$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft File: 4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft (raw, json) Hash identifier: kV/1hi+At43nuQxncfarAskHrmhKOqON4aI+xluMZB4= Subject key identifier: 64:7C:97:8D:42:B0:BB:9C:D9:DC:7B:90:14:78:A7:65:B2:0B:9B:E3 Authority key identifier: E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C Certificate issuer: /CN=A91E1604/serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft Manifest number: D5 Signing time: Sat 23 Aug 2025 05:45:58 +0000 Manifest this update: Sat 23 Aug 2025 05:45:57 +0000 Manifest next update: Sat 30 Aug 2025 05:45:57 +0000 Files and hashes: 1: 4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl (hash: bsxzGugUVAmdRCr8cd8ZOi4AMF/Iz4GlPFdzdy4zGMM=) 2: 0B725F44496D11EF9F7F2116C4F9AE02.roa (hash: SsTEks9DzvfjnZoXdnmZIWjNSHqbFmVLR2wVP5eTyr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:45:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E1604, serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C Validity Not Before: Aug 23 05:45:57 2025 GMT Not After : Aug 30 05:45:57 2025 GMT Subject: CN=68a95595-bdc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4f:08:80:09:6f:71:88:94:9e:a2:d7:ab:59: 06:1b:e8:da:01:0d:a1:96:56:7f:40:c1:aa:0a:fc: 61:ab:31:b5:85:f9:ae:5a:63:bc:4e:a9:b8:68:e3: ad:16:33:fc:16:6e:7e:dd:e2:6e:00:51:82:77:13: a5:12:31:16:11:f4:6a:72:58:08:d1:9b:8c:12:60: 4a:76:40:fe:08:80:52:c9:15:9f:4e:fa:6c:31:11: d0:04:1d:62:68:f2:78:e8:04:63:64:51:40:66:d7: 08:d1:ec:a7:3c:0d:94:20:14:4a:e7:97:e5:c8:7e: d6:27:cb:5f:3f:e7:7a:2f:57:ba:eb:e5:71:19:83: 90:15:68:31:c0:e8:d6:b8:c3:56:4b:5d:eb:1c:38: 1f:6b:bd:79:b0:a4:df:e3:f9:d5:00:1e:82:0f:80: 81:4f:18:c7:54:0a:6b:87:5b:ca:09:9b:a2:28:53: e2:91:0d:0b:fc:9e:4a:fc:b5:42:d2:da:81:66:ad: 06:1e:4e:68:ec:19:fc:7e:33:5f:31:b9:42:7c:d4: 17:a4:a3:d7:5e:9e:5c:97:1f:fe:28:ea:c6:4a:73: 99:3a:2f:b6:76:9d:00:ab:4f:ff:6d:03:a4:4e:48: ce:a1:7c:13:19:1e:78:27:bb:25:86:70:ad:e6:c1: fa:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:7C:97:8D:42:B0:BB:9C:D9:DC:7B:90:14:78:A7:65:B2:0B:9B:E3 X509v3 Authority Key Identifier: keyid:E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:dc:38:bb:c2:8c:43:d8:76:78:e3:c0:d6:6f:3a:f1:bf:0a: 57:91:be:6f:f2:d7:48:70:c9:df:93:91:2c:b1:31:d3:9e:17: 0a:76:e7:8e:d9:d7:2c:42:8a:9d:1b:2a:9d:ba:6c:17:e5:27: 66:88:64:8f:bf:75:e3:bd:fa:d1:7d:19:83:63:bb:c0:c1:c8: da:4a:ae:bc:93:07:fd:f0:e3:f3:97:d0:e0:5d:8c:9c:92:2b: 2f:70:6f:90:60:8d:cd:df:91:74:f2:61:67:7c:ba:27:5a:71: bd:19:d2:ca:8a:c5:16:ac:6b:43:93:06:05:a6:34:29:83:1b: ef:17:89:6e:bb:fd:62:53:3e:b7:c7:b2:23:e0:63:df:33:a5: ab:85:2c:e2:da:0a:3a:57:ab:c1:3a:b1:de:77:72:b1:72:02: ea:b0:c5:41:5f:2e:af:fd:b7:11:5a:cd:b1:de:81:ed:f5:dd: 92:36:43:2a:52:4d:fc:f8:3b:0f:2d:a6:1a:3f:1a:38:3d:61: cd:ac:2f:74:89:ef:22:6b:9a:7d:3b:c7:ae:d9:e2:a1:e0:1f: ec:7e:77:1e:f8:e9:61:32:aa:f5:89:f4:55:a8:4e:db:ee:17: 48:d5:d1:4c:9e:68:76:49:ee:37:a3:8e:03:8d:f9:12:3f:99: 4b:aa:e2:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTE2MDQxMTAvBgNVBAUTKEUyRjE3NzM3Qjg0QzFGNjc4NjlDMDNBNDdGOEM0MTlG RDQyMDAxNkMwHhcNMjUwODIzMDU0NTU3WhcNMjUwODMwMDU0NTU3WjAYMRYwFAYD VQQDEw02OGE5NTU5NS1iZGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwk8IgAlvcYiUnqLXq1kGG+jaAQ2hllZ/QMGqCvxhqzG1hfmuWmO8Tqm4aOOt FjP8Fm5+3eJuAFGCdxOlEjEWEfRqclgI0ZuMEmBKdkD+CIBSyRWfTvpsMRHQBB1i aPJ46ARjZFFAZtcI0eynPA2UIBRK55flyH7WJ8tfP+d6L1e66+VxGYOQFWgxwOjW uMNWS13rHDgfa715sKTf4/nVAB6CD4CBTxjHVAprh1vKCZuiKFPikQ0L/J5K/LVC 0tqBZq0GHk5o7Bn8fjNfMblCfNQXpKPXXp5clx/+KOrGSnOZOi+2dp0Aq0//bQOk TkjOoXwTGR54J7slhnCt5sH6SQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGR8l41C sLuc2dx7kBR4p2WyC5vjMB8GA1UdIwQYMBaAFOLxdze4TB9nhpwDpH+MQZ/UIAFs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTYwNC8xMjBDMkM3NDND RUIxMUVGOTRFMjRGNTlDNEY5QUUwMi80dkYzTjdoTUgyZUduQU9rZjR4Qm45UWdB V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2RjNON2hNSDJlR25BT2tmNHhCbjlRZ0FXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MTYwNC8xMjBDMkM3NDNDRUIxMUVGOTRFMjRGNTlDNEY5QUUwMi80dkYzTjdoTUgy ZUduQU9rZjR4Qm45UWdBV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA73Di7woxD2HZ448DWbzrxvwpXkb5v8tdIcMnfk5EssTHTnhcKdueO 2dcsQoqdGyqdumwX5SdmiGSPv3XjvfrRfRmDY7vAwcjaSq68kwf98OPzl9DgXYyc kisvcG+QYI3N35F08mFnfLonWnG9GdLKisUWrGtDkwYFpjQpgxvvF4luu/1iUz63 x7Ij4GPfM6WrhSzi2go6V6vBOrHed3KxcgLqsMVBXy6v/bcRWs2x3oHt9d2SNkMq Uk38+DsPLaYaPxo4PWHNrC90ie8ia5p9O8eu2eKh4B/sfnce+OlhMqr1ifRVqE7b 7hdI1dFMnmh2Se43o44DjfkSP5lLquLQ -----END CERTIFICATE-----Generated at Sat Aug 23 21:34:27 2025 by rpki-client