$ rpki-client -vvf rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft File: EhrxRNkD4_iJffD-0gcaFkd17U8.mft (raw, json) Hash identifier: zYOXqq+k1ibyf/XyYvpVlnkN8dCECWjQ/5+3j2oSywk= Subject key identifier: 93:C4:65:F3:5F:8C:B1:72:BF:BF:8B:14:44:04:36:73:C3:E7:CE:EB Authority key identifier: 12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F Certificate issuer: /CN=A91E554A/serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F Certificate serial: A7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft Manifest number: A2 Signing time: Sat 23 Aug 2025 06:33:54 +0000 Manifest this update: Sat 23 Aug 2025 06:33:53 +0000 Manifest next update: Sat 30 Aug 2025 06:33:53 +0000 Files and hashes: 1: EhrxRNkD4_iJffD-0gcaFkd17U8.crl (hash: ioNjwT9K3W8RBApWTTbNqBVJutrBJx0neac68DsYv5I=) 2: 7C304160FECB11EFB755BB45C4F9AE02.roa (hash: 96JJ4xS4XL/KIJ4tbueQ63oeM+4CMNy+gkgjGzK0Myk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:33:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 167 (0xa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E554A, serialNumber=121AF144D903E3F8897DF0FED2071A164775ED4F Validity Not Before: Aug 23 06:33:53 2025 GMT Not After : Aug 30 06:33:53 2025 GMT Subject: CN=68a960d1-91d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:68:b9:eb:00:7b:22:cf:8b:0f:ec:49:f7:ec: 54:e9:af:58:29:27:fd:8c:81:7b:38:72:69:45:33: 20:b7:0f:f3:57:8c:ca:e8:ec:cc:53:bf:42:c0:89: ef:e7:f1:fb:7d:26:7a:3d:b0:fa:1a:8e:87:41:dd: 10:14:21:3e:f6:43:f4:7b:05:45:05:f1:da:f8:61: 2b:a5:7e:1d:8b:e1:8b:c3:a1:a0:1b:5f:99:57:a5: b6:76:07:5a:26:d5:88:69:62:34:8d:df:36:1c:95: fc:78:84:66:bf:9b:c0:14:3c:ad:20:67:13:d9:4e: 90:6a:4d:c2:f7:01:0e:84:59:7a:d1:c3:41:de:73: 67:c7:94:d1:6b:78:05:f1:16:c2:d8:cf:c8:ae:25: 8b:09:56:e0:45:b4:44:0e:e7:10:f4:31:b3:73:b2: dc:ed:3d:4d:a9:2c:8b:26:3b:d7:de:a6:b4:bb:5a: 78:bc:7f:ea:7f:ba:5b:09:0b:d8:86:bb:b4:7a:86: da:2c:4e:a2:b2:c3:03:65:6e:94:0c:0c:e3:6b:6f: 56:6b:f6:ff:d4:92:76:c9:e0:1a:59:03:3a:b5:fb: ac:71:2d:f1:5b:d7:42:0d:9a:f4:8e:bc:b5:3d:75: ff:53:ef:e9:20:74:09:79:6f:ef:55:a7:82:9a:b9: 7d:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:C4:65:F3:5F:8C:B1:72:BF:BF:8B:14:44:04:36:73:C3:E7:CE:EB X509v3 Authority Key Identifier: keyid:12:1A:F1:44:D9:03:E3:F8:89:7D:F0:FE:D2:07:1A:16:47:75:ED:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EhrxRNkD4_iJffD-0gcaFkd17U8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E554A/795E73D091F711EFADE11266C4F9AE02/EhrxRNkD4_iJffD-0gcaFkd17U8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:59:c0:55:58:1d:cd:79:56:26:43:6c:23:bd:00:2d:28:66: ba:12:55:23:b2:1b:81:a8:03:83:65:0d:e4:ec:a1:78:85:6a: 41:c3:a6:4f:a0:f9:aa:17:7f:65:4c:88:75:7c:33:36:7f:4a: a6:a3:94:54:8d:9e:f4:ce:cd:13:9a:05:4c:34:13:38:da:31: 50:bf:32:60:49:5f:27:b4:b0:2a:cf:c0:b6:d4:7c:cf:60:d0: 53:ac:53:1c:b3:7a:6a:40:8c:9e:99:89:e9:72:bc:4e:ec:81: 50:c0:ae:57:25:ad:5c:2a:b3:c0:ce:98:ae:d5:94:d5:07:57: 8a:84:09:86:b6:d8:3e:86:22:95:28:06:6b:bd:4e:58:f4:5c: e7:9b:45:03:4f:37:48:74:45:42:f9:5d:a2:50:38:b7:67:e7: c6:d4:42:f1:9c:ba:b4:02:1e:25:c0:2e:d8:12:d7:37:a6:4f: 78:65:17:75:d6:6f:65:ac:07:1b:16:e1:b0:7e:d2:29:c7:c7: da:2a:13:5f:63:9e:c6:c4:5e:07:21:7d:b5:52:2d:b4:7c:b1: 2f:2c:e4:6c:db:77:1b:ec:f0:ee:04:1a:2e:db:93:bc:03:95: 60:81:eb:13:0f:af:bd:c5:e1:fb:d1:c7:55:50:2e:0c:20:32: 61:84:de:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU1NEExMTAvBgNVBAUTKDEyMUFGMTQ0RDkwM0UzRjg4OTdERjBGRUQyMDcxQTE2 NDc3NUVENEYwHhcNMjUwODIzMDYzMzUzWhcNMjUwODMwMDYzMzUzWjAYMRYwFAYD VQQDEw02OGE5NjBkMS05MWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9mi56wB7Is+LD+xJ9+xU6a9YKSf9jIF7OHJpRTMgtw/zV4zK6OzMU79CwInv 5/H7fSZ6PbD6Go6HQd0QFCE+9kP0ewVFBfHa+GErpX4di+GLw6GgG1+ZV6W2dgda JtWIaWI0jd82HJX8eIRmv5vAFDytIGcT2U6Qak3C9wEOhFl60cNB3nNnx5TRa3gF 8RbC2M/IriWLCVbgRbREDucQ9DGzc7Lc7T1NqSyLJjvX3qa0u1p4vH/qf7pbCQvY hru0eobaLE6issMDZW6UDAzja29Wa/b/1JJ2yeAaWQM6tfuscS3xW9dCDZr0jry1 PXX/U+/pIHQJeW/vVaeCmrl9AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPEZfNf jLFyv7+LFEQENnPD587rMB8GA1UdIwQYMBaAFBIa8UTZA+P4iX3w/tIHGhZHde1P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTU0QS83OTVFNzNEMDkx RjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRfaUpmZkQtMGdjYUZrZDE3 VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0VocnhSTmtENF9pSmZmRC0wZ2NhRmtkMTdVOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTU0QS83OTVFNzNEMDkxRjcxMUVGQURFMTEyNjZDNEY5QUUwMi9FaHJ4Uk5rRDRf aUpmZkQtMGdjYUZrZDE3VTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoWcBVWB3NeVYmQ2wjvQAtKGa6ElUjshuBqAODZQ3k7KF4hWpBw6ZP oPmqF39lTIh1fDM2f0qmo5RUjZ70zs0TmgVMNBM42jFQvzJgSV8ntLAqz8C21HzP YNBTrFMcs3pqQIyemYnpcrxO7IFQwK5XJa1cKrPAzpiu1ZTVB1eKhAmGttg+hiKV KAZrvU5Y9Fznm0UDTzdIdEVC+V2iUDi3Z+fG1ELxnLq0Ah4lwC7YEtc3pk94ZRd1 1m9lrAcbFuGwftIpx8faKhNfY57GxF4HIX21Ui20fLEvLORs23cb7PDuBBou25O8 A5VggesTD6+9xeH70cdVUC4MIDJhhN5Q -----END CERTIFICATE-----Generated at Sat Aug 23 15:42:14 2025 by rpki-client