$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft File: m2fIchTtmWVAcRkL688LjZ-hr04.mft (raw, json) Hash identifier: FWXkPtd0Jrx8LNPBdMMl2BJLebHhZFCd7mk9JO4ZipU= Subject key identifier: 34:8D:CA:9E:20:38:E6:34:38:29:CA:E2:A7:B9:1F:E4:A3:7C:88:C4 Authority key identifier: 9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E Certificate issuer: /CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Certificate serial: 0C37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft Manifest number: 0C1F Signing time: Fri 22 Aug 2025 18:52:07 +0000 Manifest this update: Fri 22 Aug 2025 18:52:07 +0000 Manifest next update: Fri 29 Aug 2025 18:52:06 +0000 Files and hashes: 1: m2fIchTtmWVAcRkL688LjZ-hr04.crl (hash: fQhtcxCizM5k10luYYi/d2YtlfDvyorVKzOb+e9xZr0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:52:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3127 (0xc37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBDC8, serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Validity Not Before: Aug 22 18:52:07 2025 GMT Not After : Aug 29 18:52:06 2025 GMT Subject: CN=68a8bc57-29b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:14:32:32:55:e3:38:90:dd:11:3d:18:a5:d1: c3:09:0b:71:62:cd:98:63:ae:d8:ca:fe:da:fc:43: 30:0c:1a:d4:c8:95:6c:c8:49:d0:5c:b5:aa:08:8c: 5c:f0:01:3d:2d:78:6d:55:b7:13:a1:23:4b:cb:41: 2a:6c:74:2f:78:c5:f9:8b:b0:aa:89:94:c0:dc:66: 4e:c3:92:6f:78:b4:f7:3c:0f:5b:83:17:e9:29:64: 3f:cf:1a:31:a6:85:b0:e5:82:16:67:fd:a3:6f:a0: f5:62:cc:07:9b:31:b7:d8:9e:6c:df:e8:cc:af:e1: a7:c2:8c:bf:03:14:89:90:02:d5:4c:44:b6:19:24: d2:80:6c:22:a9:32:99:d4:b8:12:5f:af:fd:a9:d9: 7e:04:3c:43:d2:a5:d0:76:9e:fd:8f:04:b1:eb:c2: f7:a1:11:2d:df:d4:f6:da:fb:e0:82:29:06:2e:fc: aa:b6:98:11:33:f2:ab:27:67:c3:83:31:3c:51:89: cc:09:e4:e7:87:38:ac:e7:09:60:a3:05:e1:f6:83: 0e:e8:97:62:c7:52:ad:d1:23:19:3e:b2:ff:c2:86: 41:97:49:dc:5a:65:cb:1b:4a:af:5d:8c:16:65:eb: 6e:17:06:09:45:4c:ac:3c:f6:95:ef:4c:c2:d6:3e: c9:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:8D:CA:9E:20:38:E6:34:38:29:CA:E2:A7:B9:1F:E4:A3:7C:88:C4 X509v3 Authority Key Identifier: keyid:9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:9f:1f:97:1a:a1:9a:69:98:83:b6:6a:e1:15:b1:12:b0:1e: 91:d4:dc:2e:03:63:a9:a4:31:81:a7:3c:6a:ea:18:11:b4:69: b7:dd:0e:5b:1e:db:47:33:29:e6:2d:bd:8a:cf:d2:f7:a4:c1: a7:e0:ef:1b:45:7c:28:b7:db:bf:5c:a1:de:d3:7a:c5:bf:2b: 42:06:69:63:2c:41:b1:0d:98:6b:9f:30:04:54:1b:ce:31:ce: 1b:65:07:48:21:8c:2a:94:03:f9:6e:35:b6:e2:9d:ac:1b:d9: f0:5d:ab:e3:63:ce:79:e6:6c:43:eb:bd:65:32:19:b8:02:6f: 7e:48:8d:47:42:7d:a5:42:06:02:29:e2:73:5d:71:e7:2a:3e: 36:61:19:0b:24:14:85:d0:0b:6e:a8:e7:02:b7:ae:51:3f:71: 5f:c8:dd:73:cb:be:69:0b:8d:d4:b8:e2:a1:95:ce:a6:b5:e4: 41:0e:97:6f:24:e4:9d:cf:a8:9f:b8:cd:94:c2:95:c1:4b:03: 47:8d:d9:87:64:f9:2d:9d:8a:a9:28:c6:c6:8b:90:7a:eb:b9: 35:cd:7e:f1:1a:d5:9a:07:df:f6:ed:ee:35:3b:d2:58:ed:bb: b2:c9:03:8b:f1:dc:df:64:f5:8c:55:3a:10:35:c9:10:22:aa: 8a:37:aa:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JEQzgxMTAvBgNVBAUTKDlCNjdDODcyMTRFRDk5NjU0MDcxMTkwQkVCQ0YwQjhE OUZBMUFGNEUwHhcNMjUwODIyMTg1MjA3WhcNMjUwODI5MTg1MjA2WjAYMRYwFAYD VQQDEw02OGE4YmM1Ny0yOWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqhQyMlXjOJDdET0YpdHDCQtxYs2YY67Yyv7a/EMwDBrUyJVsyEnQXLWqCIxc 8AE9LXhtVbcToSNLy0EqbHQveMX5i7CqiZTA3GZOw5JveLT3PA9bgxfpKWQ/zxox poWw5YIWZ/2jb6D1YswHmzG32J5s3+jMr+Gnwoy/AxSJkALVTES2GSTSgGwiqTKZ 1LgSX6/9qdl+BDxD0qXQdp79jwSx68L3oREt39T22vvggikGLvyqtpgRM/KrJ2fD gzE8UYnMCeTnhzis5wlgowXh9oMO6Jdix1Kt0SMZPrL/woZBl0ncWmXLG0qvXYwW ZetuFwYJRUysPPaV70zC1j7JiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDSNyp4g OOY0OCnK4qe5H+SjfIjEMB8GA1UdIwQYMBaAFJtnyHIU7ZllQHEZC+vPC42foa9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkRDOC82Njk3NjNGMDE4 RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1XVkFjUmtMNjg4TGpaLWhy MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL20yZkljaFR0bVdWQWNSa0w2ODhMalotaHIwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QkRDOC82Njk3NjNGMDE4RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1X VkFjUmtMNjg4TGpaLWhyMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArnx+XGqGaaZiDtmrhFbESsB6R1NwuA2OppDGBpzxq6hgRtGm33Q5b HttHMynmLb2Kz9L3pMGn4O8bRXwot9u/XKHe03rFvytCBmljLEGxDZhrnzAEVBvO Mc4bZQdIIYwqlAP5bjW24p2sG9nwXavjY8555mxD671lMhm4Am9+SI1HQn2lQgYC KeJzXXHnKj42YRkLJBSF0AtuqOcCt65RP3FfyN1zy75pC43UuOKhlc6mteRBDpdv JOSdz6ifuM2UwpXBSwNHjdmHZPktnYqpKMbGi5B667k1zX7xGtWaB9/27e41O9JY 7buyyQOL8dzfZPWMVToQNckQIqqKN6oc -----END CERTIFICATE-----Generated at Sun Aug 24 04:34:39 2025 by rpki-client