$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft File: aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft (raw, json) Hash identifier: RA5tXR8BQv8ykMs4nraEwd4wb99mIL3KeMOO3ll2tXk= Subject key identifier: A9:2E:1A:E0:74:C5:16:54:7D:06:6B:11:06:DA:40:EF:64:84:C8:07 Authority key identifier: 68:76:3E:92:A2:C1:78:53:16:75:76:65:11:03:F8:1F:59:AC:DC:1A Certificate issuer: /CN=A91C4750/serialNumber=68763E92A2C17853167576651103F81F59ACDC1A Certificate serial: 0840 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft Manifest number: 0839 Signing time: Fri 22 Aug 2025 20:51:59 +0000 Manifest this update: Fri 22 Aug 2025 20:51:58 +0000 Manifest next update: Fri 29 Aug 2025 20:51:58 +0000 Files and hashes: 1: aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl (hash: SBKtMqeY3cqUNnG/BcqV3a/X+X/aU4q4ctRGv5e3bwg=) 2: DA1A98C4DABE11EAB12A5209C4F9AE02.roa (hash: Uilk1jJBfDMGY2sckuokao9InqlSOEodf+Dfn/tc4QA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:51:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2112 (0x840) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4750, serialNumber=68763E92A2C17853167576651103F81F59ACDC1A Validity Not Before: Aug 22 20:51:58 2025 GMT Not After : Aug 29 20:51:58 2025 GMT Subject: CN=68a8d86e-88b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:11:5f:c1:0b:b4:97:97:8e:a1:6f:d2:74:d1: 7f:84:17:c5:13:da:92:3c:5a:ff:ac:fd:81:7d:9e: d7:55:46:76:eb:ce:56:45:3a:74:29:b6:62:03:41: 84:4d:30:37:cb:d4:3c:31:ca:11:77:54:69:5e:5b: af:6d:45:62:2d:27:77:13:42:7a:ad:51:5a:b3:cf: c3:0d:77:4b:dd:c6:7d:d0:0e:c1:16:17:35:ef:46: a8:52:c2:03:e3:e5:86:d3:43:83:44:e8:29:20:46: 48:3b:aa:9f:91:0e:9c:2f:22:f2:26:e2:89:cc:fe: 7d:7a:3f:15:e3:ef:f9:30:6b:24:2e:97:0c:52:ca: 0f:dc:d4:1e:a5:b7:e7:fe:19:3b:52:31:66:aa:d8: c4:0c:94:ac:fe:77:2a:76:a9:97:28:9b:d5:c1:4a: 3a:af:08:96:2e:d6:26:84:65:aa:6a:5e:f4:97:90: fb:4c:4a:fd:22:e8:34:ca:32:70:32:78:e1:6a:e0: 14:68:2e:a5:47:9d:45:39:5d:91:d0:70:cf:f5:43: 56:31:9f:6e:2b:4f:a9:ed:e8:5f:ad:fc:4a:58:33: 94:e2:9d:98:32:0c:59:27:d2:ad:45:c8:c1:4a:02: d3:34:5c:dc:1f:46:8e:45:73:4e:cb:78:09:ba:ec: e9:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2E:1A:E0:74:C5:16:54:7D:06:6B:11:06:DA:40:EF:64:84:C8:07 X509v3 Authority Key Identifier: keyid:68:76:3E:92:A2:C1:78:53:16:75:76:65:11:03:F8:1F:59:AC:DC:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:0e:a6:fe:c5:11:6f:6c:d4:4d:c8:12:78:35:b2:0a:39:32: c3:3f:99:39:58:8a:a6:71:77:29:82:bb:38:5d:b0:48:0a:50: ab:de:5e:ed:9a:78:31:a7:47:ad:b0:6c:13:67:14:f2:84:c2: 4e:54:6c:8e:f2:0f:d4:63:c8:59:c3:0e:07:72:70:06:50:e8: fb:21:da:8b:00:fd:af:5c:d8:81:35:f6:97:c2:fb:0c:df:43: 0c:4a:72:6f:ff:a1:f0:87:c0:84:05:fb:28:87:e9:fe:63:89: 0e:5b:b4:17:0b:56:46:1f:ea:20:83:69:2f:f6:3b:af:b2:ab: 8a:8e:cf:75:1d:41:d8:c9:85:bb:b4:e2:74:b4:11:c0:17:6e: 4b:98:c0:d2:87:71:f3:a2:61:22:a7:ad:66:b8:79:8c:2c:b9: 7f:01:6f:1f:60:3b:68:07:ca:51:2e:93:9b:1d:17:be:aa:51: b4:14:95:f7:f7:6a:a9:56:10:f8:a8:59:d9:00:8a:95:a4:3c: 35:04:c4:22:6e:bd:ad:e2:8b:a8:5e:97:99:d3:9b:31:47:8f: 49:f9:44:be:bf:20:c8:8b:fc:39:f1:eb:36:0f:d6:61:7d:57: 72:a1:cd:91:3d:fc:28:36:eb:14:0b:2e:8f:84:f5:5f:f4:46: 3f:03:b1:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCEAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQ3NTAxMTAvBgNVBAUTKDY4NzYzRTkyQTJDMTc4NTMxNjc1NzY2NTExMDNGODFG NTlBQ0RDMUEwHhcNMjUwODIyMjA1MTU4WhcNMjUwODI5MjA1MTU4WjAYMRYwFAYD VQQDEw02OGE4ZDg2ZS04OGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRFfwQu0l5eOoW/SdNF/hBfFE9qSPFr/rP2BfZ7XVUZ2685WRTp0KbZiA0GE TTA3y9Q8McoRd1RpXluvbUViLSd3E0J6rVFas8/DDXdL3cZ90A7BFhc170aoUsID 4+WG00ODROgpIEZIO6qfkQ6cLyLyJuKJzP59ej8V4+/5MGskLpcMUsoP3NQepbfn /hk7UjFmqtjEDJSs/ncqdqmXKJvVwUo6rwiWLtYmhGWqal70l5D7TEr9Iug0yjJw MnjhauAUaC6lR51FOV2R0HDP9UNWMZ9uK0+p7ehfrfxKWDOU4p2YMgxZJ9KtRcjB SgLTNFzcH0aORXNOy3gJuuzp3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKkuGuB0 xRZUfQZrEQbaQO9khMgHMB8GA1UdIwQYMBaAFGh2PpKiwXhTFnV2ZRED+B9ZrNwa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDc1MC85MEQ1RUM1QURB QkQxMUVBOEZDNjIzODdDNEY5QUUwMi9hSFkta3FMQmVGTVdkWFpsRVFQNEgxbXMz Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FIWS1rcUxCZUZNV2RYWmxFUVA0SDFtczNCby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDc1MC85MEQ1RUM1QURBQkQxMUVBOEZDNjIzODdDNEY5QUUwMi9hSFkta3FMQmVG TVdkWFpsRVFQNEgxbXMzQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgDqb+xRFvbNRNyBJ4NbIKOTLDP5k5WIqmcXcpgrs4XbBIClCr3l7t mngxp0etsGwTZxTyhMJOVGyO8g/UY8hZww4HcnAGUOj7IdqLAP2vXNiBNfaXwvsM 30MMSnJv/6Hwh8CEBfsoh+n+Y4kOW7QXC1ZGH+ogg2kv9juvsquKjs91HUHYyYW7 tOJ0tBHAF25LmMDSh3HzomEip61muHmMLLl/AW8fYDtoB8pRLpObHRe+qlG0FJX3 92qpVhD4qFnZAIqVpDw1BMQibr2t4ouoXpeZ05sxR49J+US+vyDIi/w58es2D9Zh fVdyoc2RPfwoNusUCy6PhPVf9EY/A7F/ -----END CERTIFICATE-----Generated at Sat Aug 23 17:17:57 2025 by rpki-client