$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: yKvmYk2CAh8P7i4XPz6hgfKj4F4NnsGWP1BdEMXD6cM= Subject key identifier: 6D:DB:4D:BD:53:C7:39:3C:90:D6:F3:84:D2:28:BC:3E:98:A3:5A:EF Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 14A5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 1491 Signing time: Fri 22 Aug 2025 17:01:57 +0000 Manifest this update: Fri 22 Aug 2025 17:01:57 +0000 Manifest next update: Fri 29 Aug 2025 17:01:56 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: UFOAM49NAdcaueYeMRgMxOjBV5Od2Y9fN/2YEMrnyJ4=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5285 (0x14a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Aug 22 17:01:57 2025 GMT Not After : Aug 29 17:01:56 2025 GMT Subject: CN=68a8a285-ef2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:08:4d:30:fc:e3:e6:65:6f:4c:b2:5f:02:5e: 53:63:5b:8f:11:b0:49:f4:3e:0f:d6:75:8b:86:1f: 98:fd:fb:34:28:bb:e8:17:cb:78:52:69:48:b8:0d: 9b:53:a9:7b:6a:1d:bf:cb:5f:f2:39:f6:3e:65:35: cc:6d:ab:de:d0:41:c4:8a:15:6d:51:04:18:c0:40: 6f:3a:99:ba:36:a2:d9:15:18:01:1e:14:c9:57:05: b1:a4:f0:8b:2f:f9:33:1c:fe:55:c2:34:de:d3:60: f8:83:b8:9c:c9:b5:9c:fd:20:a2:90:7d:8e:7f:2f: 96:9c:a5:19:42:cf:fe:99:d1:73:10:34:52:5e:b6: f6:82:0a:e7:ee:59:48:ba:c3:0b:36:1e:cc:86:bf: 46:75:bf:d9:f6:cd:10:b1:74:79:77:eb:2b:56:de: f2:c2:5c:a7:4e:6d:ad:9d:b7:ac:de:f4:2e:49:bb: 61:4c:a4:2b:6f:c4:6a:1a:a1:25:d0:dc:24:3c:c9: 80:64:e0:b9:2c:1e:c7:5d:b5:2d:9e:fa:58:5e:42: 8b:73:ab:3f:35:09:16:9a:1f:64:39:05:43:1e:ba: 1c:f4:24:92:c1:20:0b:3c:5a:3f:fd:4a:15:77:8f: 8f:da:42:f6:69:8c:5d:43:9f:92:47:89:cc:62:56: a8:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:DB:4D:BD:53:C7:39:3C:90:D6:F3:84:D2:28:BC:3E:98:A3:5A:EF X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:44:08:e4:35:e8:e4:52:21:a6:77:f9:3b:48:29:41:25:36: 54:b1:6e:b5:54:49:bc:24:b3:fa:17:a9:de:af:ad:2f:76:b8: d1:66:7e:6e:74:97:2b:a5:e2:bf:d2:6b:6d:ac:97:bc:b5:1f: d1:f3:f7:54:5f:cd:54:ed:af:e7:01:0a:71:88:dc:a3:36:4b: 44:8f:1a:c6:43:35:ba:00:92:54:44:b0:51:4f:a7:14:33:1f: 27:dc:57:d1:55:84:91:e9:90:60:f8:be:62:c8:5f:a4:1b:50: 1b:7f:12:c8:7c:4e:61:da:3d:1a:3a:da:a8:74:f1:fb:0f:29: 19:64:20:9a:5f:eb:bd:37:50:13:02:03:f1:88:ea:ae:bf:13: 73:2e:c4:24:1f:6b:9e:02:f1:a7:f2:2d:79:d6:03:42:33:d9: e7:39:71:b5:98:01:33:d1:c4:0f:67:bc:54:a0:4d:9c:58:c4: 03:f2:8e:18:ea:7c:2a:4d:be:29:e6:4e:57:4f:ef:16:2f:e4: 12:5c:06:e6:69:d3:0f:fa:58:ec:8c:dc:6d:5c:72:2d:d9:e7: e3:70:c6:69:f2:7d:5d:21:68:c4:94:6f:56:93:2e:00:7e:61: c9:7d:0b:c0:40:fc:a7:08:e0:63:0b:f9:7d:65:ee:e8:d4:3f: ba:57:1b:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUwODIyMTcwMTU3WhcNMjUwODI5MTcwMTU2WjAYMRYwFAYD VQQDEw02OGE4YTI4NS1lZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQhNMPzj5mVvTLJfAl5TY1uPEbBJ9D4P1nWLhh+Y/fs0KLvoF8t4UmlIuA2b U6l7ah2/y1/yOfY+ZTXMbave0EHEihVtUQQYwEBvOpm6NqLZFRgBHhTJVwWxpPCL L/kzHP5VwjTe02D4g7icybWc/SCikH2Ofy+WnKUZQs/+mdFzEDRSXrb2ggrn7llI usMLNh7Mhr9Gdb/Z9s0QsXR5d+srVt7ywlynTm2tnbes3vQuSbthTKQrb8RqGqEl 0NwkPMmAZOC5LB7HXbUtnvpYXkKLc6s/NQkWmh9kOQVDHroc9CSSwSALPFo//UoV d4+P2kL2aYxdQ5+SR4nMYlaoIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG3bTb1T xzk8kNbzhNIovD6Yo1rvMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLRAjkNejkUiGmd/k7SClBJTZUsW61VEm8JLP6F6ner60vdrjRZn5u dJcrpeK/0mttrJe8tR/R8/dUX81U7a/nAQpxiNyjNktEjxrGQzW6AJJURLBRT6cU Mx8n3FfRVYSR6ZBg+L5iyF+kG1AbfxLIfE5h2j0aOtqodPH7DykZZCCaX+u9N1AT AgPxiOquvxNzLsQkH2ueAvGn8i151gNCM9nnOXG1mAEz0cQPZ7xUoE2cWMQD8o4Y 6nwqTb4p5k5XT+8WL+QSXAbmadMP+ljsjNxtXHIt2efjcMZp8n1dIWjElG9Wky4A fmHJfQvAQPynCOBjC/l9Ze7o1D+6VxsX -----END CERTIFICATE-----Generated at Sat Aug 23 12:25:05 2025 by rpki-client