$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.mft File: qEG9xa-p6aCpW4hUYRPKdF7pY7U.mft (raw, json) Hash identifier: zD4FN8NFc384BOZ4hq3R5BrOcjFxN5NikQbxjuNpSHQ= Subject key identifier: A9:40:56:95:F1:35:2E:A7:D8:C7:13:54:9E:9A:E2:7E:CA:5C:7E:EE Authority key identifier: A8:41:BD:C5:AF:A9:E9:A0:A9:5B:88:54:61:13:CA:74:5E:E9:63:B5 Certificate issuer: /CN=A91F5216/serialNumber=A841BDC5AFA9E9A0A95B88546113CA745EE963B5 Certificate serial: 020B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qEG9xa-p6aCpW4hUYRPKdF7pY7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.mft Manifest number: 0205 Signing time: Sat 23 Aug 2025 02:27:23 +0000 Manifest this update: Sat 23 Aug 2025 02:27:22 +0000 Manifest next update: Sat 30 Aug 2025 02:27:22 +0000 Files and hashes: 1: qEG9xa-p6aCpW4hUYRPKdF7pY7U.crl (hash: 7U2+jH+zdhlKWr2Q9qAJ68kRpiDGAaTZtL3f1WMpmlM=) 2: CDA9BB546E0C11ED8BF41547C4F9AE02.roa (hash: 5xUQVljU0BWWuc6LYolHHzG3Hqi8KmssX696YCKuce8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.crl rsync://rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qEG9xa-p6aCpW4hUYRPKdF7pY7U.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:27:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 523 (0x20b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5216, serialNumber=A841BDC5AFA9E9A0A95B88546113CA745EE963B5 Validity Not Before: Aug 23 02:27:22 2025 GMT Not After : Aug 30 02:27:22 2025 GMT Subject: CN=68a9270b-f471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ee:8f:12:e8:7e:7c:be:2d:bd:48:1d:b0:ce: a8:34:8e:ac:6a:bb:6f:c0:a5:03:54:a8:86:01:a0: ff:37:b7:a3:21:79:c0:87:28:9d:0a:1f:0f:fa:dd: 7a:75:06:13:3f:57:ff:a2:9f:46:44:aa:19:ee:7c: 71:97:5a:5e:4c:48:af:13:5c:1c:e5:03:24:62:3d: a4:50:44:ec:eb:67:e8:c6:e8:84:b5:35:ce:b1:77: ce:82:76:f8:c6:78:fd:37:6e:da:6c:95:bc:f4:45: 58:33:0b:16:7d:c0:eb:20:10:89:28:39:f2:47:f0: d2:14:0d:21:e5:27:28:c5:be:6f:84:62:a2:8e:d1: 9a:b4:83:ec:54:b1:02:5f:30:59:ea:54:ec:2b:54: 5b:21:57:38:2d:c6:35:3f:10:9e:bd:3b:56:10:22: 95:5a:b0:fa:58:b5:74:ce:a5:3f:fb:1a:a3:af:ed: d5:70:f8:8a:c8:cb:a5:f2:7e:a4:63:b9:58:aa:fa: 22:03:70:8f:d1:25:45:2f:da:2c:84:42:a5:8b:bc: 8c:8a:a9:dd:ac:b6:65:e7:54:fc:cf:43:78:03:05: f9:95:d0:41:23:ed:8e:cd:04:fc:b2:f1:08:98:e5: 4c:3a:77:3f:a0:40:ae:e8:b6:e7:8d:49:20:82:74: 5b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:40:56:95:F1:35:2E:A7:D8:C7:13:54:9E:9A:E2:7E:CA:5C:7E:EE X509v3 Authority Key Identifier: keyid:A8:41:BD:C5:AF:A9:E9:A0:A9:5B:88:54:61:13:CA:74:5E:E9:63:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qEG9xa-p6aCpW4hUYRPKdF7pY7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5216/5CD5E7306E0811EDBEED6284C4F9AE02/qEG9xa-p6aCpW4hUYRPKdF7pY7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:6d:df:1a:5e:a7:3e:5f:ea:9e:02:ec:37:fb:5b:c6:e5:64: 64:fd:e7:82:91:46:db:d9:0e:32:1b:f6:14:4d:cc:b8:9b:e6: 71:d9:ba:e0:08:a4:f7:4e:25:81:fa:5f:6f:00:19:f5:a3:52: 01:ac:bd:bc:06:c3:2c:b2:0f:47:43:ba:5b:31:7d:2e:21:2b: f8:c4:2c:a5:3d:6e:49:90:21:b5:24:1a:89:d8:85:47:95:cd: 74:81:49:32:8b:c2:91:ac:2f:8a:1f:56:0c:63:b5:c4:46:98: 8f:b5:c3:4f:9d:6c:6e:fa:4a:91:15:62:12:1e:78:3d:4f:79: b4:e9:b6:c8:1c:3e:eb:5f:10:57:d9:87:e6:a7:84:4a:91:84: b4:0f:95:1a:6e:52:7a:24:0a:38:77:b3:1a:16:60:e1:75:88: 0e:0b:1a:c4:ac:17:84:c0:9e:66:a7:27:7a:5d:21:ad:a3:ef: e6:ec:7b:31:be:81:fb:21:44:7a:91:bc:dc:8b:f2:b6:86:a1: dc:7f:38:1b:e1:3e:c5:e0:a0:9c:e2:ce:2b:85:17:32:91:66: 42:c7:41:4b:85:f6:b8:2a:89:ab:9b:26:28:e3:e4:cc:33:2c: 25:9f:9d:46:95:a6:6b:36:3d:5c:9a:10:5a:20:75:29:2d:e2: 29:40:cf:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjUyMTYxMTAvBgNVBAUTKEE4NDFCREM1QUZBOUU5QTBBOTVCODg1NDYxMTNDQTc0 NUVFOTYzQjUwHhcNMjUwODIzMDIyNzIyWhcNMjUwODMwMDIyNzIyWjAYMRYwFAYD VQQDEw02OGE5MjcwYi1mNDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqu6PEuh+fL4tvUgdsM6oNI6sartvwKUDVKiGAaD/N7ejIXnAhyidCh8P+t16 dQYTP1f/op9GRKoZ7nxxl1peTEivE1wc5QMkYj2kUETs62foxuiEtTXOsXfOgnb4 xnj9N27abJW89EVYMwsWfcDrIBCJKDnyR/DSFA0h5Scoxb5vhGKijtGatIPsVLEC XzBZ6lTsK1RbIVc4LcY1PxCevTtWECKVWrD6WLV0zqU/+xqjr+3VcPiKyMul8n6k Y7lYqvoiA3CP0SVFL9oshEKli7yMiqndrLZl51T8z0N4AwX5ldBBI+2OzQT8svEI mOVMOnc/oECu6LbnjUkggnRbjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKlAVpXx NS6n2McTVJ6a4n7KXH7uMB8GA1UdIwQYMBaAFKhBvcWvqemgqVuIVGETynRe6WO1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTIxNi81Q0Q1RTczMDZF MDgxMUVEQkVFRDYyODRDNEY5QUUwMi9xRUc5eGEtcDZhQ3BXNGhVWVJQS2RGN3BZ N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3FFRzl4YS1wNmFDcFc0aFVZUlBLZEY3cFk3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTIxNi81Q0Q1RTczMDZFMDgxMUVEQkVFRDYyODRDNEY5QUUwMi9xRUc5eGEtcDZh Q3BXNGhVWVJQS2RGN3BZN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVbd8aXqc+X+qeAuw3+1vG5WRk/eeCkUbb2Q4yG/YUTcy4m+Zx2brg CKT3TiWB+l9vABn1o1IBrL28BsMssg9HQ7pbMX0uISv4xCylPW5JkCG1JBqJ2IVH lc10gUkyi8KRrC+KH1YMY7XERpiPtcNPnWxu+kqRFWISHng9T3m06bbIHD7rXxBX 2Yfmp4RKkYS0D5UablJ6JAo4d7MaFmDhdYgOCxrErBeEwJ5mpyd6XSGto+/m7Hsx voH7IUR6kbzci/K2hqHcfzgb4T7F4KCc4s4rhRcykWZCx0FLhfa4KomrmyYo4+TM Mywln51GlaZrNj1cmhBaIHUpLeIpQM/X -----END CERTIFICATE-----Generated at Sat Aug 23 15:35:36 2025 by rpki-client