$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: Ti41ETngf/HPFTI07R47ltrKOgdw/jCDk/SxAJClzIo= Subject key identifier: 9C:C2:0D:4B:7E:84:4C:9B:0F:E1:74:22:15:08:A3:7B:A3:D3:F4:32 Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0E8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E73 Signing time: Fri 22 Aug 2025 17:51:31 +0000 Manifest this update: Fri 22 Aug 2025 17:51:30 +0000 Manifest next update: Fri 29 Aug 2025 17:51:30 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: 4DEAiaH3sNLyHGStcyEJhuRi89RaVsxkjHaRn3N/Cng=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: xJh5HRbn741snUCbMX+RHgdNum29ocH1QT8bD3kB9Uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3724 (0xe8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: Aug 22 17:51:30 2025 GMT Not After : Aug 29 17:51:30 2025 GMT Subject: CN=68a8ae23-9232 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ca:27:45:5e:e7:a4:fc:8b:51:04:bf:1e:bb: ba:f9:d2:3a:06:b4:be:ac:df:77:bc:7d:5c:72:54: 95:b3:48:41:7b:36:81:ca:79:ce:73:2d:25:54:8f: 3e:8e:89:bb:20:2f:37:72:86:2c:05:81:99:cc:59: d7:8f:db:f7:d7:1a:17:6a:0e:54:50:81:58:68:99: eb:92:d5:04:3b:6e:13:4b:d8:5c:8f:9a:4c:15:25: b8:b6:ac:1e:dc:2b:94:27:cb:6c:59:67:c7:1d:45: 1a:d3:c3:9b:47:cc:0c:27:15:80:31:d5:20:8d:bf: 60:53:59:7c:32:57:39:b2:c2:97:bd:9e:c3:a6:16: 78:14:92:38:05:af:72:30:f2:91:ec:70:1d:7c:06: 7e:bc:e6:ec:54:68:24:e1:0b:7c:92:c5:b3:51:cf: 34:fd:bd:5e:1e:2a:23:a4:d2:fd:6d:c3:53:6b:dd: 45:d7:c6:d8:a0:fe:41:72:e4:de:01:2e:56:66:bb: f6:2b:46:ba:1f:da:8a:af:8f:a9:a3:a6:66:b2:97: 05:89:3c:59:de:6c:58:65:ee:50:74:28:49:55:61: c0:54:6a:7d:75:b4:ee:12:14:e7:eb:a5:79:b0:d0: 6d:87:04:fd:c4:50:3e:99:44:f5:d4:33:66:e4:e6: 80:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:C2:0D:4B:7E:84:4C:9B:0F:E1:74:22:15:08:A3:7B:A3:D3:F4:32 X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:3f:ba:8d:6f:bf:82:8c:06:59:70:2f:73:5e:37:5c:0f:58: d2:03:a2:c0:66:31:3a:d1:c8:3e:3f:4a:83:b8:87:5a:05:c7: a2:6d:c6:0c:04:46:26:6c:f1:1a:8c:9d:fd:11:c3:2b:5b:27: c0:71:62:23:87:b6:f3:b5:76:27:ec:aa:5f:7e:8a:64:94:b3: 3f:df:98:e6:bc:73:6b:0e:49:7a:0d:4b:00:c9:7d:d8:8a:cf: 47:98:e5:72:52:41:c9:e8:04:26:2b:84:f1:a4:a9:a6:a3:02: 4d:88:f3:7b:ff:88:3f:91:ea:66:35:ec:db:d8:c8:90:00:1a: 71:37:82:0d:d3:51:6f:44:48:91:5e:24:d2:cf:6a:25:d0:30: 50:4f:da:74:fd:3f:07:fa:a6:d0:d3:6a:79:bc:f2:08:06:e9: 00:b7:d1:10:fb:4a:7e:c1:2f:b4:5e:52:af:6c:54:72:99:92: 25:52:72:f8:61:bd:b0:ec:fb:1f:73:ba:21:63:f0:e9:9a:66: a7:71:27:c2:ea:24:bd:4d:bc:eb:1d:e5:6d:44:52:0a:f3:4a: ea:db:36:37:d0:a6:2a:6d:b4:51:03:10:d1:aa:5f:2b:c8:d4: 89:fa:fe:65:d1:fd:67:ca:da:9a:72:e4:1c:97:12:9d:bb:e5: 5a:0a:0e:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUwODIyMTc1MTMwWhcNMjUwODI5MTc1MTMwWjAYMRYwFAYD VQQDEw02OGE4YWUyMy05MjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtsonRV7npPyLUQS/Hru6+dI6BrS+rN93vH1cclSVs0hBezaBynnOcy0lVI8+ jom7IC83coYsBYGZzFnXj9v31xoXag5UUIFYaJnrktUEO24TS9hcj5pMFSW4tqwe 3CuUJ8tsWWfHHUUa08ObR8wMJxWAMdUgjb9gU1l8Mlc5ssKXvZ7DphZ4FJI4Ba9y MPKR7HAdfAZ+vObsVGgk4Qt8ksWzUc80/b1eHiojpNL9bcNTa91F18bYoP5BcuTe AS5WZrv2K0a6H9qKr4+po6ZmspcFiTxZ3mxYZe5QdChJVWHAVGp9dbTuEhTn66V5 sNBthwT9xFA+mUT11DNm5OaA7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJzCDUt+ hEybD+F0IhUIo3uj0/QyMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYP7qNb7+CjAZZcC9zXjdcD1jSA6LAZjE60cg+P0qDuIdaBceibcYM BEYmbPEajJ39EcMrWyfAcWIjh7bztXYn7KpffopklLM/35jmvHNrDkl6DUsAyX3Y is9HmOVyUkHJ6AQmK4TxpKmmowJNiPN7/4g/kepmNezb2MiQABpxN4IN01FvREiR XiTSz2ol0DBQT9p0/T8H+qbQ02p5vPIIBukAt9EQ+0p+wS+0XlKvbFRymZIlUnL4 Yb2w7Psfc7ohY/DpmmancSfC6iS9TbzrHeVtRFIK80rq2zY30KYqbbRRAxDRql8r yNSJ+v5l0f1nytqacuQclxKdu+VaCg7h -----END CERTIFICATE-----Generated at Sun Aug 24 05:01:47 2025 by rpki-client