$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft File: XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft (raw, json) Hash identifier: +pk6LwM76KYhuZqCwe1mhxuRLEy7jU+V+wJcKsgjE2w= Subject key identifier: BE:03:52:EB:58:BB:0E:47:56:B7:DA:5C:09:BC:3A:96:01:FF:BA:F7 Authority key identifier: 5D:CA:45:28:B9:E4:0C:88:E4:67:A4:3F:DC:12:B7:8F:2B:35:45:E3 Certificate issuer: /CN=A91E4BD2/serialNumber=5DCA4528B9E40C88E467A43FDC12B78F2B3545E3 Certificate serial: 0927 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft Manifest number: 0920 Signing time: Fri 22 Aug 2025 20:23:47 +0000 Manifest this update: Fri 22 Aug 2025 20:23:47 +0000 Manifest next update: Fri 29 Aug 2025 20:23:47 +0000 Files and hashes: 1: XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl (hash: JOHhCdOIvOj7UJkdHA87SvoZvC57tslpms8LnO0fd0E=) 2: A862F866AA3111EA9E08C324C4F9AE02.roa (hash: OW41bUAPIGMrqZxgUYQ1U1pF1P2hht2Fk6aRcB2b9ic=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2343 (0x927) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4BD2, serialNumber=5DCA4528B9E40C88E467A43FDC12B78F2B3545E3 Validity Not Before: Aug 22 20:23:47 2025 GMT Not After : Aug 29 20:23:47 2025 GMT Subject: CN=68a8d1d3-1e25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:72:fe:d1:aa:32:37:67:3e:27:38:7e:aa:93: 8b:7d:bb:b4:ea:1f:9e:15:64:48:aa:38:a4:d0:90: 2a:f2:1c:96:f2:87:75:65:39:e4:23:3e:2c:63:7b: 46:13:3f:27:51:42:a2:8b:b6:b8:99:a3:35:17:87: 05:13:8c:83:6a:d9:18:07:85:05:75:33:8f:72:fa: 50:59:54:18:d3:cc:91:d6:32:48:df:c1:5b:2d:ca: 85:ea:46:c3:cc:a6:40:00:7d:d0:07:39:c9:95:7d: 68:8c:82:72:74:bb:b0:60:30:c6:e2:e7:13:1d:e8: d0:52:2e:59:0e:62:76:56:98:32:ac:a7:57:8c:27: 10:44:ca:45:19:cc:55:48:25:99:4a:eb:61:80:d1: d8:07:ce:9a:55:2a:6f:e1:8f:e7:7a:d6:51:7d:89: a5:3f:37:e0:0b:0d:73:5a:86:83:c2:5d:35:88:85: 68:e0:c4:6c:36:ff:dc:46:ea:ed:f5:b8:81:87:1f: 70:cf:63:91:07:d3:12:84:f5:72:d3:9d:0a:f4:16: b7:71:ab:8b:70:01:fa:5b:93:35:a8:d6:71:df:8f: 90:95:ef:fc:5c:61:76:3f:9e:5b:e4:2b:3b:2b:34: e4:1c:d5:eb:79:b5:f1:28:f4:c2:a5:ec:60:13:51: 43:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:03:52:EB:58:BB:0E:47:56:B7:DA:5C:09:BC:3A:96:01:FF:BA:F7 X509v3 Authority Key Identifier: keyid:5D:CA:45:28:B9:E4:0C:88:E4:67:A4:3F:DC:12:B7:8F:2B:35:45:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4BD2/F40B116AAA2F11EA9C29591EC4F9AE02/XcpFKLnkDIjkZ6Q_3BK3jys1ReM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:cd:e9:f2:aa:6a:b7:c2:96:14:11:26:72:40:16:0b:07:b7: e2:22:6a:71:d3:fc:0a:70:02:26:5f:8f:f2:a7:da:07:51:1c: 85:ea:35:f3:7f:83:50:ee:52:85:70:ac:a0:38:61:2f:e8:3a: 93:ea:8c:f5:eb:30:3c:0e:42:70:1b:c2:f9:b6:12:bc:3a:e3: df:73:7f:7e:fa:e1:ea:17:52:ed:b6:69:9d:2d:d6:dd:86:30: 25:e2:41:31:f0:0e:f4:2f:7b:3b:ec:5d:c1:c8:df:25:40:a8: 02:a6:00:64:e0:5b:b0:92:0e:b6:3d:83:e9:22:2b:fc:ff:3c: 38:6d:40:98:77:08:f5:f8:b3:20:4f:7d:14:f2:71:8e:8c:fc: f6:34:3e:8e:8e:84:14:ff:61:d1:72:3a:17:52:3b:2a:d4:28: 03:8a:5d:14:68:42:b4:04:a3:bb:0d:0e:d5:ac:bf:79:0d:dd: f0:c2:f6:b7:ca:db:2e:93:2a:21:d6:08:4a:81:45:0a:98:6f: c7:7b:c8:26:d0:c6:6e:48:14:4e:e4:78:b4:90:68:84:e9:c2: 3a:b3:b8:60:dc:cd:f0:2d:9f:d1:33:ea:d2:c6:9a:c7:d3:3d: 73:76:70:4b:71:cb:47:69:95:f2:e1:84:b1:e0:b8:ad:af:17: a3:c5:7a:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRCRDIxMTAvBgNVBAUTKDVEQ0E0NTI4QjlFNDBDODhFNDY3QTQzRkRDMTJCNzhG MkIzNTQ1RTMwHhcNMjUwODIyMjAyMzQ3WhcNMjUwODI5MjAyMzQ3WjAYMRYwFAYD VQQDEw02OGE4ZDFkMy0xZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuHL+0aoyN2c+Jzh+qpOLfbu06h+eFWRIqjik0JAq8hyW8od1ZTnkIz4sY3tG Ez8nUUKii7a4maM1F4cFE4yDatkYB4UFdTOPcvpQWVQY08yR1jJI38FbLcqF6kbD zKZAAH3QBznJlX1ojIJydLuwYDDG4ucTHejQUi5ZDmJ2VpgyrKdXjCcQRMpFGcxV SCWZSuthgNHYB86aVSpv4Y/netZRfYmlPzfgCw1zWoaDwl01iIVo4MRsNv/cRurt 9biBhx9wz2ORB9MShPVy050K9Ba3cauLcAH6W5M1qNZx34+Qle/8XGF2P55b5Cs7 KzTkHNXrebXxKPTCpexgE1FDRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4DUutY uw5HVrfaXAm8OpYB/7r3MB8GA1UdIwQYMBaAFF3KRSi55AyI5GekP9wSt48rNUXj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEJEMi9GNDBCMTE2QUFB MkYxMUVBOUMyOTU5MUVDNEY5QUUwMi9YY3BGS0xua0RJamtaNlFfM0JLM2p5czFS ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjcEZLTG5rRElqa1o2UV8zQkszanlzMVJlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEJEMi9GNDBCMTE2QUFBMkYxMUVBOUMyOTU5MUVDNEY5QUUwMi9YY3BGS0xua0RJ amtaNlFfM0JLM2p5czFSZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfzenyqmq3wpYUESZyQBYLB7fiImpx0/wKcAImX4/yp9oHURyF6jXz f4NQ7lKFcKygOGEv6DqT6oz16zA8DkJwG8L5thK8OuPfc39++uHqF1LttmmdLdbd hjAl4kEx8A70L3s77F3ByN8lQKgCpgBk4Fuwkg62PYPpIiv8/zw4bUCYdwj1+LMg T30U8nGOjPz2ND6OjoQU/2HRcjoXUjsq1CgDil0UaEK0BKO7DQ7VrL95Dd3wwva3 ytsukyoh1ghKgUUKmG/He8gm0MZuSBRO5Hi0kGiE6cI6s7hg3M3wLZ/RM+rSxprH 0z1zdnBLcctHaZXy4YSx4LitrxejxXr+ -----END CERTIFICATE-----Generated at Sat Aug 23 21:23:12 2025 by rpki-client