$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft File: 5OTCQkd4XDQv81kH9-EcSrs5i4M.mft (raw, json) Hash identifier: Oho0LMosowjfYODP5+l9zNSQP61QX/tNcCJAemBBobM= Subject key identifier: A6:B6:83:97:6B:0A:BA:93:B3:C0:90:8B:03:D6:FD:73:44:B5:2C:B9 Authority key identifier: E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 Certificate issuer: /CN=A91E85F1/serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Certificate serial: 51 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft Manifest number: 4E Signing time: Sat 23 Aug 2025 07:35:41 +0000 Manifest this update: Sat 23 Aug 2025 07:35:41 +0000 Manifest next update: Sat 30 Aug 2025 07:35:41 +0000 Files and hashes: 1: 5OTCQkd4XDQv81kH9-EcSrs5i4M.crl (hash: Fmsf9r0km7+YANSIS5GBdbEd/yYwgJR2JmbtSkHWI8M=) 2: 212E0B520DFE11F0B266963AC4F9AE02.roa (hash: 44vHU0H/9/bs4kOPReZOgC2D0Y7H1F8Nu3vr76cFkxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:35:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 81 (0x51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Validity Not Before: Aug 23 07:35:41 2025 GMT Not After : Aug 30 07:35:41 2025 GMT Subject: CN=68a96f4d-9294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:f0:72:db:59:29:65:e6:8d:83:98:79:6d:1b: c6:25:66:69:12:ad:91:5c:5d:5c:f5:b5:18:bd:86: e7:82:f4:28:eb:48:3f:e7:e6:d9:87:8f:0a:e1:08: 5b:ac:4c:c6:b8:c7:ba:71:cc:ed:6d:e6:ef:55:bd: 3f:a4:de:78:5d:d5:f7:4b:77:3c:f1:c1:9b:84:46: 8a:ba:ba:c2:4a:0b:b7:22:c5:bb:8f:fd:66:db:82: 60:e7:2c:d6:3e:48:07:60:ea:12:57:b5:84:79:9f: 41:7c:4e:d6:16:20:14:e0:ae:48:2d:27:1f:b6:b5: b9:af:0f:31:47:f1:61:7e:41:66:c5:d9:00:c2:09: df:59:d1:ec:2b:13:04:a2:86:c1:10:c3:d2:4e:6e: 6e:37:10:4c:cf:23:cb:0f:04:e4:6c:74:7a:a4:a0: 1c:7f:53:de:c3:65:1a:c2:ac:8c:3d:f8:65:ec:bd: b6:59:84:4b:be:f2:ea:eb:b1:91:8d:a4:35:66:a0: bc:88:ca:b4:7a:b1:f2:f5:77:39:bb:34:ad:27:80: c6:72:4a:3f:09:2c:65:a2:3a:47:79:9b:ed:67:c6: f7:df:56:56:66:73:f9:7b:36:2b:6d:03:96:84:da: 77:a0:ac:c9:e5:8b:31:ba:35:ad:9b:ae:81:29:8b: 90:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:B6:83:97:6B:0A:BA:93:B3:C0:90:8B:03:D6:FD:73:44:B5:2C:B9 X509v3 Authority Key Identifier: keyid:E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:98:5a:79:d8:8c:ba:3c:cf:d2:e4:8d:8a:2f:02:2a:ba:80: 37:40:81:7c:45:cc:67:38:0e:b8:61:e6:8a:4b:b8:b0:d2:18: 23:98:08:ce:64:04:4a:e4:25:c5:50:0a:85:6c:c2:63:4b:e7: 24:e8:b7:20:ef:b7:1f:6f:1d:5d:55:b0:ae:83:be:83:47:e1: ed:1b:b4:11:f2:e8:1a:b3:66:18:a7:c4:42:00:42:77:8f:71: 14:4b:3e:00:2e:57:a2:76:41:ff:20:a7:63:48:f3:ff:19:44: ec:98:d8:05:af:e9:b1:ad:10:fb:ba:3e:31:67:6e:b9:6f:52: 10:78:58:6b:2f:df:81:82:44:e8:0f:af:a0:8f:39:16:aa:f6: 0c:0f:25:cd:71:b5:fa:a3:2d:9e:7f:ed:ee:67:1a:3a:a3:c9: da:ed:9b:62:82:85:1e:c2:95:e7:cb:13:cb:89:96:fa:96:5a: 0e:6d:e5:20:e5:2d:ba:e8:26:eb:b0:9b:80:3a:44:52:ac:4f: 18:81:69:31:e4:f1:0f:dc:37:9c:92:70:53:ed:35:f3:cb:8d: 01:4a:e3:98:a5:98:08:ac:6a:7d:e4:6a:0b:90:90:02:f7:a0: 39:d6:f7:e0:ca:29:a1:cd:18:88:21:79:c6:f8:ab:be:f3:d2: 38:8c:15:59 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoRTRFNEMyNDI0Nzc4NUMzNDJGRjM1OTA3RjdFMTFDNEFC QjM5OEI4MzAeFw0yNTA4MjMwNzM1NDFaFw0yNTA4MzAwNzM1NDFaMBgxFjAUBgNV BAMTDTY4YTk2ZjRkLTkyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDR8HLbWSll5o2DmHltG8YlZmkSrZFcXVz1tRi9hueC9CjrSD/n5tmHjwrhCFus TMa4x7pxzO1t5u9VvT+k3nhd1fdLdzzxwZuERoq6usJKC7cixbuP/WbbgmDnLNY+ SAdg6hJXtYR5n0F8TtYWIBTgrkgtJx+2tbmvDzFH8WF+QWbF2QDCCd9Z0ewrEwSi hsEQw9JObm43EEzPI8sPBORsdHqkoBx/U97DZRrCrIw9+GXsvbZZhEu+8urrsZGN pDVmoLyIyrR6sfL1dzm7NK0ngMZySj8JLGWiOkd5m+1nxvffVlZmc/l7NittA5aE 2negrMnlizG6Na2broEpi5CxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUpraDl2sK upOzwJCLA9b9c0S1LLkwHwYDVR0jBBgwFoAU5OTCQkd4XDQv81kH9+EcSrs5i4Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzYyMjA2MzNDMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERRdjgxa0g5LUVjU3JzNWk0 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNU9UQ1FrZDRYRFF2ODFrSDktRWNTcnM1aTRNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzYyMjA2MzNDMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERR djgxa0g5LUVjU3JzNWk0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACOYWnnYjLo8z9LkjYovAiq6gDdAgXxFzGc4Drhh5opLuLDSGCOYCM5k BErkJcVQCoVswmNL5yTotyDvtx9vHV1VsK6DvoNH4e0btBHy6BqzZhinxEIAQneP cRRLPgAuV6J2Qf8gp2NI8/8ZROyY2AWv6bGtEPu6PjFnbrlvUhB4WGsv34GCROgP r6CPORaq9gwPJc1xtfqjLZ5/7e5nGjqjydrtm2KChR7ClefLE8uJlvqWWg5t5SDl LbroJuuwm4A6RFKsTxiBaTHk8Q/cN5yScFPtNfPLjQFK45ilmAisan3kaguQkAL3 oDnW9+DKKaHNGIghecb4q77z0jiMFVk= -----END CERTIFICATE-----Generated at Sat Aug 23 12:43:57 2025 by rpki-client