$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft File: n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft (raw, json) Hash identifier: eqdY58B4lfpuyVdBaiJnfGMX5VAtKdXowyiLh/DtL+I= Subject key identifier: C8:81:3A:E2:08:BE:9B:95:50:32:AE:D5:05:71:B4:C3:E3:49:C1:7E Authority key identifier: 9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 Certificate issuer: /CN=A91F8282/serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Certificate serial: 59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft Manifest number: 58 Signing time: Sat 23 Aug 2025 07:27:12 +0000 Manifest this update: Sat 23 Aug 2025 07:27:11 +0000 Manifest next update: Sat 30 Aug 2025 07:27:11 +0000 Files and hashes: 1: n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl (hash: Mpyq/K/7hJVKOevgxgPkdCAu63ZZbPT9MuUG/h45+Es=) 2: 05EBB6CEFEF811EFB0C52572C4F9AE02.roa (hash: hHpuvEEfCl4OhjB2zfY/eTXHBtooIatBX5e91JuXgS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:27:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 89 (0x59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8282, serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Validity Not Before: Aug 23 07:27:11 2025 GMT Not After : Aug 30 07:27:11 2025 GMT Subject: CN=68a96d4f-4b97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:cb:10:0f:33:64:3a:d4:e7:83:23:b1:a9:99: 72:74:97:0e:85:e0:57:29:1a:41:e1:38:99:6c:fc: ce:e7:00:e8:b9:a2:0f:ae:c1:b6:b6:ee:ef:2e:73: 3f:fc:4c:ca:77:ea:be:60:00:47:25:ff:91:e3:dd: ac:6f:b0:f8:89:58:76:2f:83:8c:63:eb:ff:07:aa: 4e:fc:0d:ce:fb:3e:ee:13:ca:c1:16:9c:2c:16:6b: 45:78:ef:bc:da:ff:6a:fc:d2:ed:2e:5e:77:65:9d: a3:77:aa:72:2f:3f:28:69:92:40:fe:be:cd:b8:10: 1c:99:e8:47:0e:53:af:6d:13:97:6c:24:a5:d8:5d: 7f:9a:8e:fb:20:d7:f6:9d:c2:47:0a:b5:f3:7e:8d: 40:83:25:b0:80:6c:6a:2d:1e:2f:e3:31:61:f8:ce: 34:77:2c:68:5e:58:a0:ef:ac:21:31:67:af:09:b5: ea:4a:8f:fe:b7:90:1b:7d:79:cd:88:ec:fe:f7:c4: 48:cb:d1:35:92:ed:b0:9c:69:13:2d:d9:3d:d2:c1: fb:01:f9:8e:56:6d:ab:7c:60:3e:5a:dd:3b:1a:e4: 2e:04:ca:14:9e:a8:53:36:16:17:2e:07:eb:ee:3a: f0:e8:20:83:83:02:38:c4:67:b6:bb:78:ab:f2:62: 48:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:81:3A:E2:08:BE:9B:95:50:32:AE:D5:05:71:B4:C3:E3:49:C1:7E X509v3 Authority Key Identifier: keyid:9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:01:67:a5:38:63:c7:ec:9e:56:8e:9d:9b:f0:f8:0c:8b:b4: 2c:5e:11:18:1c:8c:86:83:2d:05:e3:84:df:01:19:b5:6d:27: 0c:56:d3:db:2a:9b:58:d1:f9:44:eb:98:ca:7f:c4:f1:fe:ba: b6:fb:c9:95:13:5f:86:b0:d4:44:9e:f2:fb:4f:2f:2c:7f:30: cb:0a:62:f8:2c:71:dc:dc:bf:75:16:cb:0a:2e:a8:23:5e:bc: 58:f1:b7:17:5e:69:f5:5f:b9:25:6c:49:06:01:46:7d:90:d4: 82:c3:e9:8a:5c:26:32:8c:94:d7:3d:69:cf:c6:89:80:4b:34: 65:9c:e6:27:a6:d2:c6:ad:7f:42:1b:36:7e:85:fb:b4:18:8b: 1c:5a:d6:c8:9d:8d:6c:fd:81:50:1a:b5:9a:0e:93:29:ea:e3: 89:05:a0:d9:90:ab:90:58:bb:78:45:3a:fd:2c:5b:74:d1:37: a4:db:e8:7e:23:d4:d6:d8:62:41:12:b9:0f:55:f1:82:14:db: 0c:f6:c2:b5:f5:e8:d3:9d:2f:36:40:a0:d8:a1:dc:05:e7:1f: ff:c9:94:bc:e3:ee:88:e9:2d:f7:59:a9:aa:e4:af:79:18:01: cb:8c:5c:eb:36:e1:04:31:f1:3d:b6:47:00:92:09:48:38:ef: 57:86:fd:c9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODI4MjExMC8GA1UEBRMoOUY3QjQyRUYxOEQzNDJGREQ1NkE5RkRDNUYzRDgwMUUy RDJDMUFCNzAeFw0yNTA4MjMwNzI3MTFaFw0yNTA4MzAwNzI3MTFaMBgxFjAUBgNV BAMTDTY4YTk2ZDRmLTRiOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8yxAPM2Q61OeDI7GpmXJ0lw6F4FcpGkHhOJls/M7nAOi5og+uwba27u8ucz/8 TMp36r5gAEcl/5Hj3axvsPiJWHYvg4xj6/8Hqk78Dc77Pu4TysEWnCwWa0V477za /2r80u0uXndlnaN3qnIvPyhpkkD+vs24EByZ6EcOU69tE5dsJKXYXX+ajvsg1/ad wkcKtfN+jUCDJbCAbGotHi/jMWH4zjR3LGheWKDvrCExZ68JtepKj/63kBt9ec2I 7P73xEjL0TWS7bCcaRMt2T3SwfsB+Y5Wbat8YD5a3Tsa5C4EyhSeqFM2FhcuB+vu OvDoIIODAjjEZ7a7eKvyYkhnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyIE64gi+ m5VQMq7VBXG0w+NJwX4wHwYDVR0jBBgwFoAUn3tC7xjTQv3Vap/cXz2AHi0sGrcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MjgyLzA2MUFBQjUyRkJG RTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYzVmFwX2NYejJBSGkwc0dy Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbjN0Qzd4alRRdjNWYXBfY1h6MkFIaTBzR3JjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MjgyLzA2MUFBQjUyRkJGRTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYz VmFwX2NYejJBSGkwc0dyYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB0BZ6U4Y8fsnlaOnZvw+AyLtCxeERgcjIaDLQXjhN8BGbVtJwxW09sq m1jR+UTrmMp/xPH+urb7yZUTX4aw1ESe8vtPLyx/MMsKYvgscdzcv3UWywouqCNe vFjxtxdeafVfuSVsSQYBRn2Q1ILD6YpcJjKMlNc9ac/GiYBLNGWc5iem0satf0Ib Nn6F+7QYixxa1sidjWz9gVAatZoOkynq44kFoNmQq5BYu3hFOv0sW3TRN6Tb6H4j 1NbYYkESuQ9V8YIU2wz2wrX16NOdLzZAoNih3AXnH//JlLzj7ojpLfdZqarkr3kY AcuMXOs24QQx8T22RwCSCUg471eG/ck= -----END CERTIFICATE-----Generated at Sat Aug 23 22:34:15 2025 by rpki-client