$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft File: z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft (raw, json) Hash identifier: j130M+DFe4EfkNohGnyvH5X0AabdDXBEjc9CRf7wFlY= Subject key identifier: F2:B7:A0:8D:C1:74:82:68:B0:E8:5C:E2:DF:D8:B9:B7:EF:00:84:DD Authority key identifier: CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 Certificate issuer: /CN=A91E7ED9/serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Certificate serial: 083C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft Manifest number: 0836 Signing time: Fri 22 Aug 2025 20:53:04 +0000 Manifest this update: Fri 22 Aug 2025 20:53:03 +0000 Manifest next update: Fri 29 Aug 2025 20:53:03 +0000 Files and hashes: 1: z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl (hash: 09q/j0ws5vWbImz3pZT9J+6NP+Fjif8RcTG7uF9NvrQ=) 2: DE349762DBA311EA8DE35866C4F9AE02.roa (hash: W9BGV+7n/b6h+ZEgu/zCV5dkMkakdYDRjim1ueZv/vs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2108 (0x83c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7ED9, serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Validity Not Before: Aug 22 20:53:03 2025 GMT Not After : Aug 29 20:53:03 2025 GMT Subject: CN=68a8d8af-472b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:87:45:45:a3:6d:a3:31:fe:ff:dd:60:a2:48: 77:4e:8b:a7:b3:71:0c:cd:24:bd:7f:7e:03:95:87: 75:ae:dc:e3:1d:11:05:0b:e0:1a:6a:6d:c1:1f:71: 7d:bf:56:73:fe:15:de:47:28:43:69:c0:08:81:56: be:5c:95:32:05:c5:f6:c4:8f:bf:ec:81:6c:dd:50: 33:94:7f:1f:50:ac:0f:36:8a:95:d1:55:01:55:40: 2c:d3:a2:29:b8:ce:71:c6:ba:60:3e:65:55:22:8a: 83:10:fc:0d:09:c2:55:cd:43:5a:e1:25:9b:1c:68: 38:45:7b:50:44:99:27:98:d7:0c:4a:17:8e:21:b9: 7e:61:81:2a:54:95:18:de:3e:fa:2d:14:dc:be:4a: 4d:a0:3a:97:1c:00:95:b2:09:1b:df:23:33:86:e9: 1e:9c:9a:76:b3:25:e5:a4:94:93:79:f6:1c:43:df: 68:c8:61:d7:8c:4c:c5:73:9b:41:f9:f2:87:20:c4: 20:41:ef:66:07:00:63:25:89:89:61:a7:45:69:7c: 68:c8:15:6c:ca:5d:6e:6d:e7:32:55:9f:30:37:9d: 2e:69:02:fb:23:64:4c:83:72:9c:f5:32:12:d0:8b: e5:ac:7a:80:c9:f8:17:93:5e:45:35:83:69:03:ef: 9d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:B7:A0:8D:C1:74:82:68:B0:E8:5C:E2:DF:D8:B9:B7:EF:00:84:DD X509v3 Authority Key Identifier: keyid:CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:bc:42:e5:f2:04:33:a3:91:f7:0e:37:1f:79:f3:8b:c5:06: 06:2b:c2:f9:63:82:5b:c8:76:92:b9:a7:dd:d2:51:f8:fe:75: 0b:50:0d:17:bf:e2:b1:c8:c4:11:6d:a3:98:9b:ff:68:91:d6: ca:2d:44:0b:b2:b3:27:41:4f:dc:b6:d8:41:1c:f6:1e:4d:fc: 8a:1c:fd:64:f6:dc:5e:73:01:0a:f2:8b:04:d0:40:2d:a4:bf: 39:ae:36:23:89:89:3a:e9:02:a8:bd:b2:ed:e2:57:79:9f:26: 8a:a0:d1:48:22:e3:35:89:26:a1:02:93:6e:53:11:42:5a:fd: 2d:19:3e:8b:8a:15:af:73:70:2d:17:53:cc:ff:ee:3e:be:45: 44:fa:48:32:7f:7b:30:1c:52:c5:83:68:d2:5c:b8:0d:21:b6: b6:bd:fc:2e:f6:0d:2f:7c:1d:6f:3d:b5:7f:21:d0:2f:65:18: b9:7e:fc:62:63:5f:b3:dd:4c:8a:42:fe:7c:0b:0a:4f:14:df: 63:98:e8:05:cb:ba:4a:29:5d:6f:c7:f7:6d:7f:9a:f2:cf:21: fb:07:97:04:10:84:9c:9e:e8:30:cf:be:d5:d2:4b:18:6c:62: 9c:58:83:4a:5c:63:72:d8:ec:bd:05:85:1e:1b:a1:4d:a4:3a: ca:5f:2a:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdFRDkxMTAvBgNVBAUTKENGNjY4Mzc0RUM3NUFCNUNBQ0QyRUE3MzA1MTVGN0I3 NzY0REQ5MjEwHhcNMjUwODIyMjA1MzAzWhcNMjUwODI5MjA1MzAzWjAYMRYwFAYD VQQDEw02OGE4ZDhhZi00NzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6odFRaNtozH+/91gokh3Touns3EMzSS9f34DlYd1rtzjHREFC+Aaam3BH3F9 v1Zz/hXeRyhDacAIgVa+XJUyBcX2xI+/7IFs3VAzlH8fUKwPNoqV0VUBVUAs06Ip uM5xxrpgPmVVIoqDEPwNCcJVzUNa4SWbHGg4RXtQRJknmNcMSheOIbl+YYEqVJUY 3j76LRTcvkpNoDqXHACVsgkb3yMzhukenJp2syXlpJSTefYcQ99oyGHXjEzFc5tB +fKHIMQgQe9mBwBjJYmJYadFaXxoyBVsyl1ubecyVZ8wN50uaQL7I2RMg3Kc9TIS 0IvlrHqAyfgXk15FNYNpA++d6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPK3oI3B dIJosOhc4t/YubfvAITdMB8GA1UdIwQYMBaAFM9mg3TsdatcrNLqcwUV97d2Tdkh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0VEOS9GOEUwQjNCMkRC QTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXExeXMwdXB6QlJYM3QzWk4y U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3oyYURkT3gxcTF5czB1cHpCUlgzdDNaTjJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0VEOS9GOEUwQjNCMkRCQTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXEx eXMwdXB6QlJYM3QzWk4yU0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3vELl8gQzo5H3DjcfefOLxQYGK8L5Y4JbyHaSuafd0lH4/nULUA0X v+KxyMQRbaOYm/9okdbKLUQLsrMnQU/ctthBHPYeTfyKHP1k9txecwEK8osE0EAt pL85rjYjiYk66QKovbLt4ld5nyaKoNFIIuM1iSahApNuUxFCWv0tGT6LihWvc3At F1PM/+4+vkVE+kgyf3swHFLFg2jSXLgNIba2vfwu9g0vfB1vPbV/IdAvZRi5fvxi Y1+z3UyKQv58CwpPFN9jmOgFy7pKKV1vx/dtf5ryzyH7B5cEEIScnugwz77V0ksY bGKcWINKXGNy2Oy9BYUeG6FNpDrKXyrs -----END CERTIFICATE-----Generated at Sat Aug 23 22:41:30 2025 by rpki-client