$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft File: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft (raw, json) Hash identifier: ZyhzIbFLZaWA4Uub06pJBBmiqkI0gkp15jRA/mgTlwo= Subject key identifier: FF:F1:07:EE:4D:C9:82:6A:32:9A:B4:3E:E1:27:4B:34:B2:7B:30:D3 Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 3572 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft Manifest number: 350D Signing time: Fri 22 Aug 2025 14:54:10 +0000 Manifest this update: Fri 22 Aug 2025 14:54:09 +0000 Manifest next update: Fri 29 Aug 2025 14:54:09 +0000 Files and hashes: 1: ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl (hash: 8kCDF1fKG5P55vi+iPpixmeuSSyS0AnbWJ5Q64ELCVo=) 2: 64E2B628BE4911EE897F291BC4F9AE02.roa (hash: oj9MA2Xl79Ulu/1U7XExVD59vw2GZhJkFrHTogIDTCg=) 3: E6F73E22B99E11EEBF189021C4F9AE02.roa (hash: 1mDu3Q1bdiSa3axtc15ZDTGlc4zW4OxSySLPwHbTbvE=) 4: DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa (hash: 3IhKk2ns73ug1cPcItokkvNYGQWI9rs7b4nF6YtsTSc=) 5: D79607EEDCDD11EE85DBEB12C4F9AE02.roa (hash: vltJ7Buw53igWVIfCgs9blss6VeKEkgF9l7xhGZDnwo=) 6: 29F7413CBB6011EEB59E5D81C4F9AE02.roa (hash: ZqgeyChgSkuAuEy8E4XBqCcFOmGTEjV9SXx7odN3pv4=) 7: D1EE6884F06C11EEA5BAA656C4F9AE02.roa (hash: 8K4hb6GJHcWswysfKKK+VFXlsdhKy8EjS5fIz+8731Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:54:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13682 (0x3572) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: Aug 22 14:54:09 2025 GMT Not After : Aug 29 14:54:09 2025 GMT Subject: CN=68a88491-e48d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:07:f9:f2:d7:4a:05:fe:43:ff:ab:4c:0d:86: c8:f4:dd:b7:ba:87:de:39:7b:b8:99:0e:1e:9b:a2: 9c:e0:2f:72:38:68:0a:b4:52:f2:db:3d:6a:66:68: f1:b5:37:1f:2e:71:5a:c3:6d:be:ec:2d:31:2f:ca: e3:25:c4:d2:a2:3a:e2:7c:c8:63:66:18:c2:9a:b1: 73:ec:7c:10:28:c1:1e:0a:1f:18:bb:a0:19:90:c8: 28:a4:74:38:b1:d3:53:4f:30:cf:6a:f9:e1:69:99: c6:9e:2b:45:61:43:ee:41:e6:0d:d2:18:a5:38:9b: 4c:5e:78:d4:a2:57:fd:52:ba:94:17:c8:2a:e7:25: 03:44:1b:76:c7:4a:26:ad:56:cc:6a:d0:fe:4b:8f: f1:8d:f9:4b:ea:20:20:ce:2f:ce:b7:82:17:dc:94: 79:a0:7b:21:b4:8d:36:d9:96:ee:37:f5:2d:b9:40: af:6c:fc:e9:11:4f:da:26:d5:60:76:3a:45:14:14: 39:4f:58:e6:90:dc:b9:f6:a4:ab:3f:87:69:e6:99: 70:68:c4:22:b1:69:25:c6:32:99:1d:d0:e8:e0:55: 8d:06:7e:13:49:e4:76:ad:c6:64:40:79:65:8e:ec: 19:97:ea:e2:2a:26:31:19:17:c5:08:ad:1c:e7:7d: b6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:F1:07:EE:4D:C9:82:6A:32:9A:B4:3E:E1:27:4B:34:B2:7B:30:D3 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:40:9c:b8:31:53:f8:a4:3a:5e:cc:ca:96:7d:a4:8a:66:8a: a5:39:89:32:3e:97:87:79:a3:79:43:89:19:55:9c:d7:44:62: f3:a1:b1:3e:16:92:29:42:eb:33:8a:d2:d7:ef:e4:9d:0c:7c: 26:a1:42:f5:71:e1:23:01:8d:b6:1c:4a:cf:da:59:bc:03:83: 0b:2d:a8:33:57:a6:37:16:10:69:3a:1c:5a:34:00:60:83:7f: 05:ea:8b:ce:85:18:96:0b:75:14:fc:13:7d:1a:dd:49:7e:03: ad:fd:f0:a9:a4:76:49:79:f5:e9:b7:e7:e3:2a:45:de:ef:05: 98:9f:a1:bb:3b:ca:7c:d8:ab:d5:9c:d7:bf:36:4a:e0:ed:b1: 13:90:85:ca:bb:53:6e:d3:61:34:39:9a:86:67:d8:0e:71:44: 90:98:b5:86:f0:1b:9f:5b:d2:b2:6e:5b:29:40:69:34:6f:0f: e0:42:fa:70:32:4f:3d:bf:85:75:3b:07:b2:a0:71:e5:d7:76: 5c:86:99:a6:90:c4:b5:ee:ed:8c:ca:fb:d2:27:70:81:34:a8: 12:13:1e:5d:94:66:71:a7:eb:14:89:63:fe:6e:77:78:f9:03: 00:2a:27:0f:ad:1c:4f:ad:ea:a2:43:9d:99:be:58:5a:8c:cb: 2f:80:83:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjUwODIyMTQ1NDA5WhcNMjUwODI5MTQ1NDA5WjAYMRYwFAYD VQQDEw02OGE4ODQ5MS1lNDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQf58tdKBf5D/6tMDYbI9N23uofeOXu4mQ4em6Kc4C9yOGgKtFLy2z1qZmjx tTcfLnFaw22+7C0xL8rjJcTSojrifMhjZhjCmrFz7HwQKMEeCh8Yu6AZkMgopHQ4 sdNTTzDPavnhaZnGnitFYUPuQeYN0hilOJtMXnjUolf9UrqUF8gq5yUDRBt2x0om rVbMatD+S4/xjflL6iAgzi/Ot4IX3JR5oHshtI022ZbuN/UtuUCvbPzpEU/aJtVg djpFFBQ5T1jmkNy59qSrP4dp5plwaMQisWklxjKZHdDo4FWNBn4TSeR2rcZkQHll juwZl+riKiYxGRfFCK0c5322CQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP/xB+5N yYJqMpq0PuEnSzSyezDTMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTk3OC8zMjIzRjM1RTFEOTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMy bVZJc2s5Sm5jX0RmZzVicjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSQJy4MVP4pDpezMqWfaSKZoqlOYkyPpeHeaN5Q4kZVZzXRGLzobE+ FpIpQuszitLX7+SdDHwmoUL1ceEjAY22HErP2lm8A4MLLagzV6Y3FhBpOhxaNABg g38F6ovOhRiWC3UU/BN9Gt1JfgOt/fCppHZJefXpt+fjKkXe7wWYn6G7O8p82KvV nNe/Nkrg7bETkIXKu1Nu02E0OZqGZ9gOcUSQmLWG8BufW9KyblspQGk0bw/gQvpw Mk89v4V1OweyoHHl13ZchpmmkMS17u2MyvvSJ3CBNKgSEx5dlGZxp+sUiWP+bnd4 +QMAKicPrRxPreqiQ52ZvlhajMsvgINY -----END CERTIFICATE-----Generated at Sat Aug 23 18:57:23 2025 by rpki-client