$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft File: bKwrcgiF6COCTBln7fw2Psh0do0.mft (raw, json) Hash identifier: I7tP8RtHv8Oqi93SWsbCJDl8w8efeDhEFH6md1Wgz/E= Subject key identifier: 49:6D:DF:E9:1E:36:16:3E:DF:0E:C9:CE:F6:83:E8:D0:58:E7:B0:C1 Authority key identifier: 6C:AC:2B:72:08:85:E8:23:82:4C:19:67:ED:FC:36:3E:C8:74:76:8D Certificate issuer: /CN=A91D5BA2/serialNumber=6CAC2B720885E823824C1967EDFC363EC874768D Certificate serial: 0479 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft Manifest number: 0474 Signing time: Sat 23 Aug 2025 00:20:47 +0000 Manifest this update: Sat 23 Aug 2025 00:20:47 +0000 Manifest next update: Sat 30 Aug 2025 00:20:47 +0000 Files and hashes: 1: bKwrcgiF6COCTBln7fw2Psh0do0.crl (hash: 8mLb0apRjDB9RNoniQuvy5nRyz4AkrKQ0c3w0/g3p6w=) 2: AA5ADA7C579511ECA9BDE14AC4F9AE02.roa (hash: /NgK3u5jqw1d//qoTXrGcCnkIoepRe7WzeoPLGdtL+k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.crl rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:20:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1145 (0x479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5BA2, serialNumber=6CAC2B720885E823824C1967EDFC363EC874768D Validity Not Before: Aug 23 00:20:47 2025 GMT Not After : Aug 30 00:20:47 2025 GMT Subject: CN=68a9095f-2af5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ff:8d:dc:f5:45:69:23:ed:79:7a:01:b7:2a:1f: d9:9a:be:c0:ef:7e:10:d8:83:9b:bc:e7:ec:00:c9: 78:44:7d:6d:90:44:42:96:4e:b0:d6:7f:84:5b:a3: c1:18:0e:e4:e1:e3:73:d8:e9:77:58:58:55:4b:63: 6f:ca:f7:cb:ef:4a:bc:0f:d3:d1:89:d0:57:f4:8c: a6:ed:46:c5:64:4c:18:63:50:13:8d:03:d1:58:b7: ca:d2:94:21:87:5a:02:ec:1c:c0:3e:ea:51:f1:71: eb:fc:2a:4b:86:05:b1:89:3a:b1:59:47:c8:5d:06: 5b:4c:ac:35:5c:74:3c:7e:93:a8:50:fe:f4:73:91: a6:2c:ac:3f:a8:86:0d:6b:71:d3:a6:9e:60:0c:c4: e1:ec:8b:5a:98:e6:49:dc:69:ff:89:4d:57:24:44: b7:f8:37:3e:c3:1d:b0:bd:63:61:56:b8:83:fb:20: 97:3f:3d:c8:8e:45:aa:9c:07:cb:57:a9:5b:6c:2d: 04:55:89:a5:bb:d7:90:2c:48:6e:90:03:a3:bc:6c: cc:ec:29:15:b5:61:da:d5:32:d2:a6:8e:5b:e3:cf: a8:57:c9:5a:a2:37:c2:23:8a:e7:2f:48:12:51:93: 8f:2c:ae:a3:d7:0b:f0:ed:20:b8:96:de:9b:83:e8: 27:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:6D:DF:E9:1E:36:16:3E:DF:0E:C9:CE:F6:83:E8:D0:58:E7:B0:C1 X509v3 Authority Key Identifier: keyid:6C:AC:2B:72:08:85:E8:23:82:4C:19:67:ED:FC:36:3E:C8:74:76:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:22:eb:7c:b2:60:d9:aa:3a:f0:a8:74:0e:6f:7f:94:a7:ac: 98:ae:5c:41:81:7e:18:31:f2:e1:d2:55:b6:80:7d:19:79:f9: 96:2e:7f:c7:75:80:fd:cb:f2:e5:77:1b:f6:e6:10:da:b4:a0: 1e:2b:09:72:1f:f8:2c:7b:48:a8:46:2b:f7:50:8c:fc:c9:be: 2a:8d:05:48:37:47:04:96:3e:60:5a:62:92:38:a8:db:4f:1a: 5d:5b:c6:b2:26:00:36:8d:87:a0:30:3c:33:f5:12:46:a9:19: 00:01:58:1b:aa:5e:e6:65:bf:f5:93:bc:f0:2f:65:06:d6:62: e4:9a:68:41:c8:f3:c0:f9:24:be:d7:51:84:89:55:42:2e:24: 43:8e:3c:b7:34:ec:ae:18:41:5d:5b:ab:6f:17:5f:11:90:89: f1:81:ff:b9:95:14:1f:f5:66:5a:de:97:0c:e5:fa:5e:3e:b0: bb:09:cc:2a:c4:41:2e:4a:3a:6d:36:41:de:c8:19:06:8c:5b: 64:f2:c5:16:6c:cd:4d:91:61:92:07:4a:ce:17:93:82:88:3f: b4:3e:8c:6b:cc:19:42:6a:9e:10:90:5e:f7:47:2f:a4:e7:56: 2d:a4:c0:7e:74:2b:62:f2:72:78:50:d3:4e:f3:b0:3e:66:9e: f0:36:31:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVCQTIxMTAvBgNVBAUTKDZDQUMyQjcyMDg4NUU4MjM4MjRDMTk2N0VERkMzNjNF Qzg3NDc2OEQwHhcNMjUwODIzMDAyMDQ3WhcNMjUwODMwMDAyMDQ3WjAYMRYwFAYD VQQDEw02OGE5MDk1Zi0yYWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA/43c9UVpI+15egG3Kh/Zmr7A734Q2IObvOfsAMl4RH1tkERClk6w1n+EW6PB GA7k4eNz2Ol3WFhVS2NvyvfL70q8D9PRidBX9Iym7UbFZEwYY1ATjQPRWLfK0pQh h1oC7BzAPupR8XHr/CpLhgWxiTqxWUfIXQZbTKw1XHQ8fpOoUP70c5GmLKw/qIYN a3HTpp5gDMTh7ItamOZJ3Gn/iU1XJES3+Dc+wx2wvWNhVriD+yCXPz3IjkWqnAfL V6lbbC0EVYmlu9eQLEhukAOjvGzM7CkVtWHa1TLSpo5b48+oV8laojfCI4rnL0gS UZOPLK6j1wvw7SC4lt6bg+gnnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFElt3+ke NhY+3w7JzvaD6NBY57DBMB8GA1UdIwQYMBaAFGysK3IIhegjgkwZZ+38Nj7IdHaN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUJBMi8xNEZFQzJFQzU3 OTMxMUVDQkEyRkIwNDhDNEY5QUUwMi9iS3dyY2dpRjZDT0NUQmxuN2Z3MlBzaDBk bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JLd3JjZ2lGNkNPQ1RCbG43ZncyUHNoMGRvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUJBMi8xNEZFQzJFQzU3OTMxMUVDQkEyRkIwNDhDNEY5QUUwMi9iS3dyY2dpRjZD T0NUQmxuN2Z3MlBzaDBkbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6Iut8smDZqjrwqHQOb3+Up6yYrlxBgX4YMfLh0lW2gH0ZefmWLn/H dYD9y/Lldxv25hDatKAeKwlyH/gse0ioRiv3UIz8yb4qjQVIN0cElj5gWmKSOKjb TxpdW8ayJgA2jYegMDwz9RJGqRkAAVgbql7mZb/1k7zwL2UG1mLkmmhByPPA+SS+ 11GEiVVCLiRDjjy3NOyuGEFdW6tvF18RkInxgf+5lRQf9WZa3pcM5fpePrC7Ccwq xEEuSjptNkHeyBkGjFtk8sUWbM1NkWGSB0rOF5OCiD+0PoxrzBlCap4QkF73Ry+k 51YtpMB+dCti8nJ4UNNO87A+Zp7wNjGJ -----END CERTIFICATE-----Generated at Sat Aug 23 16:58:16 2025 by rpki-client