$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json) Hash identifier: OU+FwhK9eqNBB0rRxiVur91wrWYQvsvLKDvfCA5GPD8= Subject key identifier: 89:46:A1:70:DE:06:F0:CB:9F:D0:20:17:3B:66:F3:93:7E:32:1E:A0 Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Certificate serial: 34AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft Manifest number: 34AD Signing time: Fri 22 Aug 2025 15:19:01 +0000 Manifest this update: Fri 22 Aug 2025 15:19:01 +0000 Manifest next update: Fri 29 Aug 2025 15:19:01 +0000 Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: EEU5ScJs6gyESM6uyGiOdQFdgqM5wVzsyXtAc3+V0Lc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:19:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13485 (0x34ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD73B, serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Validity Not Before: Aug 22 15:19:01 2025 GMT Not After : Aug 29 15:19:01 2025 GMT Subject: CN=68a88a65-7d5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ba:a2:4b:16:73:18:d6:40:1d:94:1f:f7:2f: d6:19:57:aa:88:80:f7:8d:2f:23:72:c8:f5:32:e7: 13:56:e5:32:5e:5f:d3:ba:00:89:d2:17:df:5b:ad: 93:d4:fa:c7:ae:d8:f3:30:a2:75:c5:3f:09:a0:f3: 45:4f:7b:c0:a8:b8:87:38:bd:72:57:2c:69:8e:7b: 8c:80:5b:5c:e4:1d:27:5b:8b:bb:84:37:a7:51:00: 8e:fd:3e:44:bc:74:6b:c1:e9:8a:2f:24:ae:fe:4b: 73:d1:b7:14:4a:40:a8:d5:ba:d0:43:ba:ed:67:3d: 5c:db:fc:70:a4:4d:bd:05:37:4b:7c:a3:cc:50:eb: f8:63:e7:ef:70:4f:04:43:9e:1d:0c:56:4b:49:f5: 1e:80:09:09:66:43:67:c0:18:33:da:f0:50:e3:1f: ea:0a:9c:c1:f9:cd:9a:19:82:e8:fc:dd:9b:34:6f: ac:93:3d:51:40:0d:28:9a:4f:f8:4b:7d:9f:16:4a: 70:d5:35:1b:a5:7d:52:02:08:dd:0a:3b:fe:f2:77: 4a:05:44:1d:7a:c0:5c:73:60:f0:fd:18:2d:90:2a: 55:67:e9:8f:c0:e1:e6:98:56:c3:49:04:3f:db:64: 48:47:fd:bb:0c:e5:54:1a:74:e2:0c:6c:32:d5:21: ce:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:46:A1:70:DE:06:F0:CB:9F:D0:20:17:3B:66:F3:93:7E:32:1E:A0 X509v3 Authority Key Identifier: keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:dd:a9:5a:ac:ff:23:42:6c:73:0e:de:33:fe:e7:96:0f:8b: 91:d3:ee:9c:46:be:c6:57:b2:24:56:ea:c7:e0:87:53:a2:01: 65:bb:3f:a6:72:41:38:dc:3d:b2:3a:7a:5f:b8:6b:3f:a4:66: 58:97:db:2b:0d:c2:c9:3f:b1:03:43:67:51:59:c5:39:0b:87: e1:ef:ff:32:46:5a:07:ea:32:c5:72:7a:48:0d:ea:3c:a0:9d: 05:6a:fc:55:61:f7:03:6e:85:12:a5:54:77:c1:10:af:d8:c8: 31:7b:83:50:3e:c7:91:34:1e:17:9e:e6:ef:5f:db:a2:c9:de: d5:e0:61:cf:26:de:90:1d:d5:ad:a2:03:89:58:b1:90:16:da: d5:1e:7d:d6:05:3f:ad:af:cc:57:02:18:c2:29:0e:61:b9:cb: 39:35:c1:0e:57:fe:95:5b:04:7f:66:42:b6:70:37:38:ef:f2: 65:7c:5f:03:c6:35:50:e5:0d:77:22:5a:d1:7d:2e:df:70:dc: df:a4:47:04:c1:6c:a6:c6:9a:1c:3a:13:9f:2f:61:40:26:f9: 73:4c:46:53:46:74:e6:51:12:08:b8:71:4e:3a:e7:31:af:6b: 27:24:ec:5c:66:68:73:16:0b:b9:1a:5d:08:89:db:96:a0:aa: f0:cc:4f:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF NTlGQTg0RjYwHhcNMjUwODIyMTUxOTAxWhcNMjUwODI5MTUxOTAxWjAYMRYwFAYD VQQDEw02OGE4OGE2NS03ZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7qiSxZzGNZAHZQf9y/WGVeqiID3jS8jcsj1MucTVuUyXl/TugCJ0hffW62T 1PrHrtjzMKJ1xT8JoPNFT3vAqLiHOL1yVyxpjnuMgFtc5B0nW4u7hDenUQCO/T5E vHRrwemKLySu/ktz0bcUSkCo1brQQ7rtZz1c2/xwpE29BTdLfKPMUOv4Y+fvcE8E Q54dDFZLSfUegAkJZkNnwBgz2vBQ4x/qCpzB+c2aGYLo/N2bNG+skz1RQA0omk/4 S32fFkpw1TUbpX1SAgjdCjv+8ndKBUQdesBcc2Dw/RgtkCpVZ+mPwOHmmFbDSQQ/ 22RIR/27DOVUGnTiDGwy1SHOTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlGoXDe BvDLn9AgFztm85N+Mh6gMB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4 bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBW3alarP8jQmxzDt4z/ueWD4uR0+6cRr7GV7IkVurH4IdTogFluz+m ckE43D2yOnpfuGs/pGZYl9srDcLJP7EDQ2dRWcU5C4fh7/8yRloH6jLFcnpIDeo8 oJ0FavxVYfcDboUSpVR3wRCv2Mgxe4NQPseRNB4XnubvX9uiyd7V4GHPJt6QHdWt ogOJWLGQFtrVHn3WBT+tr8xXAhjCKQ5hucs5NcEOV/6VWwR/ZkK2cDc47/JlfF8D xjVQ5Q13IlrRfS7fcNzfpEcEwWymxpocOhOfL2FAJvlzTEZTRnTmURIIuHFOOucx r2snJOxcZmhzFgu5Gl0IiduWoKrwzE8G -----END CERTIFICATE-----Generated at Sat Aug 23 20:34:44 2025 by rpki-client