$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft File: XcAwMzGJiu_bheTZFABriTdr7-E.mft (raw, json) Hash identifier: uMLAdwI03Uax9iMTV0IV97A4vSkV2bdFePEhfSpr1I4= Subject key identifier: 88:9D:E5:B8:AB:FC:80:E8:4E:A3:9A:92:31:09:F8:67:EB:90:DA:6D Authority key identifier: 5D:C0:30:33:31:89:8A:EF:DB:85:E4:D9:14:00:6B:89:37:6B:EF:E1 Certificate issuer: /CN=A91E7BD4/serialNumber=5DC0303331898AEFDB85E4D914006B89376BEFE1 Certificate serial: 068F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft Manifest number: 0686 Signing time: Fri 22 Aug 2025 22:32:50 +0000 Manifest this update: Fri 22 Aug 2025 22:32:49 +0000 Manifest next update: Fri 29 Aug 2025 22:32:49 +0000 Files and hashes: 1: XcAwMzGJiu_bheTZFABriTdr7-E.crl (hash: 4Ti35RVYnUwZ+sPJmpmM9L5doqNuuYh7yc3QWDZoCpU=) 2: 81E3F4ACBBDA11ED8FDB4E45C4F9AE02.roa (hash: zRXwtVciA3XUq61vGPC3fC7y/rZPmZqFfk9/8k9uEj4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.crl rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:32:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1679 (0x68f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BD4, serialNumber=5DC0303331898AEFDB85E4D914006B89376BEFE1 Validity Not Before: Aug 22 22:32:49 2025 GMT Not After : Aug 29 22:32:49 2025 GMT Subject: CN=68a8f011-cbfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:4e:fa:49:f8:4f:09:f3:b6:fb:2a:e8:44:86: 58:11:6d:94:df:cf:dd:b1:1a:a2:d4:c8:af:63:2c: cc:52:ad:68:84:2d:53:af:4c:15:43:ce:5d:a5:f7: 38:19:68:41:50:a9:40:58:68:24:d4:45:04:eb:b0: 97:a3:1a:37:a8:5f:61:c9:d8:07:6a:46:d7:1a:44: 51:66:1e:1c:e0:72:09:1a:9a:09:f9:f0:cd:44:d3: 63:25:de:d4:35:28:22:7a:7b:e7:96:e2:3d:1c:6d: 90:de:83:2d:fd:7a:12:3d:a5:a0:46:5a:e0:2b:8e: 94:43:25:44:8e:a6:51:ec:96:a3:6b:3e:ae:56:85: 6c:c8:b3:db:72:b3:ed:40:b6:3e:02:cf:f0:10:6f: 94:f0:0e:61:34:f5:f3:00:3f:a9:fc:3c:04:28:58: ba:dc:3c:7b:f2:f9:49:35:77:89:c8:a2:8a:bf:b8: 24:ff:6c:ae:c4:c8:32:67:d0:35:53:81:e1:43:e6: c9:9f:0c:2e:cc:d9:48:3b:1b:c3:8f:8f:45:c4:27: b7:31:2c:ba:2b:69:58:d4:7e:b6:ff:c4:84:03:be: aa:00:b5:a8:bd:79:d7:83:99:ca:f1:5a:90:9f:0c: de:6f:f7:72:5b:70:aa:04:cf:1c:96:ba:73:bc:65: 5c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:9D:E5:B8:AB:FC:80:E8:4E:A3:9A:92:31:09:F8:67:EB:90:DA:6D X509v3 Authority Key Identifier: keyid:5D:C0:30:33:31:89:8A:EF:DB:85:E4:D9:14:00:6B:89:37:6B:EF:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XcAwMzGJiu_bheTZFABriTdr7-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BD4/4E87A46A86B111EBB8BE217CC4F9AE02/XcAwMzGJiu_bheTZFABriTdr7-E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:a9:ce:2b:8f:a4:7b:de:56:0f:5e:12:af:f3:89:ba:84:59: d1:33:e5:6a:d6:e7:20:06:7b:6b:c4:32:b7:95:e1:f0:aa:f5: 93:4b:28:36:84:84:ac:c5:22:18:37:17:c6:78:b8:97:47:99: 24:db:4d:7d:ac:82:77:f3:97:fc:09:1d:95:f0:e4:0f:eb:33: 02:0a:5a:f7:5e:24:67:8b:0f:e4:05:9d:29:91:8e:50:5b:11: b8:c5:57:1b:df:c3:96:88:c4:71:94:57:7b:2e:f5:0b:d4:8c: 6c:29:f2:ca:54:0a:4a:57:48:69:d4:32:16:aa:79:8f:28:4d: 7e:75:5d:a6:cc:80:40:86:0c:be:49:26:ce:05:39:18:ce:ad: be:68:0d:bc:ef:6a:71:10:e5:56:12:51:af:16:b4:c8:02:51: 8c:dd:29:ef:41:d1:de:a1:00:b7:09:f1:e2:c6:2d:86:4a:af: e5:40:69:cc:df:25:c3:f6:ae:83:c5:30:4e:61:c0:a4:32:45: 9d:77:af:05:7d:55:9f:2b:fb:a4:eb:bf:c1:1b:1d:4c:1d:93: 54:a5:40:f3:c7:a8:b2:8e:25:f1:3e:9b:e5:d2:29:fb:5a:66: 89:88:1d:92:5a:ee:a0:c7:14:8d:0e:1c:87:9e:21:19:9f:d7: cf:3b:a6:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCRDQxMTAvBgNVBAUTKDVEQzAzMDMzMzE4OThBRUZEQjg1RTREOTE0MDA2Qjg5 Mzc2QkVGRTEwHhcNMjUwODIyMjIzMjQ5WhcNMjUwODI5MjIzMjQ5WjAYMRYwFAYD VQQDEw02OGE4ZjAxMS1jYmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1076SfhPCfO2+yroRIZYEW2U38/dsRqi1MivYyzMUq1ohC1Tr0wVQ85dpfc4 GWhBUKlAWGgk1EUE67CXoxo3qF9hydgHakbXGkRRZh4c4HIJGpoJ+fDNRNNjJd7U NSgienvnluI9HG2Q3oMt/XoSPaWgRlrgK46UQyVEjqZR7Jajaz6uVoVsyLPbcrPt QLY+As/wEG+U8A5hNPXzAD+p/DwEKFi63Dx78vlJNXeJyKKKv7gk/2yuxMgyZ9A1 U4HhQ+bJnwwuzNlIOxvDj49FxCe3MSy6K2lY1H62/8SEA76qALWovXnXg5nK8VqQ nwzeb/dyW3CqBM8clrpzvGVc7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIid5bir /IDoTqOakjEJ+GfrkNptMB8GA1UdIwQYMBaAFF3AMDMxiYrv24Xk2RQAa4k3a+/h MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JENC80RTg3QTQ2QTg2 QjExMUVCQjhCRTIxN0NDNEY5QUUwMi9YY0F3TXpHSml1X2JoZVRaRkFCcmlUZHI3 LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjQXdNekdKaXVfYmhlVFpGQUJyaVRkcjctRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JENC80RTg3QTQ2QTg2QjExMUVCQjhCRTIxN0NDNEY5QUUwMi9YY0F3TXpHSml1 X2JoZVRaRkFCcmlUZHI3LUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBqc4rj6R73lYPXhKv84m6hFnRM+Vq1ucgBntrxDK3leHwqvWTSyg2 hISsxSIYNxfGeLiXR5kk2019rIJ385f8CR2V8OQP6zMCClr3XiRniw/kBZ0pkY5Q WxG4xVcb38OWiMRxlFd7LvUL1IxsKfLKVApKV0hp1DIWqnmPKE1+dV2mzIBAhgy+ SSbOBTkYzq2+aA2872pxEOVWElGvFrTIAlGM3SnvQdHeoQC3CfHixi2GSq/lQGnM 3yXD9q6DxTBOYcCkMkWdd68FfVWfK/uk67/BGx1MHZNUpUDzx6iyjiXxPpvl0in7 WmaJiB2SWu6gxxSNDhyHniEZn9fPO6a4 -----END CERTIFICATE-----Generated at Sat Aug 23 17:23:16 2025 by rpki-client