnblq0pIyk7XSPXffx1YeQavN s43iAGQg6fTNr0+eVVjA4L08YwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE529ljI svJq5bY1JwMqa92FtjwxMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAG02e2yTp5sUYNrvNCd7cUXjKlpRyL0wgyS+mtPDf5sb1NoO4Sj3Nm v0AiC3rSB8R2yPA95IDr9O0goEho1/YpcnyJn5N7+3Bj7WhNC1lAl3MqLAbXXNSU 7GiPg/4rthV9z7aoyarC46fHRH1t3SrI0SmAEfZH924Zj9LAx2AM8MXZbOVfnNqA Pz+QxNCoovMMIluMhGQno1mtEIJ6TNC5RJQ/GnsZ42uWY0vv11ECnzgm9iLGN0ZX WGRZRYldBmpSTC4c8b7TakIZ9SeGpZVW3R678u5hfZW/kB+dBvt4oYWAPuES5OX6 qiDte9IRwanQpeqqrS7wr3YgusIYaPSy -----END CERTIFICATE-----Generated at Sat Aug 23 19:08:14 2025 by rpki-client