$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft File: s2uXFySjur2JC3VFmJM3IPly_q8.mft (raw, json) Hash identifier: qCFDNGRa348Rm32r3q3bfARSp81cjq2jwJqYWBW091w= Subject key identifier: AD:9E:06:B0:8A:A0:D7:A5:00:BB:E5:09:3A:C0:7E:70:97:0E:D0:9C Authority key identifier: B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF Certificate issuer: /CN=A91CE558/serialNumber=B36B971724A3BABD890B754598933720F972FEAF Certificate serial: 0B8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft Manifest number: 0B31 Signing time: Fri 22 Aug 2025 19:33:44 +0000 Manifest this update: Fri 22 Aug 2025 19:33:44 +0000 Manifest next update: Fri 29 Aug 2025 19:33:44 +0000 Files and hashes: 1: s2uXFySjur2JC3VFmJM3IPly_q8.crl (hash: 1dcAcbrgcZgVCnpuHC4XOfLojYWfVZX0sqtQ3i5JGT0=) 2: 466891560ADA11ECBFAECB29C4F9AE02.roa (hash: Gi3ZB3u4tIqQA57JWptzmGj4T0h+RzUq8o/c0VetBYI=) 3: F1EB46D2717F11EEB3FA0A5EC4F9AE02.roa (hash: lgdsNT8nYBqcm8DCsobXOW7p2S7NgKOOoWUT5xQjbBE=) 4: A7470BFC33A711EBA4313B36C4F9AE02.roa (hash: 3JOJzRv4irtlrsMwD4nhQQebwbICPddO6QXSBTA7ZXU=) 5: D992FDD49B4811EFA17EB17FC4F9AE02.roa (hash: eR1CwoT+DNfBY5Fom2xgTVdBct441pK1ZuTbHGG+Djc=) 6: B66F0C58817111EFB121970CC4F9AE02.roa (hash: mu1iARnCi5kA2mbUie8M1ra9hiXhkaHe7HXaTEKFUdU=) 7: C1ACB1E819EF11EC84DBF462C4F9AE02.roa (hash: TTlhGhUAD/2NGqtgzSrC9HKcOBdgmaTheq7ErX+FNZ4=) 8: 966FD4648D2411EF9914EF63C4F9AE02.roa (hash: YF3wvRDD0dzUZakdeFWJrsLYoJUpMBgClY/hZFPMmvI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:33:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2959 (0xb8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE558, serialNumber=B36B971724A3BABD890B754598933720F972FEAF Validity Not Before: Aug 22 19:33:44 2025 GMT Not After : Aug 29 19:33:44 2025 GMT Subject: CN=68a8c618-2889 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:15:22:46:37:d5:f5:21:ce:9c:6f:98:1e:a9: 73:58:5a:f5:af:b1:ab:a6:80:bc:7c:17:ca:ca:79: 13:05:c9:21:e1:9e:58:14:c3:5b:3d:1e:a2:61:d8: 06:e7:a7:f1:f1:d6:cc:3f:15:ed:bd:fa:82:9d:f7: fb:8e:4d:32:a1:63:69:ec:a9:3f:fd:ee:26:e7:fd: d1:de:d7:b1:08:93:02:30:a9:3d:d3:7f:b1:77:0d: 76:f3:80:b4:ec:58:b6:78:92:bd:9c:91:31:e7:4f: 0b:c1:d2:f8:be:12:c0:3f:0d:6a:10:37:dd:2d:ec: 6a:a7:f2:4a:64:c3:ba:17:6b:fb:66:bd:e6:aa:cf: cc:74:1d:89:43:63:bf:a1:63:7a:47:82:01:23:10: 08:c0:80:62:ff:90:9d:9f:1d:ae:1c:c7:1f:2c:a0: 32:fc:7b:83:94:56:99:da:b5:05:68:80:e4:c5:7d: 45:2b:b6:d8:07:58:24:e0:49:68:6a:9f:d8:96:85: f9:11:82:39:91:b7:68:76:de:38:f0:c7:ff:27:ff: 97:67:8e:27:9e:ef:9a:7d:a5:14:f6:50:69:47:a4: 3d:19:96:ab:62:7c:ea:e4:01:a7:2d:83:8d:15:72: bb:e2:67:5d:18:58:69:1d:d2:2c:7b:c7:4c:05:77: 52:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:9E:06:B0:8A:A0:D7:A5:00:BB:E5:09:3A:C0:7E:70:97:0E:D0:9C X509v3 Authority Key Identifier: keyid:B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:fc:cd:56:cf:bf:bc:0e:8c:59:fd:4c:fd:2a:6a:c7:04:40: d8:01:cb:79:91:aa:88:be:d9:1e:11:5d:74:46:e5:00:95:15: 67:7a:2b:2a:69:a9:f7:0e:15:0c:c2:5b:ad:5e:e4:8f:91:4a: ac:07:e9:fe:c4:21:b8:77:86:98:55:90:d6:13:2b:8e:3d:7a: 16:9c:4d:b0:5a:3d:e2:ff:25:12:46:00:b6:bc:8d:95:1c:5c: d9:63:81:8b:80:b6:ca:e4:14:5d:b0:88:71:f3:ef:23:0a:75: 5b:07:1f:43:23:d6:61:d4:a4:6c:6e:32:0f:ff:55:fc:af:89: 5c:ee:8e:4e:d5:53:08:20:d0:2d:fa:8a:78:a9:c2:a9:0d:30: d4:13:fb:d8:d6:de:eb:a2:e6:a2:3e:ef:39:4f:84:ac:fa:a6: 96:c2:e1:17:41:63:48:96:17:16:fb:e0:dc:35:3d:fa:ed:62: d8:e1:1d:3d:07:4c:b9:11:fa:8b:2e:cd:fa:54:10:5a:1b:db: ae:69:2b:9f:23:81:e4:0a:e0:9b:55:e9:26:8b:07:a0:c9:83: cc:4e:62:9d:cb:b4:de:08:96:e0:43:37:42:7d:53:d7:9d:5d: 52:0e:ca:99:53:e2:4e:1c:42:b6:07:60:2a:02:f1:4b:51:f9: e7:a8:13:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U1NTgxMTAvBgNVBAUTKEIzNkI5NzE3MjRBM0JBQkQ4OTBCNzU0NTk4OTMzNzIw Rjk3MkZFQUYwHhcNMjUwODIyMTkzMzQ0WhcNMjUwODI5MTkzMzQ0WjAYMRYwFAYD VQQDEw02OGE4YzYxOC0yODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwBUiRjfV9SHOnG+YHqlzWFr1r7GrpoC8fBfKynkTBckh4Z5YFMNbPR6iYdgG 56fx8dbMPxXtvfqCnff7jk0yoWNp7Kk//e4m5/3R3texCJMCMKk903+xdw1284C0 7Fi2eJK9nJEx508LwdL4vhLAPw1qEDfdLexqp/JKZMO6F2v7Zr3mqs/MdB2JQ2O/ oWN6R4IBIxAIwIBi/5Cdnx2uHMcfLKAy/HuDlFaZ2rUFaIDkxX1FK7bYB1gk4Elo ap/YloX5EYI5kbdodt448Mf/J/+XZ44nnu+afaUU9lBpR6Q9GZarYnzq5AGnLYON FXK74mddGFhpHdIse8dMBXdSWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK2eBrCK oNelALvlCTrAfnCXDtCcMB8GA1UdIwQYMBaAFLNrlxcko7q9iQt1RZiTNyD5cv6v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTU1OC8zREYxNEYwODUz OTQxMUVBQkY2QjRGNUZDNEY5QUUwMi9zMnVYRnlTanVyMkpDM1ZGbUpNM0lQbHlf cTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3MydVhGeVNqdXIySkMzVkZtSk0zSVBseV9xOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTU1OC8zREYxNEYwODUzOTQxMUVBQkY2QjRGNUZDNEY5QUUwMi9zMnVYRnlTanVy MkpDM1ZGbUpNM0lQbHlfcTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+/M1Wz7+8DoxZ/Uz9KmrHBEDYAct5kaqIvtkeEV10RuUAlRVneisq aan3DhUMwlutXuSPkUqsB+n+xCG4d4aYVZDWEyuOPXoWnE2wWj3i/yUSRgC2vI2V HFzZY4GLgLbK5BRdsIhx8+8jCnVbBx9DI9Zh1KRsbjIP/1X8r4lc7o5O1VMIINAt +op4qcKpDTDUE/vY1t7rouaiPu85T4Ss+qaWwuEXQWNIlhcW++DcNT367WLY4R09 B0y5EfqLLs36VBBaG9uuaSufI4HkCuCbVekmiwegyYPMTmKdy7TeCJbgQzdCfVPX nV1SDsqZU+JOHEK2B2AqAvFLUfnnqBNP -----END CERTIFICATE-----Generated at Sat Aug 23 12:30:16 2025 by rpki-client