$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: 6wHgs7b0nTOW4hJ+rmzK/sYNP+P4SO4A6AC7tu04vgc= Subject key identifier: 0A:F3:97:57:E7:4E:B1:9E:A6:99:9C:7C:FD:6B:A1:3E:F0:0D:42:F7 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 02E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 02DB Signing time: Sat 23 Aug 2025 01:34:23 +0000 Manifest this update: Sat 23 Aug 2025 01:34:23 +0000 Manifest next update: Sat 30 Aug 2025 01:34:23 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: 0URpO4+cnF3pZ59EFYUoim5Bc1koZkQJZTfeAxopl6c=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: iVRqxqRDbn6K8sleGw8ykyX5wSW8dSg7Li1MPpVmJsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:34:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 737 (0x2e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2, serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: Aug 23 01:34:23 2025 GMT Not After : Aug 30 01:34:23 2025 GMT Subject: CN=68a91a9f-dfda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b6:26:de:2f:9c:e6:b5:5f:db:e4:c9:96:3d: b2:75:0e:24:62:93:80:bc:80:57:3b:af:e4:d4:7b: 5a:be:00:e0:ec:6c:33:fa:3e:07:83:be:5f:f7:b7: 21:8c:94:41:cf:1a:74:ca:05:67:2e:a6:33:c0:94: 0f:5c:6b:dc:b1:82:ec:c4:03:68:41:98:99:d1:5d: 05:7c:b6:07:df:c6:3a:f4:71:4f:b1:e6:22:46:69: b2:c5:37:bc:34:7d:a4:ae:b1:ff:75:cd:23:c0:4b: 5e:2b:ce:74:81:e8:fb:33:32:c5:60:88:03:bd:c6: be:28:4a:72:d7:03:33:d2:3f:f2:58:5f:c6:00:83: 4f:4b:01:a2:a2:ef:91:26:68:ea:d5:1e:82:53:8d: f7:30:ff:d0:7e:a6:7f:b0:18:db:49:e7:8a:83:b1: 3d:9c:38:4d:22:d6:41:aa:92:1b:7f:5d:32:3c:7f: 19:9b:cc:25:b1:47:4e:34:d6:e9:97:26:b2:a7:6a: 36:aa:a7:82:c3:e9:25:c0:07:dc:ad:f1:57:f9:59: 5d:96:69:09:f2:e0:55:7b:06:ee:0f:9c:53:b4:02: 25:89:0f:99:2e:8f:02:fe:19:b9:bc:0e:fc:49:d7: 7f:1b:9f:ea:00:fc:86:96:cd:9f:63:21:d8:df:12: aa:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:F3:97:57:E7:4E:B1:9E:A6:99:9C:7C:FD:6B:A1:3E:F0:0D:42:F7 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:55:c3:a0:11:23:7b:60:ee:93:62:0d:6c:16:fd:c6:98:bc: 92:cb:01:cc:64:2b:8e:90:f3:53:e9:49:8b:52:f3:48:e5:fd: 08:a3:08:d3:74:46:4d:b6:37:54:3f:03:dd:0d:0d:46:fc:3e: 4d:11:7d:6e:92:31:55:97:3d:fa:8e:53:29:56:38:48:81:11: 59:bc:38:8f:9a:df:5d:79:b1:80:7d:32:4e:72:9f:10:48:ba: 7f:b6:e4:73:6f:23:19:ae:3c:c5:02:8f:52:8d:97:b1:33:95: a7:48:a7:fc:86:df:a0:df:a3:50:39:28:9f:39:d4:e0:8d:d9: 89:eb:82:be:5f:0f:b3:ff:00:f2:85:5b:95:30:30:43:35:00: 32:0d:e4:0d:02:dd:3c:f6:f0:d1:90:8f:3e:63:0b:7e:55:7c: 54:09:13:77:09:c6:fb:5c:d7:c8:b1:b5:a5:79:8c:11:a3:0a: 11:b6:33:71:fd:86:a0:74:14:f0:12:20:15:09:da:31:f8:f0: 8f:fa:2f:68:b8:66:57:27:3d:38:1d:7b:1a:3d:a1:58:51:84: 7f:7c:ac:45:36:f0:37:62:16:b8:c4:9f:e3:94:71:94:1b:07: c8:08:53:2e:8c:b3:ab:2b:2a:be:3b:c0:31:10:0e:dc:ab:6e: 1f:87:f4:fd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAuEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjUwODIzMDEzNDIzWhcNMjUwODMwMDEzNDIzWjAYMRYwFAYD VQQDEw02OGE5MWE5Zi1kZmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzLYm3i+c5rVf2+TJlj2ydQ4kYpOAvIBXO6/k1HtavgDg7Gwz+j4Hg75f97ch jJRBzxp0ygVnLqYzwJQPXGvcsYLsxANoQZiZ0V0FfLYH38Y69HFPseYiRmmyxTe8 NH2krrH/dc0jwEteK850gej7MzLFYIgDvca+KEpy1wMz0j/yWF/GAINPSwGiou+R Jmjq1R6CU433MP/QfqZ/sBjbSeeKg7E9nDhNItZBqpIbf10yPH8Zm8wlsUdONNbp lyayp2o2qqeCw+klwAfcrfFX+VldlmkJ8uBVewbuD5xTtAIliQ+ZLo8C/hm5vA78 Sdd/G5/qAPyGls2fYyHY3xKq9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArzl1fn TrGeppmcfP1roT7wDUL3MB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJVcOgESN7YO6TYg1sFv3GmLySywHMZCuOkPNT6UmLUvNI5f0IowjT dEZNtjdUPwPdDQ1G/D5NEX1ukjFVlz36jlMpVjhIgRFZvDiPmt9debGAfTJOcp8Q SLp/tuRzbyMZrjzFAo9SjZexM5WnSKf8ht+g36NQOSifOdTgjdmJ64K+Xw+z/wDy hVuVMDBDNQAyDeQNAt089vDRkI8+Ywt+VXxUCRN3Ccb7XNfIsbWleYwRowoRtjNx /YagdBTwEiAVCdox+PCP+i9ouGZXJz04HXsaPaFYUYR/fKxFNvA3Yha4xJ/jlHGU GwfICFMujLOrKyq+O8AxEA7cq24fh/T9 -----END CERTIFICATE-----Generated at Sun Aug 24 05:02:16 2025 by rpki-client