$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft File: U8lIF-sTZfHejDwrRAIjmIHBlD0.mft (raw, json) Hash identifier: SqRv/FVEJ1PPkP6+lYQwVWhd9yePiH/tdJIQaodiiwk= Subject key identifier: 04:DF:06:FC:B9:FC:41:FD:2D:6B:C3:08:25:EA:62:27:F8:77:60:17 Authority key identifier: 53:C9:48:17:EB:13:65:F1:DE:8C:3C:2B:44:02:23:98:81:C1:94:3D Certificate issuer: /CN=A91D3307/serialNumber=53C94817EB1365F1DE8C3C2B4402239881C1943D Certificate serial: 04DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft Manifest number: 04C1 Signing time: Sat 23 Aug 2025 00:09:44 +0000 Manifest this update: Sat 23 Aug 2025 00:09:44 +0000 Manifest next update: Sat 30 Aug 2025 00:09:44 +0000 Files and hashes: 1: U8lIF-sTZfHejDwrRAIjmIHBlD0.crl (hash: CUtrETkzu02k4KbO8aVhdtx7CrHHrgvKcwJBlfuYWJ0=) 2: C908B72A696F11EFA4DA475FC4F9AE02.roa (hash: tXoHtibATlzSAFpYW8FXeLBuzqLRo++NJ/KLRuKUVS4=) 3: C9C70AEA696F11EFA4DA475FC4F9AE02.roa (hash: 8/T20piCaEKmwex2vfHli1eA2pf6jywQnHESOXqs7Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.crl rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:09:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1242 (0x4da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3307, serialNumber=53C94817EB1365F1DE8C3C2B4402239881C1943D Validity Not Before: Aug 23 00:09:44 2025 GMT Not After : Aug 30 00:09:44 2025 GMT Subject: CN=68a906c8-9e2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:11:c3:47:fd:af:c2:44:ab:db:f3:f3:f9:04: 75:46:7c:e5:93:6a:84:fb:88:2d:bf:f3:0f:98:06: 0e:28:f2:80:ea:c6:2f:3a:31:61:63:03:d7:8f:90: d8:25:3b:9a:79:3b:a0:a9:5c:0c:6d:dd:8e:df:7d: 53:1f:ed:74:cb:8c:2f:6a:ac:dd:1e:8f:fa:b1:3a: 55:02:76:f3:a1:7b:80:2b:a8:c0:b8:f7:4a:13:bf: 4d:90:1f:01:1a:cc:2d:25:13:80:97:7a:47:0d:77: a9:f3:1b:90:d0:19:89:66:fe:fa:3a:0c:7c:ff:ed: bc:a5:b6:b2:a9:6c:09:65:2d:4d:8c:6b:84:fa:e2: 09:ac:27:80:0c:39:12:d0:f5:6f:e8:84:e0:c7:7e: af:14:8e:f6:f6:03:d6:76:e7:11:76:1e:3b:eb:15: 32:54:59:dd:05:cf:a7:cb:95:3e:68:8b:09:50:2c: 1f:7f:91:09:dc:14:87:16:87:43:1e:ec:bc:34:1c: 6b:92:87:08:03:43:98:fb:dd:28:40:3c:0a:35:cb: 3a:81:2f:ed:8a:9f:4d:88:72:33:17:01:1f:89:96: 45:25:b0:04:c4:8c:89:f5:4f:15:08:db:a9:fc:0e: c9:b5:ed:d2:26:85:90:a4:4a:a5:9d:00:25:72:f1: 7d:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:DF:06:FC:B9:FC:41:FD:2D:6B:C3:08:25:EA:62:27:F8:77:60:17 X509v3 Authority Key Identifier: keyid:53:C9:48:17:EB:13:65:F1:DE:8C:3C:2B:44:02:23:98:81:C1:94:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U8lIF-sTZfHejDwrRAIjmIHBlD0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3307/342D832842CC11EC8F13320DC4F9AE02/U8lIF-sTZfHejDwrRAIjmIHBlD0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:45:b8:8a:88:f0:c3:29:10:1a:db:61:77:8b:25:73:10:35: 5a:84:df:15:fb:c5:33:ab:92:7d:b5:5a:eb:51:e6:d0:b1:7f: f5:7d:a2:f7:e2:e6:23:1a:64:d9:78:1f:da:75:d3:df:f8:df: 1d:79:4a:5d:47:e9:67:bc:54:39:2e:32:1d:2e:c0:9c:eb:d5: e7:c0:be:98:bc:da:f5:76:c6:8b:6d:97:79:47:ff:25:51:2d: d2:d8:3f:b8:d6:79:de:cd:97:6a:c6:5e:9b:fa:12:15:cc:08: ae:1e:95:6c:7e:96:53:81:11:16:92:d2:a4:de:1c:cd:39:48: af:ef:31:cd:71:ec:76:d2:5f:72:af:92:58:a9:17:de:d3:02: 68:79:46:37:40:da:d6:c1:ce:45:fe:a6:74:e1:f7:0b:df:e1: 99:58:0d:e1:21:44:96:69:71:f0:9e:3f:3a:13:ef:2a:87:6e: f6:0b:8d:28:83:58:c8:a3:f4:8a:e3:56:72:72:e8:7c:69:e0: 3d:31:e7:f0:ab:8d:e7:cf:32:ae:90:80:5a:21:32:ee:75:86: 19:6a:2b:30:47:75:ce:59:c4:5b:f3:1f:fc:ab:7e:2d:09:01: 26:b1:2f:ee:e2:d7:8c:d3:41:8b:9e:02:70:e6:19:3b:3d:d9: 2d:5c:83:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMzMDcxMTAvBgNVBAUTKDUzQzk0ODE3RUIxMzY1RjFERThDM0MyQjQ0MDIyMzk4 ODFDMTk0M0QwHhcNMjUwODIzMDAwOTQ0WhcNMjUwODMwMDAwOTQ0WjAYMRYwFAYD VQQDEw02OGE5MDZjOC05ZTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6RHDR/2vwkSr2/Pz+QR1Rnzlk2qE+4gtv/MPmAYOKPKA6sYvOjFhYwPXj5DY JTuaeTugqVwMbd2O331TH+10y4wvaqzdHo/6sTpVAnbzoXuAK6jAuPdKE79NkB8B GswtJROAl3pHDXep8xuQ0BmJZv76Ogx8/+28pbayqWwJZS1NjGuE+uIJrCeADDkS 0PVv6ITgx36vFI729gPWducRdh476xUyVFndBc+ny5U+aIsJUCwff5EJ3BSHFodD Huy8NBxrkocIA0OY+90oQDwKNcs6gS/tip9NiHIzFwEfiZZFJbAExIyJ9U8VCNup /A7Jte3SJoWQpEqlnQAlcvF9/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFATfBvy5 /EH9LWvDCCXqYif4d2AXMB8GA1UdIwQYMBaAFFPJSBfrE2Xx3ow8K0QCI5iBwZQ9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzMwNy8zNDJEODMyODQy Q0MxMUVDOEYxMzMyMERDNEY5QUUwMi9VOGxJRi1zVFpmSGVqRHdyUkFJam1JSEJs RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U4bElGLXNUWmZIZWpEd3JSQUlqbUlIQmxEMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzMwNy8zNDJEODMyODQyQ0MxMUVDOEYxMzMyMERDNEY5QUUwMi9VOGxJRi1zVFpm SGVqRHdyUkFJam1JSEJsRDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDMRbiKiPDDKRAa22F3iyVzEDVahN8V+8Uzq5J9tVrrUebQsX/1faL3 4uYjGmTZeB/addPf+N8deUpdR+lnvFQ5LjIdLsCc69XnwL6YvNr1dsaLbZd5R/8l US3S2D+41nnezZdqxl6b+hIVzAiuHpVsfpZTgREWktKk3hzNOUiv7zHNcex20l9y r5JYqRfe0wJoeUY3QNrWwc5F/qZ04fcL3+GZWA3hIUSWaXHwnj86E+8qh272C40o g1jIo/SK41Zycuh8aeA9Mefwq43nzzKukIBaITLudYYZaiswR3XOWcRb8x/8q34t CQEmsS/u4teM00GLngJw5hk7PdktXIMH -----END CERTIFICATE-----Generated at Sat Aug 23 21:02:20 2025 by rpki-client