$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: ISekjPW2DAax+1Iv99LRCbL8THPkAmB3fekYWoXczYw= Subject key identifier: 6A:B5:4B:5B:29:B4:C5:90:4E:BB:38:AC:7A:4E:C8:68:11:B2:CB:62 Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 058F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 0587 Signing time: Fri 22 Aug 2025 23:26:51 +0000 Manifest this update: Fri 22 Aug 2025 23:26:51 +0000 Manifest next update: Fri 29 Aug 2025 23:26:51 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: XoCW65rBaLZSbEd1GJ2EPoCDSrEig5W5fJlpaZmzHHE=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: WoeJPfBlNid7RydzbYK1jVf1zbozvuQMQ+6wRuDKrQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:26:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1423 (0x58f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB, serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: Aug 22 23:26:51 2025 GMT Not After : Aug 29 23:26:51 2025 GMT Subject: CN=68a8fcbb-cd48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a4:c2:f1:d6:b9:41:f1:a7:2d:8c:cf:2a:25: bc:02:0c:a0:e3:cf:b8:81:02:a3:b4:13:47:1d:ee: 47:24:40:f3:eb:25:36:3e:bb:3c:a8:fb:0d:18:fa: 2a:89:ec:13:81:88:eb:5f:54:57:21:0a:b8:4e:6e: c5:68:f8:19:7a:e6:35:c4:22:53:6d:7c:f1:35:59: 57:37:ea:ff:08:44:a0:a6:39:59:40:fc:fd:31:58: 9a:b0:19:53:69:b7:f6:01:c8:ec:19:f7:7f:36:f0: c2:fc:2d:ff:11:6c:a0:95:e0:d4:fa:f1:43:c8:b7: 5a:4f:6b:61:44:ba:22:db:45:c8:e4:90:6b:8f:ee: 13:76:6a:cc:9a:7b:a4:c4:e1:dd:4f:81:d8:62:b1: 22:01:13:be:0a:bc:ec:59:0b:1d:ad:61:2d:97:90: b4:19:da:3f:7c:7a:46:25:79:4c:d8:fe:fe:31:06: 61:77:e8:be:5c:ce:ee:e0:de:0f:98:d4:44:1f:ef: a7:76:15:d6:59:8b:9f:ee:af:c9:63:74:5f:6e:fb: e8:73:59:76:d2:4b:31:18:45:a8:57:eb:99:86:a8: 89:f5:dc:65:78:12:a5:44:53:fe:0c:6e:43:d0:50: f5:ad:9a:fd:42:bb:db:40:aa:b9:4a:5e:92:d5:56: e8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:B5:4B:5B:29:B4:C5:90:4E:BB:38:AC:7A:4E:C8:68:11:B2:CB:62 X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:82:cd:d9:52:e7:04:71:61:d5:86:c8:64:d1:69:5a:8e:bd: 9a:2c:87:ca:01:47:4c:1e:5e:47:4b:07:80:3a:22:ec:2c:e4: 6f:98:7e:43:8a:dd:eb:23:5f:cd:44:56:05:c6:fb:f7:24:ec: 4d:f2:36:ac:d0:50:89:12:44:35:7c:9a:89:f1:98:32:e4:e8: 7e:77:9c:88:05:bf:3b:95:de:98:0d:88:de:66:c2:20:19:20: bb:1e:61:3c:de:d5:a6:72:e7:66:87:5e:ad:6d:5c:3b:bc:05: 75:1e:c0:2b:79:74:8a:88:26:1b:c2:d5:f1:72:f7:ae:f2:ee: f7:c6:be:96:a6:86:39:34:3e:98:e8:df:d4:5e:dd:0c:eb:91: 62:e4:84:f5:62:fa:33:b1:5a:0a:d3:4b:c1:21:0e:76:2d:4b: c9:bc:ff:1c:89:9f:a8:5c:c0:c8:ca:a2:38:a5:c9:71:2f:e5: 60:e7:8a:b4:36:fb:d8:ba:b4:9d:3b:37:28:60:81:47:b8:56: d1:d7:59:c6:d3:b3:80:ee:63:1a:8b:d3:52:dd:66:3b:fa:fe: e8:1e:d8:33:a3:07:cb:e7:b0:af:d1:5f:e5:84:b3:a0:b9:95: df:06:fd:48:57:52:2c:19:af:7f:6e:26:30:1e:c8:aa:3d:f7: 01:3e:84:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjUwODIyMjMyNjUxWhcNMjUwODI5MjMyNjUxWjAYMRYwFAYD VQQDEw02OGE4ZmNiYi1jZDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaTC8da5QfGnLYzPKiW8Agyg48+4gQKjtBNHHe5HJEDz6yU2Prs8qPsNGPoq iewTgYjrX1RXIQq4Tm7FaPgZeuY1xCJTbXzxNVlXN+r/CESgpjlZQPz9MViasBlT abf2AcjsGfd/NvDC/C3/EWygleDU+vFDyLdaT2thRLoi20XI5JBrj+4TdmrMmnuk xOHdT4HYYrEiARO+CrzsWQsdrWEtl5C0Gdo/fHpGJXlM2P7+MQZhd+i+XM7u4N4P mNREH++ndhXWWYuf7q/JY3Rfbvvoc1l20ksxGEWoV+uZhqiJ9dxleBKlRFP+DG5D 0FD1rZr9QrvbQKq5Sl6S1Vbo3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGq1S1sp tMWQTrs4rHpOyGgRsstiMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMgs3ZUucEcWHVhshk0Wlajr2aLIfKAUdMHl5HSweAOiLsLORvmH5D it3rI1/NRFYFxvv3JOxN8jas0FCJEkQ1fJqJ8Zgy5Oh+d5yIBb87ld6YDYjeZsIg GSC7HmE83tWmcudmh16tbVw7vAV1HsAreXSKiCYbwtXxcveu8u73xr6WpoY5ND6Y 6N/UXt0M65Fi5IT1YvozsVoK00vBIQ52LUvJvP8ciZ+oXMDIyqI4pclxL+Vg54q0 NvvYurSdOzcoYIFHuFbR11nG07OA7mMai9NS3WY7+v7oHtgzowfL57Cv0V/lhLOg uZXfBv1IV1IsGa9/biYwHsiqPfcBPoSV -----END CERTIFICATE-----Generated at Sat Aug 23 13:48:28 2025 by rpki-client