$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: 7H76uSJoGSfsmZElcl+wM3fCGr/I6ukQ2uo3IgnIkMg= Subject key identifier: 6D:F7:C1:F0:B0:D0:D1:E9:90:56:96:92:1E:5D:41:EC:7D:24:2A:9C Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0FE1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0FAB Signing time: Fri 22 Aug 2025 17:38:39 +0000 Manifest this update: Fri 22 Aug 2025 17:38:39 +0000 Manifest next update: Fri 29 Aug 2025 17:38:39 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: +qpvqMvHyISAfdV4ZIiMr02l/TIgdwTYe24qgtlhobA=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: QtpDimKOHqXsxnqa4q87zCBuPpMrfxyNN2d7cp4WlrA=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: 6uU1bRzcclFeMC/RnwQZxh3s9UKuJJHVwL7cdGjMFOc=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: XWm8GaGIPPLP9AKtaT6KRszth65jZeSEF8vfSa7oAA0=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: PNhMIJG2WqhTSsHQs6Q3B5W+HPqAu/8Af4Ot4nkDDLQ=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: t18G/jUeuq8lptvTyxkqs2wnq4jb4g41EOSptQznrUs=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: Jk6V50ct0NhfCUNeq2rSB6SPY6PZ86y8Zd5FDESJ7kI=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: WNk4We2Ht/Om3rf3IbH7SVRsK901hQ7kL7sR1ONDJ8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:38:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4065 (0xfe1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: Aug 22 17:38:39 2025 GMT Not After : Aug 29 17:38:39 2025 GMT Subject: CN=68a8ab1f-9617 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:bb:57:16:02:05:14:06:b6:b1:46:36:94:17: 29:ef:26:d6:28:47:a0:7b:75:1c:e0:51:13:f3:cd: 7b:2b:33:1f:ea:67:28:4c:c5:52:66:70:c4:fd:d0: b2:76:c6:88:8e:32:dd:76:4e:40:52:1b:fb:6c:19: ee:c4:a0:69:e7:37:34:76:2a:bf:2e:8a:19:fa:9d: b4:03:cc:e7:0d:af:fe:70:fa:6b:c5:3d:13:0a:bd: 5e:ac:31:2d:ae:6f:d7:22:bc:76:32:a8:67:5c:f5: 12:2f:78:8a:a2:5e:98:23:7b:e2:9e:51:ea:c3:38: 79:01:eb:3e:66:ba:61:fa:05:37:a6:1a:0c:52:1f: 39:7b:9e:e5:5c:6e:0a:bc:b0:44:7d:08:a1:fe:71: b4:b3:b9:14:c9:33:58:35:5b:6b:ac:46:4f:13:22: 68:25:71:b9:fe:08:8b:49:83:9a:3a:85:be:9c:14: e1:e1:45:f6:ff:23:01:9c:e9:31:01:45:25:46:38: 49:dd:8c:cf:f6:0f:39:8b:0e:3b:b8:e0:de:63:89: 3e:47:41:f6:96:28:b7:2b:17:58:38:a4:50:0b:13: 51:a7:92:54:f8:13:a2:d2:89:4f:9c:4f:a5:79:25: f7:9c:f7:b8:2b:0a:f1:34:c9:41:3a:59:41:8b:55: 81:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:F7:C1:F0:B0:D0:D1:E9:90:56:96:92:1E:5D:41:EC:7D:24:2A:9C X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:cb:4f:3f:67:7c:50:92:a9:af:10:11:27:bb:28:05:d5:4b: fb:4f:43:ea:d4:4a:84:d9:af:8b:38:05:be:74:4c:76:34:3a: c0:52:04:2e:17:75:7d:5d:7b:9e:ca:e8:0c:eb:22:42:68:2d: 87:c8:f6:d7:60:d5:67:8d:c9:7b:7f:96:0a:d5:67:c5:19:73: c1:31:1b:5c:db:0c:11:b4:92:aa:98:d8:e2:10:e4:ef:7d:9c: 81:51:c0:0e:fa:e4:d7:13:f5:1b:22:09:60:b3:ca:52:73:a2: 53:a7:0f:39:5c:0e:a3:8b:59:d5:9b:a5:ba:f2:a6:30:84:54: cd:87:fa:ab:29:34:53:3e:76:1a:21:81:86:1c:df:6e:f8:2b: ba:bf:e6:ef:2a:8a:7d:cf:78:dd:97:ba:1a:ca:e0:41:2a:03: e2:a1:9e:70:aa:f9:91:56:b0:c7:8e:fa:08:a7:29:f6:20:f7: 47:5f:45:5b:26:4a:cd:d7:dc:99:bd:41:fd:d0:39:9b:3b:04: 8e:8a:3d:6c:39:29:6c:35:97:68:56:ac:0f:2c:91:09:ba:8d: 9b:d4:d4:3b:64:98:cc:bb:78:f6:83:35:58:f7:c3:b6:34:e7: 0b:13:cf:2e:f6:90:34:28:f8:0a:04:68:5f:cf:b9:04:92:aa: ae:16:f9:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwODIyMTczODM5WhcNMjUwODI5MTczODM5WjAYMRYwFAYD VQQDEw02OGE4YWIxZi05NjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA67tXFgIFFAa2sUY2lBcp7ybWKEege3Uc4FET8817KzMf6mcoTMVSZnDE/dCy dsaIjjLddk5AUhv7bBnuxKBp5zc0diq/LooZ+p20A8znDa/+cPprxT0TCr1erDEt rm/XIrx2MqhnXPUSL3iKol6YI3vinlHqwzh5Aes+Zrph+gU3phoMUh85e57lXG4K vLBEfQih/nG0s7kUyTNYNVtrrEZPEyJoJXG5/giLSYOaOoW+nBTh4UX2/yMBnOkx AUUlRjhJ3YzP9g85iw47uODeY4k+R0H2lii3KxdYOKRQCxNRp5JU+BOi0olPnE+l eSX3nPe4KwrxNMlBOllBi1WBUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG33wfCw 0NHpkFaWkh5dQex9JCqcMB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAty08/Z3xQkqmvEBEnuygF1Uv7T0Pq1EqE2a+LOAW+dEx2NDrAUgQu F3V9XXueyugM6yJCaC2HyPbXYNVnjcl7f5YK1WfFGXPBMRtc2wwRtJKqmNjiEOTv fZyBUcAO+uTXE/UbIglgs8pSc6JTpw85XA6ji1nVm6W68qYwhFTNh/qrKTRTPnYa IYGGHN9u+Cu6v+bvKop9z3jdl7oayuBBKgPioZ5wqvmRVrDHjvoIpyn2IPdHX0Vb JkrN19yZvUH90DmbOwSOij1sOSlsNZdoVqwPLJEJuo2b1NQ7ZJjMu3j2gzVY98O2 NOcLE88u9pA0KPgKBGhfz7kEkqquFvnw -----END CERTIFICATE-----Generated at Sat Aug 23 15:17:35 2025 by rpki-client