$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft File: 30fOzFfqiK65ajhlVgufImC6mQ4.mft (raw, json) Hash identifier: zux1ahiar5KVQBeDzmGn5sFariURiNFpid45K+s7Ewo= Subject key identifier: 88:5C:91:A8:34:D0:C3:EB:BE:8D:A8:31:33:42:71:F9:E7:F5:2A:37 Authority key identifier: DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E Certificate issuer: /CN=A91DBA5B/serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Certificate serial: B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft Manifest number: B1 Signing time: Sat 23 Aug 2025 06:16:42 +0000 Manifest this update: Sat 23 Aug 2025 06:16:42 +0000 Manifest next update: Sat 30 Aug 2025 06:16:42 +0000 Files and hashes: 1: 30fOzFfqiK65ajhlVgufImC6mQ4.crl (hash: 8t/VirXukyqxwRoBGJI/6M7t0BIC5cHqsDGAevlWm90=) 2: 02389B7670E811EFA8DBE571C4F9AE02.roa (hash: AxDsA8rt+K98y/uEnY4JUiHZ0XXqFDNJTlI0IgqxxqQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:16:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 178 (0xb2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Validity Not Before: Aug 23 06:16:42 2025 GMT Not After : Aug 30 06:16:42 2025 GMT Subject: CN=68a95cca-b4e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:7a:12:c4:9f:4c:b9:46:69:08:db:35:7b:c1: 5e:89:9b:fc:d2:2b:98:fe:7d:5a:db:dc:83:64:b4: d3:0a:9a:af:3b:a8:24:89:7f:dd:c3:97:32:4c:fb: f5:03:c1:70:ba:df:ea:b4:c7:c5:80:bd:8f:89:da: 29:ff:87:53:69:00:e9:f7:4d:2a:57:cb:01:c6:e8: b7:f8:cb:06:c0:45:a5:19:63:9b:c3:3a:ad:07:e1: 94:90:64:8f:68:cf:d2:91:8d:a1:32:24:f8:11:66: 06:b9:4d:0c:a7:d3:40:4e:2c:61:37:c3:5b:57:eb: 7e:ef:cb:b1:03:33:97:d6:a9:27:dd:5f:d1:b2:30: 13:ee:78:0d:1f:fc:5f:46:44:f2:0a:a3:2e:0f:e4: e6:15:65:c6:32:15:8d:fb:ae:a5:d6:00:19:22:91: 6e:fd:b3:4c:8a:c5:4b:c7:42:f8:ea:e7:f4:13:79: 9f:5b:42:fa:00:36:48:7b:98:c5:7a:df:e2:68:5e: 44:1a:dc:22:14:cc:1d:6a:d1:b3:11:d9:08:94:67: 94:84:1a:19:e5:92:e9:7d:44:b8:b9:97:d4:cf:73: 9c:d5:4e:d5:28:a9:fe:69:e9:88:52:1d:ba:99:b5: 5c:fb:f5:02:cb:f1:64:7f:c7:e9:48:b9:ee:4e:05: ad:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:5C:91:A8:34:D0:C3:EB:BE:8D:A8:31:33:42:71:F9:E7:F5:2A:37 X509v3 Authority Key Identifier: keyid:DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:17:b1:26:27:8d:9e:4f:9a:2f:03:bf:85:e8:43:e6:a1:8c: 30:b7:79:59:34:22:94:8b:f0:ef:60:54:75:1e:36:29:54:5d: 53:fb:ca:9d:64:c6:f3:24:7b:68:7b:4c:15:df:e8:17:d5:a5: ae:8d:7a:83:97:8b:f7:73:c4:b1:e7:82:3b:31:09:14:f6:1c: a8:9e:e5:32:44:3d:74:10:1d:72:bc:98:c3:21:d8:14:0e:d2: a1:67:73:eb:9a:59:00:1c:f3:63:8e:49:62:0c:52:4e:08:70: 4b:0e:5f:da:a3:5c:79:70:2c:8e:f6:f9:88:6c:ab:18:a8:50: db:ed:ef:1c:b8:9d:4c:65:08:09:ab:c6:8e:c6:b7:f1:17:52: f5:52:10:1e:df:65:1c:d9:28:47:28:75:11:95:0c:5b:10:89: d0:7d:d0:04:8d:45:ef:b2:02:72:5d:6e:bb:93:f6:ae:33:39: 8d:86:79:7d:0c:d8:15:10:17:7b:77:5a:a0:1b:dc:7e:48:e9: 51:f5:7f:1c:68:55:6f:9e:99:29:19:b1:ca:cb:41:e6:82:51: 03:05:f8:14:77:40:30:b8:14:e0:0f:b2:4a:39:4f:56:da:2b: 00:fd:ac:6e:06:11:ba:0c:95:a2:76:fd:27:6d:13:b4:42:8b: 77:89:2a:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKERGNDdDRUNDNTdFQTg4QUVCOTZBMzg2NTU2MEI5RjIy NjBCQTk5MEUwHhcNMjUwODIzMDYxNjQyWhcNMjUwODMwMDYxNjQyWjAYMRYwFAYD VQQDEw02OGE5NWNjYS1iNGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAynoSxJ9MuUZpCNs1e8FeiZv80iuY/n1a29yDZLTTCpqvO6gkiX/dw5cyTPv1 A8Fwut/qtMfFgL2Pidop/4dTaQDp900qV8sBxui3+MsGwEWlGWObwzqtB+GUkGSP aM/SkY2hMiT4EWYGuU0Mp9NATixhN8NbV+t+78uxAzOX1qkn3V/RsjAT7ngNH/xf RkTyCqMuD+TmFWXGMhWN+66l1gAZIpFu/bNMisVLx0L46uf0E3mfW0L6ADZIe5jF et/iaF5EGtwiFMwdatGzEdkIlGeUhBoZ5ZLpfUS4uZfUz3Oc1U7VKKn+aemIUh26 mbVc+/UCy/Fkf8fpSLnuTgWtkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhckag0 0MPrvo2oMTNCcfnn9So3MB8GA1UdIwQYMBaAFN9HzsxX6oiuuWo4ZVYLnyJgupkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi81ODAwNEFBQTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlLNjVhamhsVmd1ZkltQzZt UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMwZk96RmZxaUs2NWFqaGxWZ3VmSW1DNm1RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi81ODAwNEFBQTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlL NjVhamhsVmd1ZkltQzZtUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYF7EmJ42eT5ovA7+F6EPmoYwwt3lZNCKUi/DvYFR1HjYpVF1T+8qd ZMbzJHtoe0wV3+gX1aWujXqDl4v3c8Sx54I7MQkU9hyonuUyRD10EB1yvJjDIdgU DtKhZ3PrmlkAHPNjjkliDFJOCHBLDl/ao1x5cCyO9vmIbKsYqFDb7e8cuJ1MZQgJ q8aOxrfxF1L1UhAe32Uc2ShHKHURlQxbEInQfdAEjUXvsgJyXW67k/auMzmNhnl9 DNgVEBd7d1qgG9x+SOlR9X8caFVvnpkpGbHKy0HmglEDBfgUd0AwuBTgD7JKOU9W 2isA/axuBhG6DJWidv0nbRO0Qot3iSoG -----END CERTIFICATE-----Generated at Sat Aug 23 17:09:45 2025 by rpki-client