$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft File: zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft (raw, json) Hash identifier: lSs5+ewg5nZUeNS0s0G8loxh/IaNBlFVLsKzX4HoJEI= Subject key identifier: 70:DB:3C:BA:CF:F0:EA:72:01:BA:56:4D:90:62:D3:17:30:D7:D0:5E Authority key identifier: CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49 Certificate issuer: /CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049 Certificate serial: 08F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft Manifest number: 08DF Signing time: Fri 22 Aug 2025 20:32:58 +0000 Manifest this update: Fri 22 Aug 2025 20:32:58 +0000 Manifest next update: Fri 29 Aug 2025 20:32:58 +0000 Files and hashes: 1: zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl (hash: EMJx7LDbLzWuJ9GzJSe8PfYtz4Gz/+EjRFsSCIVoTA4=) 2: 2BEC62FA5DA011EF8E541175C4F9AE02.roa (hash: gGLM1HQ1iS7fd20ceMBraz36fZdGiyHwpUVermAbtmg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:32:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2291 (0x8f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED8E0, serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049 Validity Not Before: Aug 22 20:32:58 2025 GMT Not After : Aug 29 20:32:58 2025 GMT Subject: CN=68a8d3fa-1a6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c9:1f:5d:2c:71:55:ef:9f:96:77:b7:2c:9a: 5f:69:dc:8a:02:42:b9:39:81:4a:0e:9a:30:7f:00: 6e:e5:b2:7e:d2:40:db:a2:d1:d1:cc:b8:10:e6:ed: 9b:fc:3b:da:e1:a8:2f:94:c3:da:bb:d1:9a:bd:e7: 7b:81:01:4d:6f:13:7e:e6:a0:9a:8d:08:07:bd:8e: 3d:77:a7:4e:b3:6b:cf:52:c2:11:a5:07:b6:22:01: 3c:2c:b0:4e:e8:e4:16:33:46:f5:e3:04:3a:27:c9: 9e:50:a3:02:97:ad:cd:9a:b5:04:e3:6a:59:d2:17: 35:5d:9a:7b:88:80:ff:6a:22:6c:df:10:c0:ce:d8: 89:9a:ee:1f:25:42:da:36:5e:79:f9:31:8c:29:a2: 50:2e:21:be:62:92:d1:31:94:ab:6a:c5:a3:ea:77: 44:51:56:1c:3c:d8:f2:4e:10:b4:be:4f:b0:ae:6c: 0b:32:ed:55:72:fa:87:6e:ea:70:fc:73:8c:24:cb: 52:d5:3e:58:9b:64:7c:35:21:f1:0c:1a:b8:73:df: 09:46:b1:b8:8c:20:63:8a:b6:b3:86:20:da:1c:3e: 39:72:db:d1:7e:1e:c9:0b:be:a7:31:97:39:43:7c: f2:8c:28:9b:1b:a9:36:79:5d:a9:84:26:5e:8c:bf: dd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:DB:3C:BA:CF:F0:EA:72:01:BA:56:4D:90:62:D3:17:30:D7:D0:5E X509v3 Authority Key Identifier: keyid:CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:3b:6b:22:a1:73:37:92:79:c4:46:df:75:8b:b2:cf:94:51: 58:d8:fc:36:83:9c:aa:18:11:b7:e4:41:01:94:75:db:dc:dc: ab:52:66:89:9e:64:6c:33:ab:9f:f1:de:52:df:3f:02:34:ca: f4:29:26:a9:a2:ef:7a:0e:ea:43:cf:ac:39:d2:66:52:08:d0: 64:88:89:cb:b9:e0:c6:6b:d8:99:a0:af:22:d0:50:c3:0c:ac: 3d:a6:eb:97:77:90:0b:19:14:64:ab:c8:40:f8:43:c5:a7:6b: 1e:cb:13:10:15:e8:f4:05:5b:d1:83:24:97:b3:51:cf:f9:c3: 93:66:e6:8e:c5:49:99:3c:38:2c:98:e1:51:a8:a0:a2:25:67: fc:f2:b9:eb:b8:f9:94:67:30:ba:3e:28:95:6c:a6:d2:c6:3c: 4b:e2:b9:90:47:15:15:1d:9d:1e:5f:42:20:fe:3c:d8:d7:7e: 0c:1a:5e:2d:a2:63:97:6d:e3:34:5e:31:64:c3:7a:1a:6a:bb: c1:4a:a5:36:66:a6:23:50:6a:e8:c8:5b:31:9e:97:5f:a0:f9: 5c:a6:32:4e:5c:ab:5e:00:0d:32:85:f5:8c:0b:1b:fc:e4:29: 4f:04:33:63:db:af:df:d1:a8:82:16:21:4a:17:20:9c:a5:7d: 92:ba:08:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ4RTAxMTAvBgNVBAUTKENDNTQxOUM4QTc4QkNENTNBRDE3MUM1Qjc0QTQwNzFE OTUzOTUwNDkwHhcNMjUwODIyMjAzMjU4WhcNMjUwODI5MjAzMjU4WjAYMRYwFAYD VQQDEw02OGE4ZDNmYS0xYTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8kfXSxxVe+flne3LJpfadyKAkK5OYFKDpowfwBu5bJ+0kDbotHRzLgQ5u2b /Dva4agvlMPau9Gaved7gQFNbxN+5qCajQgHvY49d6dOs2vPUsIRpQe2IgE8LLBO 6OQWM0b14wQ6J8meUKMCl63NmrUE42pZ0hc1XZp7iID/aiJs3xDAztiJmu4fJULa Nl55+TGMKaJQLiG+YpLRMZSrasWj6ndEUVYcPNjyThC0vk+wrmwLMu1VcvqHbupw /HOMJMtS1T5Ym2R8NSHxDBq4c98JRrG4jCBjirazhiDaHD45ctvRfh7JC76nMZc5 Q3zyjCibG6k2eV2phCZejL/dpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHDbPLrP 8OpyAbpWTZBi0xcw19BeMB8GA1UdIwQYMBaAFMxUGcini81TrRccW3SkBx2VOVBJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDhFMC9FRTJENTMyNkI5 NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpWT3RGeHhiZEtRSEhaVTVV RWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGUVp5S2VMelZPdEZ4eGJkS1FISFpVNVVFay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDhFMC9FRTJENTMyNkI5NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpW T3RGeHhiZEtRSEhaVTVVRWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3O2sioXM3knnERt91i7LPlFFY2Pw2g5yqGBG35EEBlHXb3NyrUmaJ nmRsM6uf8d5S3z8CNMr0KSapou96DupDz6w50mZSCNBkiInLueDGa9iZoK8i0FDD DKw9puuXd5ALGRRkq8hA+EPFp2seyxMQFej0BVvRgySXs1HP+cOTZuaOxUmZPDgs mOFRqKCiJWf88rnruPmUZzC6PiiVbKbSxjxL4rmQRxUVHZ0eX0Ig/jzY134MGl4t omOXbeM0XjFkw3oaarvBSqU2ZqYjUGroyFsxnpdfoPlcpjJOXKteAA0yhfWMCxv8 5ClPBDNj26/f0aiCFiFKFyCcpX2Sugjb -----END CERTIFICATE-----Generated at Sat Aug 23 19:40:33 2025 by rpki-client