$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft File: XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json) Hash identifier: bsuGJq7ZH1GgzLFPrkjrZxL+HkWDDK2vV9FiMvCoCTI= Subject key identifier: 0D:49:31:53:4D:4B:95:58:79:00:74:6F:2A:A9:1E:E3:0B:85:51:CD Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Certificate serial: 0E72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft Manifest number: 0E65 Signing time: Fri 22 Aug 2025 17:51:24 +0000 Manifest this update: Fri 22 Aug 2025 17:51:23 +0000 Manifest next update: Fri 29 Aug 2025 17:51:23 +0000 Files and hashes: 1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: oA2sR7Rk/WrF4HR52GOBnUq1SkHt/rHY8Ei/SKj1slM=) 2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:51:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3698 (0xe72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Validity Not Before: Aug 22 17:51:23 2025 GMT Not After : Aug 29 17:51:23 2025 GMT Subject: CN=68a8ae1b-af39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c2:f8:5f:c5:4d:3a:15:81:25:de:00:c5:0d: f3:40:8b:9c:67:21:aa:35:a0:9c:04:18:4f:80:39: f3:36:b3:e7:f3:b6:57:b8:69:2b:21:d0:27:e6:01: 2b:56:d8:99:3d:2a:81:c0:4f:66:e2:84:ca:85:4d: 3a:00:45:56:10:db:b4:23:da:7c:12:62:8b:d7:41: ac:eb:d8:36:24:5c:bb:d1:14:3e:50:0a:ae:e1:2b: c9:0a:17:13:35:e5:1d:5d:c6:20:4d:45:19:54:ef: 2f:a7:92:d1:72:16:38:be:44:ef:43:f5:6d:b5:4a: 41:09:2f:fe:21:72:09:f2:cb:63:b2:41:f1:6f:0c: 48:00:5f:c8:3b:12:2e:44:99:d7:16:83:41:f2:fc: e1:d8:6c:d2:9e:d2:b6:77:59:f2:24:84:37:38:d2: 79:38:21:e8:5e:f9:ad:c7:a9:91:43:18:25:e5:d0: ad:f8:6d:be:5a:fc:7e:03:1d:65:7b:48:77:09:3e: 62:99:8f:c6:4e:86:dc:3c:76:4f:27:d5:1f:5d:b0: ea:48:23:ef:87:50:29:a3:64:9a:34:d6:19:2a:75: e2:ab:ba:db:81:9b:6f:be:bf:7e:1d:57:04:5b:36: 9e:db:f2:2b:4f:a8:a4:cd:3e:ce:e7:69:ec:17:bb: a1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:49:31:53:4D:4B:95:58:79:00:74:6F:2A:A9:1E:E3:0B:85:51:CD X509v3 Authority Key Identifier: keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:db:24:54:67:bf:ee:85:38:40:9a:a0:b2:97:a8:8a:77:9c: e7:28:f4:6f:67:8f:ae:ce:83:65:59:91:15:d9:33:00:72:d5: 4b:41:03:2d:35:68:cd:34:38:3a:c9:38:33:c5:16:ff:c3:96: 38:d3:b7:58:2d:6a:9e:96:c4:23:e7:26:e8:37:2e:01:79:f8: e8:ed:2f:fb:45:90:63:c7:bb:e7:43:5c:0e:f6:57:9c:54:cd: 2c:4a:66:7a:1a:d2:de:ed:27:da:60:45:96:d1:b8:b3:0e:88: cf:3f:c2:cd:9d:44:62:6f:76:1c:5d:ee:6d:d3:a9:87:d5:bc: 80:2d:5e:37:64:e7:be:e9:3b:31:da:bb:e8:d8:81:8f:b2:28: 0e:f9:1e:c4:95:de:23:cc:06:0c:22:df:ff:16:87:2e:bc:e1: 85:02:15:66:e1:fa:af:8f:91:77:72:17:23:80:a1:7d:01:d7: ff:a4:7f:ca:aa:0b:a6:a7:85:f9:c5:ae:db:35:48:1b:72:6e: 1d:ce:31:ab:bc:13:7f:a2:18:de:9b:a3:6d:d2:e8:15:64:53: b8:fd:22:df:a7:bd:76:4f:45:8b:e9:ab:06:6c:dc:e5:e0:5b: ee:c0:08:41:e3:ff:3a:24:34:5e:0a:1e:d0:28:7f:f7:fa:ac: 08:4f:92:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2 OUI3ODk5OTUwHhcNMjUwODIyMTc1MTIzWhcNMjUwODI5MTc1MTIzWjAYMRYwFAYD VQQDEw02OGE4YWUxYi1hZjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs8L4X8VNOhWBJd4AxQ3zQIucZyGqNaCcBBhPgDnzNrPn87ZXuGkrIdAn5gEr VtiZPSqBwE9m4oTKhU06AEVWENu0I9p8EmKL10Gs69g2JFy70RQ+UAqu4SvJChcT NeUdXcYgTUUZVO8vp5LRchY4vkTvQ/VttUpBCS/+IXIJ8stjskHxbwxIAF/IOxIu RJnXFoNB8vzh2GzSntK2d1nyJIQ3ONJ5OCHoXvmtx6mRQxgl5dCt+G2+Wvx+Ax1l e0h3CT5imY/GTobcPHZPJ9UfXbDqSCPvh1Apo2SaNNYZKnXiq7rbgZtvvr9+HVcE Wzae2/IrT6ikzT7O52nsF7uhEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA1JMVNN S5VYeQB0byqpHuMLhVHNMB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBO2yRUZ7/uhThAmqCyl6iKd5znKPRvZ4+uzoNlWZEV2TMActVLQQMt NWjNNDg6yTgzxRb/w5Y407dYLWqelsQj5yboNy4Befjo7S/7RZBjx7vnQ1wO9lec VM0sSmZ6GtLe7SfaYEWW0bizDojPP8LNnURib3YcXe5t06mH1byALV43ZOe+6Tsx 2rvo2IGPsigO+R7Eld4jzAYMIt//FocuvOGFAhVm4fqvj5F3chcjgKF9Adf/pH/K qgump4X5xa7bNUgbcm4dzjGrvBN/ohjem6Nt0ugVZFO4/SLfp712T0WL6asGbNzl 4FvuwAhB4/86JDReCh7QKH/3+qwIT5Lz -----END CERTIFICATE-----Generated at Sat Aug 23 18:41:50 2025 by rpki-client