$ rpki-client -vvf rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft File: PgzfiCrujHIh1YijxSYBjh1kyWg.mft (raw, json) Hash identifier: Lyh3BsomjQSpEkM6PXeJsgdaIt3EbpCrxSa9D+7uffw= Subject key identifier: F8:63:00:8B:7F:4E:AD:7B:64:D0:82:CD:12:ED:E7:4F:B7:62:E3:A5 Authority key identifier: 3E:0C:DF:88:2A:EE:8C:72:21:D5:88:A3:C5:26:01:8E:1D:64:C9:68 Certificate issuer: /CN=A91CED30/serialNumber=3E0CDF882AEE8C7221D588A3C526018E1D64C968 Certificate serial: 0135 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft Manifest number: 0132 Signing time: Sat 23 Aug 2025 04:40:23 +0000 Manifest this update: Sat 23 Aug 2025 04:40:23 +0000 Manifest next update: Sat 30 Aug 2025 04:40:23 +0000 Files and hashes: 1: PgzfiCrujHIh1YijxSYBjh1kyWg.crl (hash: wOwgDvlOpnzF/2rios0SWa5/cZBusRSwgAshR0qNJAE=) 2: 41E0B402AE1F11EE96A5C977C4F9AE02.roa (hash: 92n4boJHjJIj9KtZ2gabfQc0rIkNAgV+GGdiupr7NM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.crl rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:40:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 309 (0x135) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CED30, serialNumber=3E0CDF882AEE8C7221D588A3C526018E1D64C968 Validity Not Before: Aug 23 04:40:23 2025 GMT Not After : Aug 30 04:40:23 2025 GMT Subject: CN=68a94637-48cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:df:52:7d:d6:aa:73:d9:37:8d:b1:b4:91:c9: 51:ff:a4:ad:ce:fd:19:8e:66:4c:7f:e0:f8:7f:35: c2:87:df:f5:b7:14:84:0d:61:04:11:06:eb:be:dc: f3:b9:27:ad:54:c8:19:f9:47:66:5b:5a:2a:56:58: b3:e2:69:dd:a4:23:97:f8:26:04:88:6e:dc:da:d6: 82:bb:59:05:db:9e:f9:3d:35:71:0c:b0:95:cb:05: 0b:b4:fc:ed:47:b4:36:64:28:4b:34:cd:2d:75:49: 4b:6e:b5:89:1c:49:1f:ca:4f:c8:1c:02:4e:20:58: 00:17:e5:7e:91:c0:ad:f4:be:ea:71:a2:c8:f2:cb: a9:77:24:79:30:4f:b0:57:dc:18:7b:7b:47:30:02: 74:d3:0b:df:85:5e:86:bb:26:a0:f5:77:7c:9c:94: 41:f2:59:67:41:c8:8c:12:6a:bd:d4:78:8a:b1:f4: 82:21:39:50:af:6b:d1:10:c2:34:83:36:c1:b2:b1: 00:ee:28:8b:e5:1f:a9:1d:26:ef:c4:9a:ed:fb:46: ab:70:d1:a7:b0:29:25:62:5b:e0:89:bb:05:30:28: af:ea:38:ed:bc:7e:29:9e:44:1e:bc:8f:c5:6c:03: 2b:1e:2b:ad:7b:3c:ad:09:a6:3a:86:8e:17:95:25: 3c:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:63:00:8B:7F:4E:AD:7B:64:D0:82:CD:12:ED:E7:4F:B7:62:E3:A5 X509v3 Authority Key Identifier: keyid:3E:0C:DF:88:2A:EE:8C:72:21:D5:88:A3:C5:26:01:8E:1D:64:C9:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:56:2e:26:88:7c:aa:d1:b3:59:72:29:61:43:69:ac:87:96: 7d:7b:cc:65:f0:e1:3d:bb:e7:ca:71:f7:b0:a6:76:11:21:b0: 81:f2:5f:4a:9c:93:d9:83:fe:53:3c:f7:06:49:5a:eb:c6:b6: 7f:c8:32:93:da:6f:fc:83:b6:a2:30:89:bc:5a:39:b1:68:5f: 96:14:8c:b2:83:ab:b5:65:73:c7:aa:3c:82:99:f9:8b:70:9f: be:bf:51:03:d4:15:bb:1c:e1:c6:c3:4f:84:34:49:04:2f:33: eb:78:1e:28:da:5a:d4:34:fd:7d:55:99:f7:e9:d9:5f:b6:56: ca:18:f5:0a:bd:da:f2:6c:b9:7c:e2:1c:63:34:3c:c3:08:1e: a1:a0:f8:8d:92:49:39:48:85:27:7d:79:f7:41:39:18:ad:87: 7d:ee:54:5a:2f:e1:d8:b6:38:ab:2a:41:9a:5d:b2:1c:51:4b: 4b:03:ac:77:4b:c8:a8:e8:ba:36:62:f8:57:37:d6:38:a3:b4: 92:d7:01:69:84:89:69:63:2b:bc:9d:af:58:3b:ad:f2:30:1b: 04:f9:66:5b:3c:d5:2e:21:07:7d:dd:5b:75:ff:aa:ed:33:c8: eb:a9:02:bd:c6:41:14:86:b1:2b:16:1f:b9:6c:c7:f6:02:46: 7c:2e:6f:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VEMzAxMTAvBgNVBAUTKDNFMENERjg4MkFFRThDNzIyMUQ1ODhBM0M1MjYwMThF MUQ2NEM5NjgwHhcNMjUwODIzMDQ0MDIzWhcNMjUwODMwMDQ0MDIzWjAYMRYwFAYD VQQDEw02OGE5NDYzNy00OGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxd9Sfdaqc9k3jbG0kclR/6Stzv0ZjmZMf+D4fzXCh9/1txSEDWEEEQbrvtzz uSetVMgZ+UdmW1oqVliz4mndpCOX+CYEiG7c2taCu1kF2575PTVxDLCVywULtPzt R7Q2ZChLNM0tdUlLbrWJHEkfyk/IHAJOIFgAF+V+kcCt9L7qcaLI8supdyR5ME+w V9wYe3tHMAJ00wvfhV6Guyag9Xd8nJRB8llnQciMEmq91HiKsfSCITlQr2vREMI0 gzbBsrEA7iiL5R+pHSbvxJrt+0arcNGnsCklYlvgibsFMCiv6jjtvH4pnkQevI/F bAMrHiutezytCaY6ho4XlSU8HQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPhjAIt/ Tq17ZNCCzRLt50+3YuOlMB8GA1UdIwQYMBaAFD4M34gq7oxyIdWIo8UmAY4dZMlo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUQzMC9CRTgwQzZBNkFF MUUxMUVFQTdFQTBBNzdDNEY5QUUwMi9QZ3pmaUNydWpISWgxWWlqeFNZQmpoMWt5 V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BnemZpQ3J1akhJaDFZaWp4U1lCamgxa3lXZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUQzMC9CRTgwQzZBNkFFMUUxMUVFQTdFQTBBNzdDNEY5QUUwMi9QZ3pmaUNydWpI SWgxWWlqeFNZQmpoMWt5V2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/Vi4miHyq0bNZcilhQ2msh5Z9e8xl8OE9u+fKcfewpnYRIbCB8l9K nJPZg/5TPPcGSVrrxrZ/yDKT2m/8g7aiMIm8WjmxaF+WFIyyg6u1ZXPHqjyCmfmL cJ++v1ED1BW7HOHGw0+ENEkELzPreB4o2lrUNP19VZn36dlftlbKGPUKvdrybLl8 4hxjNDzDCB6hoPiNkkk5SIUnfXn3QTkYrYd97lRaL+HYtjirKkGaXbIcUUtLA6x3 S8io6Lo2YvhXN9Y4o7SS1wFphIlpYyu8na9YO63yMBsE+WZbPNUuIQd93Vt1/6rt M8jrqQK9xkEUhrErFh+5bMf2AkZ8Lm+f -----END CERTIFICATE-----Generated at Sat Aug 23 20:36:53 2025 by rpki-client