$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft File: XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft (raw, json) Hash identifier: xIvEfvjfsoSLWHkLOCs4DRcIV/YCqtZPm8UqOagm9BA= Subject key identifier: 2B:22:E2:F9:D7:3F:2B:05:E3:8D:C3:C2:5F:BD:49:08:74:53:00:DA Authority key identifier: 5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 Certificate issuer: /CN=A91E9F89/serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Certificate serial: 0895 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft Manifest number: 088E Signing time: Fri 22 Aug 2025 20:43:22 +0000 Manifest this update: Fri 22 Aug 2025 20:43:21 +0000 Manifest next update: Fri 29 Aug 2025 20:43:21 +0000 Files and hashes: 1: XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl (hash: 4YDpVLDY+fCEndRcqIldhbGqWaKEmRjQ8TEVG76bKYM=) 2: 05B67AF8C6A011EAA70D183FC4F9AE02.roa (hash: uyDMO7ckw/0z5jl/cntcgb/65TbIdBVdA1r68qbPTT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:43:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2197 (0x895) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9F89, serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Validity Not Before: Aug 22 20:43:21 2025 GMT Not After : Aug 29 20:43:21 2025 GMT Subject: CN=68a8d66a-becd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:82:8b:c3:d8:0a:d6:2b:62:dc:cf:9d:4c:19: bc:55:df:d7:c2:6b:cd:fb:56:c6:18:40:6d:81:1a: 1e:2a:93:28:a3:de:db:c9:21:32:8a:e2:40:3e:63: a4:cc:fa:1c:ce:90:da:b3:d7:75:40:83:7d:64:7f: a4:83:fe:f2:1f:83:f1:d9:20:ed:94:e5:6e:11:87: 7d:49:24:b5:8b:ac:76:4c:20:3f:50:58:0d:21:72: 30:bb:36:19:f2:1a:59:38:55:be:02:07:79:2b:8b: cf:3e:7e:20:2a:2f:81:d7:08:cf:80:c3:27:93:58: dd:69:ad:80:32:ad:cc:ea:7e:d2:a1:6c:8c:75:f1: 6b:03:dc:d2:75:b0:37:9a:e3:93:5c:99:f3:7d:2b: 31:87:b5:9b:b7:56:90:8e:c3:f9:8e:6d:5a:07:93: d6:12:cf:02:c8:c8:2a:7a:c2:4c:37:cb:c1:c9:00: 14:32:28:48:5a:72:4b:ba:e1:a6:d8:3d:e7:65:7e: 97:cf:fd:72:9a:e4:df:fc:0c:78:53:87:41:d4:ae: 40:46:bc:1b:ec:93:dc:dc:df:68:3f:9b:a0:bf:9f: fe:5c:e0:cc:76:95:e1:02:5c:f6:7c:05:d3:bd:01: 96:58:6a:6d:c4:60:39:82:0f:91:69:63:10:8d:b7: 72:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:22:E2:F9:D7:3F:2B:05:E3:8D:C3:C2:5F:BD:49:08:74:53:00:DA X509v3 Authority Key Identifier: keyid:5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:e1:1f:aa:fa:a0:0b:b4:b0:8a:5f:d1:58:12:75:6a:9b:27: 23:e1:2e:82:a7:c1:ac:ad:d6:65:af:c3:a9:00:f7:e3:f3:0a: a9:d7:60:aa:bd:8d:43:ad:ae:c4:5f:a3:fa:5f:67:91:bd:28: 7b:ee:3b:03:d2:1a:2a:b3:1c:4e:7b:90:50:fd:89:10:0c:6b: 38:dd:ce:3d:1b:a0:e4:4a:6d:c1:e0:9b:79:6a:c1:f2:be:65: 3c:fc:b7:ed:e9:a6:cd:97:04:53:8e:66:a4:85:5f:9e:e6:d8: 60:76:55:71:40:db:87:dc:fb:26:11:d6:0e:59:91:a1:aa:cf: 99:37:f8:1d:a2:06:db:f8:38:94:85:4d:06:69:ca:27:ff:86: 83:7d:58:2e:50:6a:07:f8:ac:00:81:95:2a:89:06:49:a5:db: 09:48:63:61:60:a7:25:2f:fb:8d:e7:7d:5f:0d:c0:c5:71:bb: 0d:58:44:bc:0e:ac:14:48:4d:14:ec:b0:4a:92:a4:de:a7:ca: 33:33:eb:77:4c:c6:c9:6b:1c:ab:a8:a0:5c:d3:a6:ee:2b:b0: bf:25:b7:39:b6:60:0b:a6:6f:48:b0:bf:65:b0:f7:fb:83:2d: e9:73:a0:55:6f:79:55:51:c4:79:2a:fa:22:e1:e6:c0:b0:4e: 0d:37:f4:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlGODkxMTAvBgNVBAUTKDVGMzA3RTYyNzRBQzM5RTU0RTk5ODY2REFCQjg1QzJD OUVGRDE2QjEwHhcNMjUwODIyMjA0MzIxWhcNMjUwODI5MjA0MzIxWjAYMRYwFAYD VQQDEw02OGE4ZDY2YS1iZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzYKLw9gK1iti3M+dTBm8Vd/XwmvN+1bGGEBtgRoeKpMoo97bySEyiuJAPmOk zPoczpDas9d1QIN9ZH+kg/7yH4Px2SDtlOVuEYd9SSS1i6x2TCA/UFgNIXIwuzYZ 8hpZOFW+Agd5K4vPPn4gKi+B1wjPgMMnk1jdaa2AMq3M6n7SoWyMdfFrA9zSdbA3 muOTXJnzfSsxh7Wbt1aQjsP5jm1aB5PWEs8CyMgqesJMN8vByQAUMihIWnJLuuGm 2D3nZX6Xz/1ymuTf/Ax4U4dB1K5ARrwb7JPc3N9oP5ugv5/+XODMdpXhAlz2fAXT vQGWWGptxGA5gg+RaWMQjbdyFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCsi4vnX PysF443Dwl+9SQh0UwDaMB8GA1UdIwQYMBaAFF8wfmJ0rDnlTpmGbau4XCye/Rax MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUY4OS81QkU3NDg3OEM2 OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09lVk9tWVp0cTdoY0xKNzlG ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h6Qi1ZblNzT2VWT21ZWnRxN2hjTEo3OUZyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUY4OS81QkU3NDg3OEM2OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09l Vk9tWVp0cTdoY0xKNzlGckUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCT4R+q+qALtLCKX9FYEnVqmycj4S6Cp8GsrdZlr8OpAPfj8wqp12Cq vY1Dra7EX6P6X2eRvSh77jsD0hoqsxxOe5BQ/YkQDGs43c49G6DkSm3B4Jt5asHy vmU8/Lft6abNlwRTjmakhV+e5thgdlVxQNuH3PsmEdYOWZGhqs+ZN/gdogbb+DiU hU0Gacon/4aDfVguUGoH+KwAgZUqiQZJpdsJSGNhYKclL/uN531fDcDFcbsNWES8 DqwUSE0U7LBKkqTep8ozM+t3TMbJaxyrqKBc06buK7C/Jbc5tmALpm9IsL9lsPf7 gy3pc6BVb3lVUcR5Kvoi4ebAsE4NN/SY -----END CERTIFICATE-----Generated at Sun Aug 24 00:46:16 2025 by rpki-client