$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: Z7JKabuHjvUmvbqQo1LPHQ1deQ7QOWw2f44DKyL6g88= Subject key identifier: 14:32:0F:8E:7B:53:2C:4F:96:54:A0:AC:78:F2:1E:2A:32:1E:1D:5C Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0520 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 0516 Signing time: Fri 22 Aug 2025 23:49:15 +0000 Manifest this update: Fri 22 Aug 2025 23:49:14 +0000 Manifest next update: Fri 29 Aug 2025 23:49:14 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: vjevkEIASxw51nlNg7nHaG6+Tgcj6srWFPgLm0TiCXw=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:49:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1312 (0x520) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Aug 22 23:49:14 2025 GMT Not After : Aug 29 23:49:14 2025 GMT Subject: CN=68a901fb-696a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c2:fc:e5:13:9d:48:77:00:df:52:f4:2b:13: 36:f7:2d:d6:2c:cc:f5:b4:65:68:da:26:44:39:03: 6d:a3:49:7d:b3:c0:76:66:a0:6f:0a:37:38:17:17: ce:5f:0c:b6:49:05:16:53:b0:b4:a1:47:93:d4:e4: a6:71:a8:5e:58:ab:c6:07:c3:ed:0f:9d:82:d6:e3: f4:cd:5d:91:d2:45:b8:ae:ed:8a:68:b9:32:6e:f7: b7:07:ad:d8:ba:88:c8:9c:ea:07:d1:8b:dc:d7:ad: e8:c1:67:0f:a6:d0:a3:30:80:81:fa:f0:35:af:93: 3e:0c:00:b0:99:a5:67:d2:11:c9:d3:f5:74:78:f3: df:d2:2f:d1:27:6e:0b:cd:97:b3:76:1b:51:9c:d1: 6e:56:ab:e2:65:82:9b:b3:d2:19:3d:53:c5:f8:e9: f6:c2:ca:8c:ed:71:32:fb:0b:2f:36:ff:f6:17:3b: 87:51:94:3f:29:03:82:93:a7:82:93:58:1b:e6:1d: 57:4c:b5:b7:ab:50:7d:5e:95:9f:57:16:78:e4:32: 04:bf:1a:14:66:75:52:e6:f8:5b:2d:53:e6:88:db: b4:d1:73:fa:88:63:4d:db:5b:0b:64:d9:8c:e1:a6: 20:b9:4a:88:e8:73:2b:d3:e5:6d:8c:3c:66:b0:19: 44:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:32:0F:8E:7B:53:2C:4F:96:54:A0:AC:78:F2:1E:2A:32:1E:1D:5C X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:a2:eb:20:a9:5c:41:b5:a7:5b:d5:85:4e:7f:77:42:39:47: 24:15:80:b5:e1:41:37:d5:bd:be:60:97:86:db:78:c5:83:73: 33:e2:73:89:89:44:9b:e3:df:e1:06:26:11:46:e2:f0:29:4c: c0:74:4d:26:55:60:7f:2f:f8:54:b2:a6:88:be:1a:1b:13:ad: a2:5e:05:47:36:cd:81:6d:ec:6f:b7:b6:1b:04:8c:f6:ef:dd: ee:34:6d:d9:2b:f0:68:b5:d4:74:03:37:7f:6b:b6:70:55:f5: 72:7f:1f:f2:42:25:9b:94:23:92:2e:f5:b9:eb:8d:b9:ac:a9: df:eb:7a:1a:cf:52:8d:88:c1:fb:b1:79:72:c5:ca:73:3f:a3: e0:4c:ac:6f:cd:d3:8a:cb:76:70:f2:9d:f4:19:51:4c:6e:b6: 5b:e9:df:fa:4f:68:5b:a2:e4:1f:58:69:2c:32:59:fe:2c:23: 79:0d:e0:f8:35:a0:29:97:7d:15:f4:b5:f4:4b:d8:6a:b7:16: dd:8b:4c:67:72:92:d8:63:61:c7:b4:c3:3b:c6:12:00:2b:ad: 79:76:88:81:23:ec:66:a8:fe:c7:96:fa:9e:1e:cb:0d:4b:7e: b9:be:9f:fa:ec:44:73:f6:a0:67:3a:12:07:3e:4f:4c:ca:58: d8:07:46:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwODIyMjM0OTE0WhcNMjUwODI5MjM0OTE0WjAYMRYwFAYD VQQDEw02OGE5MDFmYi02OTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAycL85ROdSHcA31L0KxM29y3WLMz1tGVo2iZEOQNto0l9s8B2ZqBvCjc4FxfO Xwy2SQUWU7C0oUeT1OSmcaheWKvGB8PtD52C1uP0zV2R0kW4ru2KaLkybve3B63Y uojInOoH0Yvc163owWcPptCjMICB+vA1r5M+DACwmaVn0hHJ0/V0ePPf0i/RJ24L zZezdhtRnNFuVqviZYKbs9IZPVPF+On2wsqM7XEy+wsvNv/2FzuHUZQ/KQOCk6eC k1gb5h1XTLW3q1B9XpWfVxZ45DIEvxoUZnVS5vhbLVPmiNu00XP6iGNN21sLZNmM 4aYguUqI6HMr0+VtjDxmsBlEIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBQyD457 UyxPllSgrHjyHioyHh1cMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXousgqVxBtadb1YVOf3dCOUckFYC14UE31b2+YJeG23jFg3Mz4nOJ iUSb49/hBiYRRuLwKUzAdE0mVWB/L/hUsqaIvhobE62iXgVHNs2Bbexvt7YbBIz2 793uNG3ZK/BotdR0Azd/a7ZwVfVyfx/yQiWblCOSLvW56425rKnf63oaz1KNiMH7 sXlyxcpzP6PgTKxvzdOKy3Zw8p30GVFMbrZb6d/6T2hbouQfWGksMln+LCN5DeD4 NaApl30V9LX0S9hqtxbdi0xncpLYY2HHtMM7xhIAK615doiBI+xmqP7HlvqeHssN S365vp/67ERz9qBnOhIHPk9MyljYB0ab -----END CERTIFICATE-----Generated at Sat Aug 23 20:12:40 2025 by rpki-client