$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft File: 1xhrKGW4YA1mKCKv65AVcAbg9BA.mft (raw, json) Hash identifier: AdjIcbk31GBst6eurx0prhEceU5BpzcW/H60xyoun18= Subject key identifier: 3B:6A:7C:59:72:8B:B0:A0:7D:28:63:1B:39:52:98:F8:52:56:D5:E9 Authority key identifier: D7:18:6B:28:65:B8:60:0D:66:28:22:AF:EB:90:15:70:06:E0:F4:10 Certificate issuer: /CN=A91F428C/serialNumber=D7186B2865B8600D662822AFEB90157006E0F410 Certificate serial: 34BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft Manifest number: 34B5 Signing time: Fri 22 Aug 2025 15:05:37 +0000 Manifest this update: Fri 22 Aug 2025 15:05:37 +0000 Manifest next update: Fri 29 Aug 2025 15:05:37 +0000 Files and hashes: 1: 1xhrKGW4YA1mKCKv65AVcAbg9BA.crl (hash: lyAezKOfMwTEeJEi5PNNTRQ4l2yXyufRwglh+dcEhTE=) 2: B8201598BED111EC93B74C4FC4F9AE02.roa (hash: JdQUVUw03f+72nj/VMFdFXWPwrE8S++NWd90s/zu6jk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.crl rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:05:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13498 (0x34ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F428C, serialNumber=D7186B2865B8600D662822AFEB90157006E0F410 Validity Not Before: Aug 22 15:05:37 2025 GMT Not After : Aug 29 15:05:37 2025 GMT Subject: CN=68a88741-83d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:31:af:f5:09:91:8d:04:c3:96:61:ba:f8:2d: 2a:c4:46:d9:db:1b:34:f4:c8:74:5e:9c:41:20:4f: b5:97:3e:a0:b2:5c:4d:49:f1:ae:a7:6f:f2:b8:45: 81:2a:80:0e:c2:7e:0b:4e:1c:26:16:03:75:5a:ea: 8c:a7:c9:ab:ce:3b:f5:b8:16:0f:ec:0b:40:43:84: 90:dd:2e:60:9c:61:c9:85:2d:4f:89:b3:a4:eb:a0: ba:c0:39:7f:a3:82:5f:04:1a:46:aa:25:15:bf:80: 4a:75:ee:3b:77:93:a8:e6:a3:6d:03:43:0f:48:b4: bf:1e:d0:42:0e:52:66:49:ed:f1:0b:11:1c:6e:88: 3a:31:e4:78:60:57:b4:09:27:3e:96:31:cc:2f:37: ad:55:c5:4d:ca:8b:ef:bb:44:25:3f:ce:0a:ef:57: 08:83:ec:05:60:41:86:5f:0a:8e:53:42:4c:ef:21: 81:64:83:9f:a2:dd:be:91:92:0d:ae:92:0c:fd:f4: ce:35:0d:ef:5f:cf:d3:f2:6e:70:46:6a:e5:1c:a0: c2:38:02:95:b8:e8:46:4e:d8:53:83:1f:71:a1:47: 0a:6f:c8:a2:aa:b0:a5:6b:79:32:ab:70:4b:26:bd: 69:8e:84:a6:8e:63:79:21:c1:c1:74:da:3b:17:2e: c3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:6A:7C:59:72:8B:B0:A0:7D:28:63:1B:39:52:98:F8:52:56:D5:E9 X509v3 Authority Key Identifier: keyid:D7:18:6B:28:65:B8:60:0D:66:28:22:AF:EB:90:15:70:06:E0:F4:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1xhrKGW4YA1mKCKv65AVcAbg9BA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/52FCC6481DA011E2B6D8709108B02CD2/1xhrKGW4YA1mKCKv65AVcAbg9BA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:2c:82:f5:22:ef:2f:07:80:34:d6:07:c9:50:93:f3:a7:5e: a4:43:f3:e9:79:9b:a4:8a:17:e6:6b:dc:e0:7f:a4:29:95:6f: df:ff:82:89:8c:00:d6:5f:66:fc:77:a6:22:dc:c4:11:21:1d: e4:fc:06:3d:ba:d3:b6:c5:58:b7:7a:c7:e3:c4:3d:6e:21:8c: c1:93:09:d0:e6:b8:2a:42:fd:6f:27:ce:15:e3:22:43:b1:02: 48:54:01:aa:c7:7b:2f:0a:19:69:42:92:7b:44:22:e2:08:3f: 3d:b2:0a:3f:52:91:06:1e:f5:3d:13:80:b3:36:a8:df:3e:47: 04:43:71:00:87:ae:a6:e4:cc:cb:dd:45:d0:ff:f8:3b:17:7d: ca:4c:1b:a0:90:06:7f:ef:9f:31:f1:51:00:e1:40:f0:b0:1c: 9c:31:d8:22:de:03:83:5b:13:12:c4:19:ca:37:a6:c5:42:29: 6e:72:89:cc:cc:d0:90:12:02:fa:71:19:34:02:d2:2e:b9:63: ad:fa:85:36:6c:25:62:85:32:b8:e0:e0:cd:e1:60:2a:75:96: b2:96:3a:17:b2:84:76:a8:07:cf:57:7a:69:1b:a9:3b:1f:f4: b4:11:33:72:79:6a:f8:85:79:a1:39:52:bd:64:e4:73:f2:13: 4c:bb:0c:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOEMxMTAvBgNVBAUTKEQ3MTg2QjI4NjVCODYwMEQ2NjI4MjJBRkVCOTAxNTcw MDZFMEY0MTAwHhcNMjUwODIyMTUwNTM3WhcNMjUwODI5MTUwNTM3WjAYMRYwFAYD VQQDEw02OGE4ODc0MS04M2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6jGv9QmRjQTDlmG6+C0qxEbZ2xs09Mh0XpxBIE+1lz6gslxNSfGup2/yuEWB KoAOwn4LThwmFgN1WuqMp8mrzjv1uBYP7AtAQ4SQ3S5gnGHJhS1PibOk66C6wDl/ o4JfBBpGqiUVv4BKde47d5Oo5qNtA0MPSLS/HtBCDlJmSe3xCxEcbog6MeR4YFe0 CSc+ljHMLzetVcVNyovvu0QlP84K71cIg+wFYEGGXwqOU0JM7yGBZIOfot2+kZIN rpIM/fTONQ3vX8/T8m5wRmrlHKDCOAKVuOhGTthTgx9xoUcKb8iiqrCla3kyq3BL Jr1pjoSmjmN5IcHBdNo7Fy7D0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDtqfFly i7CgfShjGzlSmPhSVtXpMB8GA1UdIwQYMBaAFNcYayhluGANZigir+uQFXAG4PQQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy81MkZDQzY0ODFE QTAxMUUyQjZEODcwOTEwOEIwMkNEMi8xeGhyS0dXNFlBMW1LQ0t2NjVBVmNBYmc5 QkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzF4aHJLR1c0WUExbUtDS3Y2NUFWY0FiZzlCQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDI4Qy81MkZDQzY0ODFEQTAxMUUyQjZEODcwOTEwOEIwMkNEMi8xeGhyS0dXNFlB MW1LQ0t2NjVBVmNBYmc5QkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+LIL1Iu8vB4A01gfJUJPzp16kQ/PpeZukihfma9zgf6QplW/f/4KJ jADWX2b8d6Yi3MQRIR3k/AY9utO2xVi3esfjxD1uIYzBkwnQ5rgqQv1vJ84V4yJD sQJIVAGqx3svChlpQpJ7RCLiCD89sgo/UpEGHvU9E4CzNqjfPkcEQ3EAh66m5MzL 3UXQ//g7F33KTBugkAZ/758x8VEA4UDwsBycMdgi3gODWxMSxBnKN6bFQiluconM zNCQEgL6cRk0AtIuuWOt+oU2bCVihTK44ODN4WAqdZayljoXsoR2qAfPV3ppG6k7 H/S0ETNyeWr4hXmhOVK9ZORz8hNMuwwl -----END CERTIFICATE-----Generated at Sat Aug 23 16:14:40 2025 by rpki-client