$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.mft File: 8ghPeg88CpH4Jf79nxA18zVBWEw.mft (raw, json) Hash identifier: Jh1YoXNBi1KUg3JTcg7M4Mr/u5k5IFchawSC7lTCx+U= Subject key identifier: 16:D3:3A:0D:29:96:DB:D8:01:BA:31:33:FA:0D:19:95:0D:5E:14:01 Authority key identifier: F2:08:4F:7A:0F:3C:0A:91:F8:25:FE:FD:9F:10:35:F3:35:41:58:4C Certificate issuer: /CN=A91EAEAF/serialNumber=F2084F7A0F3C0A91F825FEFD9F1035F33541584C Certificate serial: 0243 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ghPeg88CpH4Jf79nxA18zVBWEw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.mft Manifest number: 0240 Signing time: Sat 23 Aug 2025 02:05:23 +0000 Manifest this update: Sat 23 Aug 2025 02:05:22 +0000 Manifest next update: Sat 30 Aug 2025 02:05:22 +0000 Files and hashes: 1: 8ghPeg88CpH4Jf79nxA18zVBWEw.crl (hash: d/22Jd+VigEJSMeMJxxdJbdicp0CFX0SG2CrNMy4CK0=) 2: EF0EFF5833F511EDA5C4F37DC4F9AE02.roa (hash: LAWmMRc8daUtEB7NaiA0m2Tl41sqEulVfrA7do1Thps=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.crl rsync://rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ghPeg88CpH4Jf79nxA18zVBWEw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:05:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 579 (0x243) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAEAF, serialNumber=F2084F7A0F3C0A91F825FEFD9F1035F33541584C Validity Not Before: Aug 23 02:05:22 2025 GMT Not After : Aug 30 02:05:22 2025 GMT Subject: CN=68a921e3-7137 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:44:aa:dc:df:c2:55:34:69:6c:42:83:46:d6: 03:00:6d:3c:0f:e4:e6:d0:10:23:12:99:36:68:16: 2f:25:01:c3:c7:85:7d:4e:3b:aa:cc:54:1b:97:c0: 65:cb:f5:c7:ff:de:a3:1d:6f:1f:2d:6b:87:5f:c3: ec:cf:c7:d1:3c:4b:11:54:46:3f:2e:7e:4d:7c:9b: 72:6b:14:50:d7:45:e8:d2:b4:81:41:52:d9:89:a9: 3c:99:dc:3b:e3:5e:72:7d:1b:58:4e:3e:2e:cd:7c: 91:a5:ea:62:61:f5:72:96:72:d4:df:e8:84:1b:f4: 9c:8b:64:24:8b:0a:06:da:2d:3c:24:2b:10:04:46: 50:29:60:0d:47:45:cd:c9:b0:da:ad:37:fa:9e:68: 7d:46:18:33:3b:b1:9e:29:dc:74:c4:90:ef:6d:48: 42:a2:aa:e9:14:5f:cb:fc:42:d9:6c:56:ba:27:d2: b9:8d:65:ca:e7:45:e8:cd:27:26:78:39:3b:1a:19: 9d:18:6b:8e:9e:64:a5:cb:5a:22:4c:0a:38:26:9d: 56:15:1a:88:74:34:09:c6:cc:d7:43:b3:29:20:0f: ad:98:a2:c2:d9:2e:22:fa:3d:0f:c1:d5:42:f1:00: ee:d7:a4:eb:99:25:a4:95:1e:11:a4:27:cb:8c:30: 85:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:D3:3A:0D:29:96:DB:D8:01:BA:31:33:FA:0D:19:95:0D:5E:14:01 X509v3 Authority Key Identifier: keyid:F2:08:4F:7A:0F:3C:0A:91:F8:25:FE:FD:9F:10:35:F3:35:41:58:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ghPeg88CpH4Jf79nxA18zVBWEw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAEAF/BE3521B833F111EDB8361086C4F9AE02/8ghPeg88CpH4Jf79nxA18zVBWEw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:92:b0:09:ee:05:27:81:6c:ce:c1:7f:43:c3:a5:27:27:e2: fd:b4:3e:a4:b9:7c:c1:8a:c3:0b:96:48:8c:74:e8:13:d7:31: ed:d8:52:50:67:5d:80:81:ed:52:90:f0:1d:da:fb:f2:f5:b4: b1:98:30:76:a4:98:5f:46:98:46:3f:8c:5a:28:6f:a1:e5:61: 4a:76:10:b5:8f:c5:14:48:79:ce:f5:59:e5:8f:52:8c:cd:d7: 47:ef:73:88:24:20:c7:de:f9:3b:cd:3b:03:8c:52:66:0b:c4: a6:fe:da:64:9c:40:c6:fa:64:89:27:46:f5:99:2a:76:5a:fc: c3:7a:5e:be:a9:10:81:51:4c:45:6b:d1:20:df:7b:e1:c1:bb: 1e:6c:00:3d:70:6c:49:d5:59:6e:83:12:2b:89:77:16:63:8b: 18:04:d9:a7:60:b5:d5:7e:94:e0:d1:76:3c:80:12:36:31:81: 9c:87:4d:3c:01:bf:3f:00:22:c4:f1:78:54:ef:f3:6b:b9:1f: b0:5b:14:93:14:b3:bb:83:bd:5b:54:aa:69:5b:cf:e9:71:4a: f3:2e:f0:62:c6:7a:49:1d:e3:69:0c:ba:e7:12:2c:0d:42:e8: 71:1f:45:02:87:98:0b:95:bc:3c:1b:fa:03:3a:b7:82:f5:5f: a8:5e:d1:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFQUYxMTAvBgNVBAUTKEYyMDg0RjdBMEYzQzBBOTFGODI1RkVGRDlGMTAzNUYz MzU0MTU4NEMwHhcNMjUwODIzMDIwNTIyWhcNMjUwODMwMDIwNTIyWjAYMRYwFAYD VQQDEw02OGE5MjFlMy03MTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxESq3N/CVTRpbEKDRtYDAG08D+Tm0BAjEpk2aBYvJQHDx4V9TjuqzFQbl8Bl y/XH/96jHW8fLWuHX8Psz8fRPEsRVEY/Ln5NfJtyaxRQ10Xo0rSBQVLZiak8mdw7 415yfRtYTj4uzXyRpepiYfVylnLU3+iEG/Sci2QkiwoG2i08JCsQBEZQKWANR0XN ybDarTf6nmh9RhgzO7GeKdx0xJDvbUhCoqrpFF/L/ELZbFa6J9K5jWXK50XozScm eDk7GhmdGGuOnmSly1oiTAo4Jp1WFRqIdDQJxszXQ7MpIA+tmKLC2S4i+j0PwdVC 8QDu16TrmSWklR4RpCfLjDCFvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBbTOg0p ltvYAboxM/oNGZUNXhQBMB8GA1UdIwQYMBaAFPIIT3oPPAqR+CX+/Z8QNfM1QVhM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUVBRi9CRTM1MjFCODMz RjExMUVEQjgzNjEwODZDNEY5QUUwMi84Z2hQZWc4OENwSDRKZjc5bnhBMTh6VkJX RXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhnaFBlZzg4Q3BINEpmNzlueEExOHpWQldFdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUVBRi9CRTM1MjFCODMzRjExMUVEQjgzNjEwODZDNEY5QUUwMi84Z2hQZWc4OENw SDRKZjc5bnhBMTh6VkJXRXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBskrAJ7gUngWzOwX9Dw6UnJ+L9tD6kuXzBisMLlkiMdOgT1zHt2FJQ Z12Age1SkPAd2vvy9bSxmDB2pJhfRphGP4xaKG+h5WFKdhC1j8UUSHnO9Vnlj1KM zddH73OIJCDH3vk7zTsDjFJmC8Sm/tpknEDG+mSJJ0b1mSp2WvzDel6+qRCBUUxF a9Eg33vhwbsebAA9cGxJ1VlugxIriXcWY4sYBNmnYLXVfpTg0XY8gBI2MYGch008 Ab8/ACLE8XhU7/NruR+wWxSTFLO7g71bVKppW8/pcUrzLvBixnpJHeNpDLrnEiwN QuhxH0UCh5gLlbw8G/oDOreC9V+oXtFE -----END CERTIFICATE-----Generated at Sat Aug 23 17:01:57 2025 by rpki-client