$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft File: fNlYoAf08OVuSo0kV2aIYiurciE.mft (raw, json) Hash identifier: Xf8pURVQuO/5nYhmuBX1egEHutVDkMtoeYQdMLlLpUo= Subject key identifier: 12:8C:E9:AB:4E:4C:11:8A:2B:20:D0:D6:31:A7:85:B6:26:99:84:77 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0159 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft Manifest number: 0152 Signing time: Sat 23 Aug 2025 04:22:48 +0000 Manifest this update: Sat 23 Aug 2025 04:22:47 +0000 Manifest next update: Sat 30 Aug 2025 04:22:47 +0000 Files and hashes: 1: fNlYoAf08OVuSo0kV2aIYiurciE.crl (hash: +nvyf1ci8SvfmTAI5+iZ0rLcwY230B8gPKRhsYBgJn8=) 2: CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa (hash: ql4+ww0zhpLAZ6qhF7JKNz35W7z0OdqH31PA5z7n2aM=) 3: 289652667B7511F0A2592A6EC4F9AE02.roa (hash: MIG5ytjBmWgfoVPKlrbWqCYL4yCWtxcV0jRXlzp0+A0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 345 (0x159) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: Aug 23 04:22:47 2025 GMT Not After : Aug 30 04:22:47 2025 GMT Subject: CN=68a94218-eab4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ac:c3:4c:b5:ff:b1:f4:09:33:b8:bd:6a:29: a7:21:3b:88:76:3e:f1:63:02:d2:31:fa:9d:eb:77: 5d:e8:25:d9:d9:9a:0a:f5:3e:b5:6f:34:f9:ed:93: 47:b5:f7:da:24:df:d6:1a:7d:84:8e:57:5e:07:e7: e6:df:4c:35:0c:53:fb:2d:2d:80:d9:07:8f:e5:3c: 73:93:6a:38:e0:1e:ca:89:63:de:b0:97:69:69:1a: 3a:1e:c3:1a:3b:ed:fe:d7:bf:79:be:63:cc:49:ab: eb:7b:e9:b3:1c:f8:3e:76:d3:37:67:5e:ff:10:49: 4d:60:c6:f4:2c:4d:95:7f:65:db:b0:c6:4b:d7:dd: 80:59:c9:05:5c:22:ef:2f:32:d7:73:ac:e6:24:89: 41:a2:d8:0e:1a:06:c2:c7:66:d9:38:56:fc:52:86: 6d:ec:c0:d3:e9:b4:dd:1e:c8:1f:5b:0a:3a:69:ef: 9a:0a:0b:6e:9d:cd:ed:85:0e:74:a8:ad:21:98:ba: 82:7a:e6:8a:0a:76:f7:3c:ff:a6:ce:bf:b0:82:d4: 2c:4e:a4:b8:8f:72:72:86:2a:2b:e5:b5:86:6e:34: c3:f1:f1:53:60:53:e4:1f:a2:40:ed:61:66:d2:4e: 19:93:08:91:f1:e0:50:04:f3:d9:5e:37:8f:0e:5b: fa:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:8C:E9:AB:4E:4C:11:8A:2B:20:D0:D6:31:A7:85:B6:26:99:84:77 X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:8c:43:2a:96:26:c4:77:7e:82:31:42:36:75:af:9c:2a:e9: 6d:da:f6:f7:46:24:a8:f2:bb:d9:07:a7:cf:96:3a:2c:f6:52: 4d:fa:de:39:6d:62:35:67:6c:81:2e:69:3f:f0:00:d0:d5:76: 8f:d9:4a:36:60:22:e6:e4:7c:72:dc:71:a4:6a:dc:d4:eb:c6: da:c8:51:5f:30:7b:40:a4:37:07:fe:89:e6:a4:4e:93:6d:aa: b3:6a:87:9f:52:f3:09:b7:2a:b9:9c:36:83:6d:e7:79:ce:3c: 7c:9d:df:a8:78:95:79:97:1c:0e:80:9a:73:42:4f:85:c0:6d: e3:4d:53:1b:28:6e:80:73:25:34:91:80:cd:8e:18:6d:97:b5: 0f:71:5b:ec:75:78:a0:4b:98:e9:59:ac:d6:1b:58:da:36:88: 76:e2:0c:73:05:f7:a6:34:46:f9:ed:92:ca:ad:6b:4e:1e:cd: 92:c3:fb:65:28:d3:70:57:d7:62:12:a9:5a:85:70:22:24:23: 81:a4:4c:60:63:e9:3c:44:fe:fc:c3:fe:6c:56:79:26:f8:a9: b5:6d:7e:54:71:f1:d4:28:b7:c3:38:42:d2:ec:68:0b:ef:f8: 28:e0:94:cd:ac:2a:b2:44:d5:3e:21:d4:b5:b8:81:41:ab:c2: 29:08:99:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUwODIzMDQyMjQ3WhcNMjUwODMwMDQyMjQ3WjAYMRYwFAYD VQQDEw02OGE5NDIxOC1lYWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwazDTLX/sfQJM7i9aimnITuIdj7xYwLSMfqd63dd6CXZ2ZoK9T61bzT57ZNH tffaJN/WGn2EjldeB+fm30w1DFP7LS2A2QeP5Txzk2o44B7KiWPesJdpaRo6HsMa O+3+1795vmPMSavre+mzHPg+dtM3Z17/EElNYMb0LE2Vf2XbsMZL192AWckFXCLv LzLXc6zmJIlBotgOGgbCx2bZOFb8UoZt7MDT6bTdHsgfWwo6ae+aCgtunc3thQ50 qK0hmLqCeuaKCnb3PP+mzr+wgtQsTqS4j3Jyhior5bWGbjTD8fFTYFPkH6JA7WFm 0k4ZkwiR8eBQBPPZXjePDlv6TQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKM6atO TBGKKyDQ1jGnhbYmmYR3MB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEFGMi81NzMyQzgzODg0NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhP VnVTbzBrVjJhSVlpdXJjaUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAjEMqlibEd36CMUI2da+cKult2vb3RiSo8rvZB6fPljos9lJN+t45 bWI1Z2yBLmk/8ADQ1XaP2Uo2YCLm5Hxy3HGkatzU68bayFFfMHtApDcH/onmpE6T baqzaoefUvMJtyq5nDaDbed5zjx8nd+oeJV5lxwOgJpzQk+FwG3jTVMbKG6AcyU0 kYDNjhhtl7UPcVvsdXigS5jpWazWG1jaNoh24gxzBfemNEb57ZLKrWtOHs2Sw/tl KNNwV9diEqlahXAiJCOBpExgY+k8RP78w/5sVnkm+Km1bX5UcfHUKLfDOELS7GgL 7/go4JTNrCqyRNU+IdS1uIFBq8IpCJm8 -----END CERTIFICATE-----Generated at Sat Aug 23 19:14:34 2025 by rpki-client