$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft File: LD0jWhshn0FmEJALADuKv9wXAqI.mft (raw, json) Hash identifier: yYMutGZNUOR6CGjQv5Nk7ZgjF3mq2a6zf8O5lYFLUZk= Subject key identifier: BA:A8:F0:5F:F0:AB:D3:4F:02:50:2C:C8:E9:BA:60:4B:B3:1A:CB:98 Authority key identifier: 2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 Certificate issuer: /CN=A91CEA40/serialNumber=2C3D235A1B219F416610900B003B8ABFDC1702A2 Certificate serial: 063C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft Manifest number: 062F Signing time: Fri 22 Aug 2025 22:58:47 +0000 Manifest this update: Fri 22 Aug 2025 22:58:46 +0000 Manifest next update: Fri 29 Aug 2025 22:58:46 +0000 Files and hashes: 1: LD0jWhshn0FmEJALADuKv9wXAqI.crl (hash: Gkrk0GqQ9lbcdANbPK2JZfiBSNoRYUC1z5jCIrz8ts8=) 2: 96F093D4BEA011EB8CAD965FC4F9AE02.roa (hash: NpLkQ/NypmNX/0X8ZR0aPK3YWZwmOShkZdvPXd4fivY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:58:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1596 (0x63c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEA40, serialNumber=2C3D235A1B219F416610900B003B8ABFDC1702A2 Validity Not Before: Aug 22 22:58:46 2025 GMT Not After : Aug 29 22:58:46 2025 GMT Subject: CN=68a8f626-df66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:69:1a:37:e3:cd:b6:fe:ca:64:73:01:c0:8d: 56:ec:41:ff:7f:dc:3e:4f:fc:00:3a:ab:f8:11:a3: 0c:9c:60:b0:3a:5d:49:b4:8b:e3:68:18:f8:fa:4b: 70:7d:0d:77:16:a8:7f:22:24:5d:80:06:18:5d:c7: 3d:18:3f:cc:d6:72:4a:bf:bc:e0:72:1e:11:26:e7: e6:ef:09:05:37:ce:21:78:25:34:73:dd:e1:9e:9e: 37:09:11:85:a8:33:02:36:9a:5e:55:5a:79:b7:2e: db:20:62:e3:31:fc:7e:10:a6:34:c4:03:4a:e8:ad: 13:13:f2:12:72:09:06:c6:db:34:b5:34:a2:91:82: 0a:73:a4:59:b7:d3:da:4c:3c:49:5c:c0:94:87:e3: 9e:45:87:05:37:99:c7:74:87:35:6e:f2:5a:2f:09: 6b:be:cd:c3:8a:c6:0b:ba:cf:0d:e2:2e:c2:93:c9: d0:2c:39:b5:dc:53:ed:ee:f8:af:de:8c:17:34:e6: be:51:51:23:46:56:32:1f:e7:45:23:ce:87:1c:2a: 6b:a9:5a:88:95:b9:28:13:80:c7:3f:aa:34:dc:62: 1b:2a:e5:d1:2b:d8:b9:c1:1b:7c:b5:f6:13:63:46: a4:04:ff:e6:42:df:d4:aa:e8:41:24:d5:64:30:32: 4d:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:A8:F0:5F:F0:AB:D3:4F:02:50:2C:C8:E9:BA:60:4B:B3:1A:CB:98 X509v3 Authority Key Identifier: keyid:2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:f6:20:8d:20:9f:fc:6c:79:de:c1:8c:ae:f2:33:40:8f:76: 61:cf:ef:79:06:9f:d8:46:e4:fe:5f:81:6d:b0:5a:45:f6:cb: 18:e8:37:e7:1d:15:a8:fd:2f:64:07:47:a0:c2:41:10:d3:30: 82:fe:64:fc:21:2d:ef:f6:8f:a2:7e:fe:89:5a:c8:90:b3:d1: f7:0c:e5:0f:ab:44:8a:21:02:c2:fc:0f:37:51:1b:09:95:ab: ce:c8:74:8f:bf:25:c2:bf:f9:47:3b:b7:df:4f:cd:9d:71:5c: 4e:6d:e1:5f:9c:62:5d:aa:3a:44:01:3d:43:68:0f:c1:8b:81: 90:6e:64:36:cb:50:6e:42:61:1d:b5:67:c9:f2:91:24:c7:99: ae:c0:76:ad:a7:32:53:ec:a8:44:d8:11:57:23:28:a6:d0:c0: f8:99:83:3d:be:69:24:15:7c:da:d3:9e:ba:43:f8:ef:b2:ca: 08:a8:23:0d:ca:36:fd:9a:02:bd:75:a3:d0:6c:6b:fd:ec:f0: 32:82:aa:8f:d0:84:b0:b1:a1:88:df:50:85:ab:69:2a:73:b2: 0a:c9:f3:f4:a1:8b:00:aa:96:6b:41:37:9d:7b:61:52:cf:01: b4:af:2c:a7:55:40:da:cc:e2:16:fa:45:b5:49:bd:d9:e4:ed: 51:27:a9:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBNDAxMTAvBgNVBAUTKDJDM0QyMzVBMUIyMTlGNDE2NjEwOTAwQjAwM0I4QUJG REMxNzAyQTIwHhcNMjUwODIyMjI1ODQ2WhcNMjUwODI5MjI1ODQ2WjAYMRYwFAYD VQQDEw02OGE4ZjYyNi1kZjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwmkaN+PNtv7KZHMBwI1W7EH/f9w+T/wAOqv4EaMMnGCwOl1JtIvjaBj4+ktw fQ13Fqh/IiRdgAYYXcc9GD/M1nJKv7zgch4RJufm7wkFN84heCU0c93hnp43CRGF qDMCNppeVVp5ty7bIGLjMfx+EKY0xANK6K0TE/IScgkGxts0tTSikYIKc6RZt9Pa TDxJXMCUh+OeRYcFN5nHdIc1bvJaLwlrvs3DisYLus8N4i7Ck8nQLDm13FPt7viv 3owXNOa+UVEjRlYyH+dFI86HHCprqVqIlbkoE4DHP6o03GIbKuXRK9i5wRt8tfYT Y0akBP/mQt/UquhBJNVkMDJNiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLqo8F/w q9NPAlAsyOm6YEuzGsuYMB8GA1UdIwQYMBaAFCw9I1obIZ9BZhCQCwA7ir/cFwKi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUE0MC84RTk2NEJDRUFG NzkxMUVCODQyMTdBNThDNEY5QUUwMi9MRDBqV2hzaG4wRm1FSkFMQUR1S3Y5d1hB cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEMGpXaHNobjBGbUVKQUxBRHVLdjl3WEFxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUE0MC84RTk2NEJDRUFGNzkxMUVCODQyMTdBNThDNEY5QUUwMi9MRDBqV2hzaG4w Rm1FSkFMQUR1S3Y5d1hBcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAq9iCNIJ/8bHnewYyu8jNAj3Zhz+95Bp/YRuT+X4FtsFpF9ssY6Dfn HRWo/S9kB0egwkEQ0zCC/mT8IS3v9o+ifv6JWsiQs9H3DOUPq0SKIQLC/A83URsJ lavOyHSPvyXCv/lHO7ffT82dcVxObeFfnGJdqjpEAT1DaA/Bi4GQbmQ2y1BuQmEd tWfJ8pEkx5muwHatpzJT7KhE2BFXIyim0MD4mYM9vmkkFXza0566Q/jvssoIqCMN yjb9mgK9daPQbGv97PAygqqP0ISwsaGI31CFq2kqc7IKyfP0oYsAqpZrQTede2FS zwG0ryynVUDazOIW+kW1Sb3Z5O1RJ6lo -----END CERTIFICATE-----Generated at Sun Aug 24 04:48:10 2025 by rpki-client