$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: on0WeSW8gLSa9VMo0i7GLnUBz+Ztr7q1J+iuesS86h8= Subject key identifier: 4C:B6:66:5E:BD:46:FE:DD:57:DF:F6:2F:B6:37:F9:34:4E:1C:E7:B5 Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 34BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 34BA Signing time: Fri 22 Aug 2025 15:07:28 +0000 Manifest this update: Fri 22 Aug 2025 15:07:27 +0000 Manifest next update: Fri 29 Aug 2025 15:07:27 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: ZiQhULBnP0TD+XttyTQ9go1yS0Rou2Pobv3IuKd2DUc=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13503 (0x34bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Aug 22 15:07:27 2025 GMT Not After : Aug 29 15:07:27 2025 GMT Subject: CN=68a887b0-25f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ab:5c:db:3e:e8:4f:a1:af:f0:a1:c5:c1:8a: 53:91:c1:a9:cb:f1:b6:c0:ef:fe:25:fb:e7:4e:17: 64:58:76:7e:c3:f7:3c:e1:a2:f8:70:af:f4:1c:79: d0:e8:b7:0b:a2:d7:42:0f:86:8f:f9:0e:d4:6c:b2: b0:9d:5f:09:d2:37:a3:5c:67:4b:df:21:1b:ff:e9: 2b:66:25:a6:08:d9:cc:84:33:5a:d5:7d:cc:f0:54: e0:c4:0f:f4:75:25:6e:38:ab:e0:f0:f3:23:8d:03: 61:d7:90:23:49:97:c5:42:fb:2f:7e:00:33:ed:e8: 14:8f:ff:79:9e:2b:4a:3c:4f:94:9d:2c:99:9d:4a: 3c:6e:23:49:77:41:11:1f:25:50:ac:8d:30:c2:84: 93:67:68:b6:fd:6e:78:3a:a2:df:05:8c:50:15:9f: 59:0b:c1:53:ee:ea:16:76:5c:5b:2a:2b:03:a7:1f: 83:83:b3:69:b9:8c:3a:37:fe:e2:ba:81:ea:1c:7e: 7b:55:b1:81:bd:35:c4:0e:80:57:ba:92:2c:4b:98: 10:f6:92:ad:f9:09:32:57:44:11:57:ed:87:4f:23: 23:1a:43:63:e7:f1:7e:61:6c:4c:44:2c:2f:3c:f6: 8d:2c:28:ff:86:2b:3c:a6:1f:a2:92:a0:14:ec:20: cf:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:B6:66:5E:BD:46:FE:DD:57:DF:F6:2F:B6:37:F9:34:4E:1C:E7:B5 X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:9c:1c:c1:97:94:eb:1a:b3:29:4d:a6:25:ad:91:e8:b5:69: db:d7:10:95:5b:58:10:a5:8a:05:e2:f6:7f:f3:eb:0e:50:95: 4a:71:40:c8:0e:25:22:a2:0d:33:89:95:28:4e:c5:81:6c:d2: 69:43:61:03:cc:be:0a:71:b6:06:75:e1:e2:a9:a5:3c:15:42: 63:6c:47:a7:d6:d8:35:9f:0a:39:75:61:5e:62:01:49:b3:ed: ea:9e:92:7e:d7:6d:e1:98:56:a1:99:d4:18:4f:5e:2f:e8:af: 4f:ea:1b:14:5a:a5:9d:ba:91:c2:ac:49:8b:27:24:7c:5f:e0: 19:c5:44:3c:6e:d1:5a:1f:13:f2:ad:9e:ef:21:fe:08:3a:d7: b5:08:15:98:8e:8f:0b:82:3d:f9:49:4e:e6:15:e8:1f:13:a4: 1a:dd:0c:21:7b:df:3e:e8:b4:00:85:44:f0:95:76:81:2e:46: 11:c8:8b:50:19:53:f3:ee:8e:a6:5a:f6:b2:20:20:46:eb:36: b8:85:c5:21:d2:67:68:9b:04:3e:f8:8c:82:1b:55:a9:e1:66: 37:4a:13:5a:9c:3a:05:c9:83:36:b9:79:ee:d9:ef:c2:0a:79: a3:46:8d:42:b6:94:3d:f1:9a:02:18:1d:bb:71:20:e9:41:5f: e0:24:34:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwODIyMTUwNzI3WhcNMjUwODI5MTUwNzI3WjAYMRYwFAYD VQQDEw02OGE4ODdiMC0yNWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtqtc2z7oT6Gv8KHFwYpTkcGpy/G2wO/+JfvnThdkWHZ+w/c84aL4cK/0HHnQ 6LcLotdCD4aP+Q7UbLKwnV8J0jejXGdL3yEb/+krZiWmCNnMhDNa1X3M8FTgxA/0 dSVuOKvg8PMjjQNh15AjSZfFQvsvfgAz7egUj/95nitKPE+UnSyZnUo8biNJd0ER HyVQrI0wwoSTZ2i2/W54OqLfBYxQFZ9ZC8FT7uoWdlxbKisDpx+Dg7NpuYw6N/7i uoHqHH57VbGBvTXEDoBXupIsS5gQ9pKt+QkyV0QRV+2HTyMjGkNj5/F+YWxMRCwv PPaNLCj/his8ph+ikqAU7CDP/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEy2Zl69 Rv7dV9/2L7Y3+TROHOe1MB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCinBzBl5TrGrMpTaYlrZHotWnb1xCVW1gQpYoF4vZ/8+sOUJVKcUDI DiUiog0ziZUoTsWBbNJpQ2EDzL4KcbYGdeHiqaU8FUJjbEen1tg1nwo5dWFeYgFJ s+3qnpJ+123hmFahmdQYT14v6K9P6hsUWqWdupHCrEmLJyR8X+AZxUQ8btFaHxPy rZ7vIf4IOte1CBWYjo8Lgj35SU7mFegfE6Qa3Qwhe98+6LQAhUTwlXaBLkYRyItQ GVPz7o6mWvayICBG6za4hcUh0mdomwQ++IyCG1Wp4WY3ShNanDoFyYM2uXnu2e/C CnmjRo1CtpQ98ZoCGB27cSDpQV/gJDSU -----END CERTIFICATE-----Generated at Sat Aug 23 16:20:42 2025 by rpki-client