$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.mft File: S0Nd1JrBEcPde6D08IaF8hZRWFk.mft (raw, json) Hash identifier: 7UUPMSvkk0JM6JObduhAq9B595Qb82+PQtpbCQUtCBY= Subject key identifier: 98:A8:EC:95:5C:F4:14:5C:D0:02:0A:4B:31:9F:19:C6:4D:22:A6:C6 Authority key identifier: 4B:43:5D:D4:9A:C1:11:C3:DD:7B:A0:F4:F0:86:85:F2:16:51:58:59 Certificate issuer: /CN=A91DC33B/serialNumber=4B435DD49AC111C3DD7BA0F4F08685F216515859 Certificate serial: 169D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0Nd1JrBEcPde6D08IaF8hZRWFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.mft Manifest number: 16A2 Signing time: Fri 22 Aug 2025 16:47:46 +0000 Manifest this update: Fri 22 Aug 2025 16:47:45 +0000 Manifest next update: Fri 29 Aug 2025 16:47:45 +0000 Files and hashes: 1: S0Nd1JrBEcPde6D08IaF8hZRWFk.crl (hash: CNWammSltdZByYKMNS9JEL1kd9+0ANCAgHq4d4U2Lms=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.crl rsync://rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0Nd1JrBEcPde6D08IaF8hZRWFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:47:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5789 (0x169d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC33B, serialNumber=4B435DD49AC111C3DD7BA0F4F08685F216515859 Validity Not Before: Aug 22 16:47:45 2025 GMT Not After : Aug 29 16:47:45 2025 GMT Subject: CN=68a89f32-96cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e6:8c:6f:db:d4:c9:b8:45:6a:29:c1:a7:fe: 30:5d:fa:67:2b:d1:18:c1:d0:eb:a1:d4:f9:d8:29: e7:f7:bf:a3:db:bf:3a:15:fa:a5:d2:d3:ec:02:65: ce:1f:a6:d3:52:04:df:48:db:4b:33:66:9e:66:a6: bf:a2:bd:c8:d3:dc:a4:10:dd:40:5b:d6:3b:47:03: d3:aa:d2:6a:50:0f:c9:96:f3:c0:7d:e7:b6:20:58: 19:28:7b:ce:14:0f:be:0e:e8:e1:e3:0b:13:39:d9: 25:83:e7:8d:c9:75:d4:3b:07:8b:4c:dd:0c:b4:02: d6:65:6e:90:a5:6d:56:e2:48:41:b6:5d:26:9a:6f: 73:88:04:31:d5:d7:05:33:df:70:72:eb:63:58:8b: b2:f9:07:4c:2d:4a:1f:21:d4:7b:6f:18:d5:47:c9: 2a:a3:25:9c:e9:4c:9a:a2:12:c9:a0:62:04:85:43: ec:5f:80:0d:5b:7f:3b:ba:8d:2a:c9:6f:69:5e:3b: bd:ba:6d:24:db:ac:17:56:1f:13:cb:b7:74:e8:b0: e5:48:6e:5c:f4:d0:cd:2f:8a:81:ad:49:a8:20:9b: 45:ff:3e:c3:d6:44:8b:99:34:69:a5:18:20:0c:cb: aa:d6:0c:39:d0:e2:3f:cf:53:e7:9d:94:f0:95:e8: c5:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:A8:EC:95:5C:F4:14:5C:D0:02:0A:4B:31:9F:19:C6:4D:22:A6:C6 X509v3 Authority Key Identifier: keyid:4B:43:5D:D4:9A:C1:11:C3:DD:7B:A0:F4:F0:86:85:F2:16:51:58:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S0Nd1JrBEcPde6D08IaF8hZRWFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC33B/B4C9FE9206F511E89618F42FC4F9AE02/S0Nd1JrBEcPde6D08IaF8hZRWFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:fe:00:3f:bf:ab:b5:d7:08:af:5f:94:20:88:d1:07:12:4e: 3a:5f:09:71:c2:2b:c2:79:9a:65:66:1d:25:ff:ca:de:b2:c9: f3:04:d5:e5:83:27:db:bc:e8:82:80:87:9a:f9:62:07:43:8c: a2:01:5a:51:f6:87:7b:06:e8:e1:24:a0:3a:a2:ad:81:42:38: bf:08:e1:69:ad:cd:bb:76:a7:96:ec:15:d9:19:16:83:3b:54: 40:ec:38:bc:de:39:01:5d:06:1a:be:0f:09:a0:5b:0a:1e:9e: 3f:e6:db:b0:01:cd:c3:fe:18:22:1f:95:19:86:ef:1d:61:32: 3f:7d:58:9f:45:18:8e:20:f5:db:57:35:78:25:54:72:50:41: b6:1e:70:b0:a9:b5:17:6d:be:bd:32:12:01:68:52:0b:b4:4d: e2:2c:ed:04:ea:18:a9:27:43:6e:29:b1:f8:c5:3a:65:dc:9b: 38:9a:82:a0:6a:be:81:6b:1d:ba:b4:5c:3e:60:f6:3a:61:c2: 59:b5:b3:0f:20:18:95:dc:4d:9e:1b:40:c7:e1:df:11:28:f0: 47:cb:d9:2c:78:62:77:a2:57:57:e6:53:1c:ca:84:c3:06:0b: 35:a9:66:36:ec:b8:d8:b7:0c:9b:40:3a:bb:8f:11:4d:73:ed: b9:e4:ee:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMzM0IxMTAvBgNVBAUTKDRCNDM1REQ0OUFDMTExQzNERDdCQTBGNEYwODY4NUYy MTY1MTU4NTkwHhcNMjUwODIyMTY0NzQ1WhcNMjUwODI5MTY0NzQ1WjAYMRYwFAYD VQQDEw02OGE4OWYzMi05NmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuuaMb9vUybhFainBp/4wXfpnK9EYwdDrodT52Cnn97+j2786Ffql0tPsAmXO H6bTUgTfSNtLM2aeZqa/or3I09ykEN1AW9Y7RwPTqtJqUA/JlvPAfee2IFgZKHvO FA++Dujh4wsTOdklg+eNyXXUOweLTN0MtALWZW6QpW1W4khBtl0mmm9ziAQx1dcF M99wcutjWIuy+QdMLUofIdR7bxjVR8kqoyWc6UyaohLJoGIEhUPsX4ANW387uo0q yW9pXju9um0k26wXVh8Ty7d06LDlSG5c9NDNL4qBrUmoIJtF/z7D1kSLmTRppRgg DMuq1gw50OI/z1PnnZTwlejFdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJio7JVc 9BRc0AIKSzGfGcZNIqbGMB8GA1UdIwQYMBaAFEtDXdSawRHD3Xug9PCGhfIWUVhZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzMzQi9CNEM5RkU5MjA2 RjUxMUU4OTYxOEY0MkZDNEY5QUUwMi9TME5kMUpyQkVjUGRlNkQwOElhRjhoWlJX RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MwTmQxSnJCRWNQZGU2RDA4SWFGOGhaUldGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzMzQi9CNEM5RkU5MjA2RjUxMUU4OTYxOEY0MkZDNEY5QUUwMi9TME5kMUpyQkVj UGRlNkQwOElhRjhoWlJXRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCB/gA/v6u11wivX5QgiNEHEk46XwlxwivCeZplZh0l/8ressnzBNXl gyfbvOiCgIea+WIHQ4yiAVpR9od7BujhJKA6oq2BQji/COFprc27dqeW7BXZGRaD O1RA7Di83jkBXQYavg8JoFsKHp4/5tuwAc3D/hgiH5UZhu8dYTI/fVifRRiOIPXb VzV4JVRyUEG2HnCwqbUXbb69MhIBaFILtE3iLO0E6hipJ0NuKbH4xTpl3Js4moKg ar6Bax26tFw+YPY6YcJZtbMPIBiV3E2eG0DH4d8RKPBHy9kseGJ3oldX5lMcyoTD Bgs1qWY27LjYtwybQDq7jxFNc+255O7q -----END CERTIFICATE-----Generated at Sat Aug 23 15:05:27 2025 by rpki-client