$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: yRsG5kD1pjLInqDdsUOBUV0YwMM94oxkZdt32fOJ+Ho= Subject key identifier: 81:C5:59:E4:84:35:CA:44:9C:20:8D:41:3E:BE:07:9A:60:87:5C:82 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 97 Signing time: Sat 23 Aug 2025 06:38:32 +0000 Manifest this update: Sat 23 Aug 2025 06:38:32 +0000 Manifest next update: Sat 30 Aug 2025 06:38:32 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: KOVXdpA8tl6A6HYmhuxAprLR+4s37Wim2OXzKOJTOCU=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Aug 23 06:38:32 2025 GMT Not After : Aug 30 06:38:32 2025 GMT Subject: CN=68a961e8-b08b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:fa:80:45:92:e8:43:75:06:d2:a3:26:ec:30: b9:d9:74:5b:c1:da:dc:c0:e0:88:04:d5:b6:ac:20: 7f:db:0d:56:82:a0:87:fc:47:c4:1c:28:83:72:81: 85:84:7b:d3:61:ec:14:cf:f6:7a:34:d0:98:67:4d: e6:a3:b4:e0:5e:02:74:6f:a1:11:36:8b:5b:0d:89: 2b:cf:87:58:5c:3b:51:6e:1f:22:9a:7b:f3:3d:ef: f6:da:c7:b7:37:8f:d5:74:c2:1d:03:84:ea:37:67: ec:99:13:3c:2e:40:8b:02:90:d2:8a:03:81:7a:26: ae:cf:be:f0:32:42:b5:b6:96:5d:9f:1d:18:83:bf: b3:ac:dd:c7:48:d2:05:b6:75:d6:35:2a:db:44:15: 56:fd:72:a8:96:67:f4:da:b8:e9:af:fa:3f:b8:fe: c8:48:24:b4:2e:38:50:dd:7f:56:70:a9:55:33:99: 70:f5:a5:4b:7d:88:f7:31:c7:69:de:bc:89:f5:71: 9b:3f:4a:01:42:08:22:2e:c9:18:c7:b2:24:9b:98: 28:51:a1:4a:df:a5:b9:d0:0c:ca:87:8d:3b:73:87: 45:0d:9e:2e:db:d0:78:94:ad:37:66:4f:ee:69:19: e1:b2:d6:59:9b:17:bb:bd:84:e8:54:92:22:a0:27: 43:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:C5:59:E4:84:35:CA:44:9C:20:8D:41:3E:BE:07:9A:60:87:5C:82 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:6f:c4:c7:34:1a:09:68:05:c9:38:22:ca:ed:d2:7e:1a:51: c8:5e:f0:89:7d:b0:52:0a:89:a5:54:ff:1f:57:83:ce:43:1d: ee:9d:29:92:ec:d9:28:a3:aa:1c:49:49:af:f4:c2:32:5e:05: 85:e0:32:74:bc:49:00:f9:e1:8e:42:3a:19:f2:11:b5:8a:98: a3:8d:3a:a4:a4:2d:62:3e:78:83:b8:c1:2c:63:85:73:2b:2f: 9c:c6:56:ee:cd:e5:ed:92:02:12:2a:84:8f:84:f9:0f:1b:bc: aa:1b:f6:a7:60:f0:d7:4b:4e:de:92:e5:df:04:78:9a:8f:bd: 06:af:59:29:66:60:ec:a0:6e:1c:4d:19:72:d9:85:b7:74:59: cc:d9:c4:cb:24:dc:8d:89:88:09:56:a3:54:85:e9:00:5f:f3: 89:63:46:98:c6:f4:ff:3c:b8:b4:f1:62:29:82:14:ce:39:f6: 97:4c:9d:39:87:62:d1:30:16:9b:e3:89:41:a3:60:c1:6e:78: b5:02:b6:cb:97:95:bc:52:7b:8c:fc:6a:ed:14:72:02:83:9a: 38:4d:3d:b4:69:24:de:34:f5:bb:65:6c:f5:cc:c8:39:50:16: 46:06:4c:4a:87:c9:6c:33:cb:e5:ab:c7:54:56:61:45:b9:bb: 0f:77:d8:da -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUwODIzMDYzODMyWhcNMjUwODMwMDYzODMyWjAYMRYwFAYD VQQDEw02OGE5NjFlOC1iMDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8fqARZLoQ3UG0qMm7DC52XRbwdrcwOCIBNW2rCB/2w1WgqCH/EfEHCiDcoGF hHvTYewUz/Z6NNCYZ03mo7TgXgJ0b6ERNotbDYkrz4dYXDtRbh8imnvzPe/22se3 N4/VdMIdA4TqN2fsmRM8LkCLApDSigOBeiauz77wMkK1tpZdnx0Yg7+zrN3HSNIF tnXWNSrbRBVW/XKolmf02rjpr/o/uP7ISCS0LjhQ3X9WcKlVM5lw9aVLfYj3Mcdp 3ryJ9XGbP0oBQggiLskYx7Ikm5goUaFK36W50AzKh407c4dFDZ4u29B4lK03Zk/u aRnhstZZmxe7vYToVJIioCdDuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIHFWeSE NcpEnCCNQT6+B5pgh1yCMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIb8THNBoJaAXJOCLK7dJ+GlHIXvCJfbBSComlVP8fV4POQx3unSmS 7Nkoo6ocSUmv9MIyXgWF4DJ0vEkA+eGOQjoZ8hG1ipijjTqkpC1iPniDuMEsY4Vz Ky+cxlbuzeXtkgISKoSPhPkPG7yqG/anYPDXS07ekuXfBHiaj70Gr1kpZmDsoG4c TRly2YW3dFnM2cTLJNyNiYgJVqNUhekAX/OJY0aYxvT/PLi08WIpghTOOfaXTJ05 h2LRMBab44lBo2DBbni1ArbLl5W8UnuM/GrtFHICg5o4TT20aSTeNPW7ZWz1zMg5 UBZGBkxKh8lsM8vlq8dUVmFFubsPd9ja -----END CERTIFICATE-----Generated at Sat Aug 23 12:40:31 2025 by rpki-client