$ rpki-client -vvf rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.mft File: XUXapVj_ZfZmNblniAm4rPBAc9I.mft (raw, json) Hash identifier: WFhXpH+iv6gIf3y81fUTOozwoupByFJzAuK8izVcabY= Subject key identifier: 33:49:9F:A8:51:EF:C0:C1:E1:2A:85:FC:CF:DD:8F:31:E3:FA:49:77 Authority key identifier: 5D:45:DA:A5:58:FF:65:F6:66:35:B9:67:88:09:B8:AC:F0:40:73:D2 Certificate issuer: /CN=A91F52FD/serialNumber=5D45DAA558FF65F66635B9678809B8ACF04073D2 Certificate serial: 060D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUXapVj_ZfZmNblniAm4rPBAc9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.mft Manifest number: 0604 Signing time: Fri 22 Aug 2025 23:04:33 +0000 Manifest this update: Fri 22 Aug 2025 23:04:33 +0000 Manifest next update: Fri 29 Aug 2025 23:04:33 +0000 Files and hashes: 1: XUXapVj_ZfZmNblniAm4rPBAc9I.crl (hash: GQmEbqb/bypocRY672ul6IutLZ6xyPxED9f2A+ZTzk0=) 2: 48459AB0BACF11EBAA321370C4F9AE02.roa (hash: pnHmUa0U0xz9JsAjeRh4Irw7X+bt9zrhkQQo7Oiu4oA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.crl rsync://rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUXapVj_ZfZmNblniAm4rPBAc9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:04:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1549 (0x60d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F52FD, serialNumber=5D45DAA558FF65F66635B9678809B8ACF04073D2 Validity Not Before: Aug 22 23:04:33 2025 GMT Not After : Aug 29 23:04:33 2025 GMT Subject: CN=68a8f781-f2c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c9:32:15:cf:cc:b5:f2:0e:2a:6e:ee:ca:33: 53:98:85:43:98:e9:05:88:90:f6:bc:75:08:ef:6d: 69:75:53:96:d5:e6:8f:d4:d9:8f:92:8e:ae:a9:8a: b1:5a:26:9a:b3:5e:ea:7b:f4:a5:d1:27:14:c9:86: c1:0d:d0:af:09:b4:72:5a:42:bc:2f:45:7c:d6:cc: b9:1b:52:0a:36:f7:31:c4:28:ea:54:64:97:b1:21: c2:33:e0:90:cb:c3:bc:40:03:b8:c7:36:28:44:36: 2a:91:7a:65:5c:a6:fa:87:97:9f:66:f5:c4:bc:b0: ef:ed:c5:0b:37:f9:b2:5f:db:06:3e:d0:b1:96:3f: f6:61:b9:d1:47:9a:cb:30:99:48:2f:f6:71:f4:14: 2a:07:b1:97:86:47:a7:b5:74:50:bf:00:b0:9e:b3: 0b:76:24:9c:b7:9c:3d:1c:44:ee:97:bb:e5:9c:ba: c9:e8:02:a2:d5:d8:a5:62:27:9f:f7:15:6f:94:b8: 52:14:9e:a6:ba:a6:65:d8:3d:c8:b5:81:ee:7e:a8: 22:5b:f3:e9:91:b0:c9:06:aa:e5:e5:b6:f9:61:07: 8e:e4:6c:d7:9f:59:5d:c9:61:5e:cd:92:80:8b:3a: b8:ad:1f:b1:07:83:76:41:56:78:20:78:c7:aa:28: 26:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:49:9F:A8:51:EF:C0:C1:E1:2A:85:FC:CF:DD:8F:31:E3:FA:49:77 X509v3 Authority Key Identifier: keyid:5D:45:DA:A5:58:FF:65:F6:66:35:B9:67:88:09:B8:AC:F0:40:73:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUXapVj_ZfZmNblniAm4rPBAc9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F52FD/625F0F0ABACD11EBAA23976DC4F9AE02/XUXapVj_ZfZmNblniAm4rPBAc9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:b7:37:7f:0c:a8:47:8e:59:85:52:60:b2:a0:32:8b:f1:1d: 83:37:d8:c1:53:44:3e:04:ac:61:72:81:8a:68:fc:e4:66:35: 40:eb:7f:10:d2:d8:99:aa:63:31:6f:63:68:d9:d6:4b:b6:aa: a4:e2:01:47:29:8a:5f:20:05:7a:54:1b:14:02:98:27:05:53: b9:40:43:7e:6d:39:f9:8d:f9:5c:5d:03:b7:30:f0:51:97:e6: 26:35:06:25:51:17:cf:1b:ac:3e:5c:d4:b7:07:2e:14:a5:53: 9d:0c:2d:9e:62:ef:41:76:f9:02:58:21:d9:80:1b:1a:e4:d5: ae:d9:a7:22:a4:d1:11:cf:b8:7f:ed:e4:89:1f:a4:eb:de:09: e5:26:b7:8c:78:b3:c5:cc:21:a0:8b:9e:4e:d5:c4:5e:cf:dc: ce:3c:ec:32:75:ff:04:fe:67:d7:88:1b:19:4c:a3:2a:65:46: c5:3b:9f:75:53:c4:1e:6e:05:d3:ee:bf:29:f3:70:a5:bd:b8: 9b:39:79:d4:3d:c3:a2:ad:eb:86:71:fe:7f:df:63:f2:63:d2: 3b:91:5c:bb:d7:3e:6b:56:41:43:14:33:0f:ff:be:b3:47:8a: 3c:25:19:ac:02:a7:bc:80:9d:c8:34:0b:73:5d:d5:17:00:ae: 31:ef:c2:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjUyRkQxMTAvBgNVBAUTKDVENDVEQUE1NThGRjY1RjY2NjM1Qjk2Nzg4MDlCOEFD RjA0MDczRDIwHhcNMjUwODIyMjMwNDMzWhcNMjUwODI5MjMwNDMzWjAYMRYwFAYD VQQDEw02OGE4Zjc4MS1mMmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA28kyFc/MtfIOKm7uyjNTmIVDmOkFiJD2vHUI721pdVOW1eaP1NmPko6uqYqx Wiaas17qe/Sl0ScUyYbBDdCvCbRyWkK8L0V81sy5G1IKNvcxxCjqVGSXsSHCM+CQ y8O8QAO4xzYoRDYqkXplXKb6h5efZvXEvLDv7cULN/myX9sGPtCxlj/2YbnRR5rL MJlIL/Zx9BQqB7GXhkentXRQvwCwnrMLdiSct5w9HETul7vlnLrJ6AKi1dilYief 9xVvlLhSFJ6muqZl2D3ItYHufqgiW/PpkbDJBqrl5bb5YQeO5GzXn1ldyWFezZKA izq4rR+xB4N2QVZ4IHjHqigmQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDNJn6hR 78DB4SqF/M/djzHj+kl3MB8GA1UdIwQYMBaAFF1F2qVY/2X2ZjW5Z4gJuKzwQHPS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTJGRC82MjVGMEYwQUJB Q0QxMUVCQUEyMzk3NkRDNEY5QUUwMi9YVVhhcFZqX1pmWm1OYmxuaUFtNHJQQkFj OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hVWGFwVmpfWmZabU5ibG5pQW00clBCQWM5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTJGRC82MjVGMEYwQUJBQ0QxMUVCQUEyMzk3NkRDNEY5QUUwMi9YVVhhcFZqX1pm Wm1OYmxuaUFtNHJQQkFjOUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbtzd/DKhHjlmFUmCyoDKL8R2DN9jBU0Q+BKxhcoGKaPzkZjVA638Q 0tiZqmMxb2No2dZLtqqk4gFHKYpfIAV6VBsUApgnBVO5QEN+bTn5jflcXQO3MPBR l+YmNQYlURfPG6w+XNS3By4UpVOdDC2eYu9BdvkCWCHZgBsa5NWu2acipNERz7h/ 7eSJH6Tr3gnlJreMeLPFzCGgi55O1cRez9zOPOwydf8E/mfXiBsZTKMqZUbFO591 U8QebgXT7r8p83ClvbibOXnUPcOireuGcf5/32PyY9I7kVy71z5rVkFDFDMP/76z R4o8JRmsAqe8gJ3INAtzXdUXAK4x78IB -----END CERTIFICATE-----Generated at Sat Aug 23 16:43:18 2025 by rpki-client