$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft File: IAAAWsWhdEBL07_CmUMyPpYGJbk.mft (raw, json) Hash identifier: /PojQedNPjV/ITQ7EzlzlVediuHYpg/u5p0hV5+8K4U= Subject key identifier: C2:10:46:71:2F:E6:9A:12:F9:F2:20:C5:29:F7:F3:F9:3B:36:44:04 Authority key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 Certificate issuer: /CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Certificate serial: 0378 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft Manifest number: 036F Signing time: Sat 23 Aug 2025 01:09:51 +0000 Manifest this update: Sat 23 Aug 2025 01:09:50 +0000 Manifest next update: Sat 30 Aug 2025 01:09:50 +0000 Files and hashes: 1: IAAAWsWhdEBL07_CmUMyPpYGJbk.crl (hash: /U0MOiJVryJuv7TQIvxZ1q/6bQUhXA2CI4JXcntdWxY=) 2: 09E46A74C07F11ECB0707F18C4F9AE02.roa (hash: eJqOfUXf9pyBvXqljah+FkA7bab4t5X+jzwwp1GzOds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:09:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 888 (0x378) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA590, serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Validity Not Before: Aug 23 01:09:50 2025 GMT Not After : Aug 30 01:09:50 2025 GMT Subject: CN=68a914df-2160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:41:40:59:17:63:b0:fa:d8:2a:46:8b:43:61: f1:cb:66:b0:b2:44:1b:3a:10:14:96:95:0f:d0:9c: 7b:8f:ae:a4:3f:3e:d2:55:6e:40:73:1e:0e:5c:cc: 2b:30:e0:f2:fd:36:ee:03:6a:46:89:3b:c2:0a:3c: a5:d3:53:68:7a:62:c7:c3:d9:37:60:05:87:2f:b3: 83:3b:f0:0c:5c:99:0d:ce:a9:60:ed:14:51:9b:93: f9:0e:a2:75:c4:2a:b7:6f:f4:67:3f:4c:c6:87:ac: ea:b9:4f:14:f2:b3:56:a8:fc:8c:96:4b:b1:9e:1b: c4:60:d1:82:89:ed:f5:ef:4d:de:0c:49:6b:3d:65: 29:b5:01:04:06:d6:6d:86:e3:17:da:35:d4:14:8e: f5:d8:32:88:ee:1f:68:14:d2:5d:45:db:5f:ef:74: ab:86:f2:ec:de:a7:51:0b:1f:a3:ac:41:49:3e:07: 56:5d:7b:1f:0e:8f:fc:4b:03:00:65:f1:1a:c2:41: 90:f6:68:90:e6:c6:81:d8:e8:33:79:fb:5e:86:27: 3a:88:84:6a:1c:09:63:b5:74:e1:79:eb:e9:77:c0: 5b:c5:96:fd:c0:64:a2:c2:66:13:01:06:24:c3:45: 5b:4a:9e:8f:8a:84:25:7d:33:34:7e:b2:e7:16:40: dc:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:10:46:71:2F:E6:9A:12:F9:F2:20:C5:29:F7:F3:F9:3B:36:44:04 X509v3 Authority Key Identifier: keyid:20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:05:53:63:c1:00:c9:a3:d5:71:53:2b:54:af:e6:23:f1:e2: 4c:14:d1:f0:46:22:76:16:6e:c5:d6:98:13:39:05:f1:0d:1f: 7e:3c:5b:50:db:72:7b:1c:5f:1d:a8:c6:c6:38:61:38:45:4f: 5f:3d:e1:6c:bf:7a:be:61:40:f4:2b:3f:28:23:5d:84:f9:51: d8:4c:f8:45:4d:d7:72:8f:90:ce:cb:01:fe:7e:95:12:4f:be: d3:e9:6f:29:25:ba:8f:c7:63:48:50:fa:d1:a1:6c:5c:de:61: 1f:a4:91:31:df:ae:ad:85:c9:17:c4:4c:ea:ba:79:06:73:2b: af:9d:8a:42:c2:ce:98:33:29:1e:5e:31:de:b4:92:16:ca:a0: df:26:60:23:62:38:f3:89:f3:c5:6f:55:2f:43:b3:16:3b:8b: 1a:83:e5:d1:5a:30:18:a1:f6:15:e5:5e:99:63:4e:2d:86:33: 62:57:2f:8b:d6:fb:02:8d:90:10:f8:37:f3:0b:0b:86:9a:a5: 8e:62:1e:a2:a6:f3:4c:66:38:4e:92:cf:ea:43:eb:4c:a0:b7: 51:1d:ac:3e:7e:79:e7:ec:40:78:d6:80:86:c8:92:db:3b:6c: f9:2e:37:d8:80:7c:e6:aa:89:ab:e1:83:c2:96:46:b9:8d:85: bf:c9:5b:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZDMjk5NDMzMjNF OTYwNjI1QjkwHhcNMjUwODIzMDEwOTUwWhcNMjUwODMwMDEwOTUwWjAYMRYwFAYD VQQDEw02OGE5MTRkZi0yMTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0EFAWRdjsPrYKkaLQ2Hxy2awskQbOhAUlpUP0Jx7j66kPz7SVW5Acx4OXMwr MODy/TbuA2pGiTvCCjyl01NoemLHw9k3YAWHL7ODO/AMXJkNzqlg7RRRm5P5DqJ1 xCq3b/RnP0zGh6zquU8U8rNWqPyMlkuxnhvEYNGCie31703eDElrPWUptQEEBtZt huMX2jXUFI712DKI7h9oFNJdRdtf73SrhvLs3qdRCx+jrEFJPgdWXXsfDo/8SwMA ZfEawkGQ9miQ5saB2Ogzeftehic6iIRqHAljtXTheevpd8BbxZb9wGSiwmYTAQYk w0VbSp6PioQlfTM0frLnFkDcuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMIQRnEv 5poS+fIgxSn38/k7NkQEMB8GA1UdIwQYMBaAFCAAAFrFoXRAS9O/wplDMj6WBiW5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5MC85NTEwRTg2QUMw N0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRFQkwwN19DbVVNeVBwWUdK YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lBQUFXc1doZEVCTDA3X0NtVU15UHBZR0piay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRF QkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyBVNjwQDJo9VxUytUr+Yj8eJMFNHwRiJ2Fm7F1pgTOQXxDR9+PFtQ 23J7HF8dqMbGOGE4RU9fPeFsv3q+YUD0Kz8oI12E+VHYTPhFTddyj5DOywH+fpUS T77T6W8pJbqPx2NIUPrRoWxc3mEfpJEx366thckXxEzqunkGcyuvnYpCws6YMyke XjHetJIWyqDfJmAjYjjzifPFb1UvQ7MWO4sag+XRWjAYofYV5V6ZY04thjNiVy+L 1vsCjZAQ+DfzCwuGmqWOYh6ipvNMZjhOks/qQ+tMoLdRHaw+fnnn7EB41oCGyJLb O2z5LjfYgHzmqomr4YPClka5jYW/yVuv -----END CERTIFICATE-----Generated at Sat Aug 23 17:20:36 2025 by rpki-client