$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft File: -gfo6rqEcKil_kuhPnXZ5f6jOyc.mft (raw, json) Hash identifier: CIj0gtAyBeo8OmsF7rm6Dfd4P+8kXmoov+kRG9994EY= Subject key identifier: 5A:22:65:FC:7A:7E:CC:B6:76:35:95:13:D7:A3:7A:32:03:E6:E5:FB Authority key identifier: FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 Certificate issuer: /CN=A91F9FA2/serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Certificate serial: 09E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft Manifest number: 09DF Signing time: Fri 22 Aug 2025 20:03:57 +0000 Manifest this update: Fri 22 Aug 2025 20:03:56 +0000 Manifest next update: Fri 29 Aug 2025 20:03:56 +0000 Files and hashes: 1: -gfo6rqEcKil_kuhPnXZ5f6jOyc.crl (hash: FQ/SkWWfDos2I41kz05wLkHaxg6bs9re0GDfx6Vid+M=) 2: 0893031C846611EA9B99E043C4F9AE02.roa (hash: 3hay+KNg/2l74ymUeo3rJ7DbBbo6k73NfQvBnuqkfBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2535 (0x9e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9FA2, serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Validity Not Before: Aug 22 20:03:56 2025 GMT Not After : Aug 29 20:03:56 2025 GMT Subject: CN=68a8cd2d-0732 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:7d:57:63:64:ab:4b:ba:7d:92:23:e8:cf:a3: d0:fc:0b:bb:15:20:94:1d:44:f1:f4:16:17:c0:25: db:ec:23:dd:b9:b3:de:12:13:f9:95:91:2d:d3:c2: d9:de:67:50:cf:70:93:69:6c:03:5d:a0:a7:e0:bd: e4:a8:29:b2:26:f0:38:a8:92:5d:76:fe:66:63:c7: c0:0a:80:ce:14:2c:6b:d8:3d:be:3f:57:8f:04:e1: 8f:f6:ba:71:5c:4d:67:81:af:48:a4:f5:a1:fc:62: 04:ae:78:15:cb:56:86:8f:3a:77:88:ba:9f:15:93: 27:86:5d:da:cc:dc:1c:e7:f2:fa:fc:26:e4:1a:0c: 80:34:b9:ef:87:1a:72:58:d2:68:c3:fa:0d:37:3f: 90:b3:75:4b:b1:a7:af:3c:8e:ae:43:94:52:e3:3c: 6f:47:74:7d:e8:d5:9a:a2:48:b2:37:c8:ad:4b:25: 9d:71:b1:4b:76:7a:df:f8:93:29:29:ea:c5:44:30: f6:54:19:92:b3:6e:1e:f5:5e:39:c4:09:76:99:3f: 35:4c:6a:b5:f6:9c:79:c1:58:4c:55:13:1c:07:01: 60:a2:39:b7:1b:73:1b:c7:4b:b9:ba:eb:b8:de:68: 9e:45:b6:8f:96:d6:b9:05:71:a5:7a:b6:73:8b:7b: 59:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:22:65:FC:7A:7E:CC:B6:76:35:95:13:D7:A3:7A:32:03:E6:E5:FB X509v3 Authority Key Identifier: keyid:FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:2c:b6:2d:64:85:92:e5:87:99:2a:b2:be:46:01:55:a2:7e: d3:90:d7:19:72:cf:26:b0:18:50:06:b6:c3:eb:fb:69:54:78: fe:b3:9b:cc:66:cf:62:49:0b:53:8b:b4:06:c4:86:cc:a9:76: 48:49:54:c0:15:e7:44:e4:f1:6d:84:93:89:8e:2a:81:d3:75: 2f:c0:d5:49:e2:87:97:5d:86:94:7b:85:11:c7:52:41:55:c5: 63:20:76:cd:08:0b:3f:93:97:d9:c4:37:e5:e0:5b:78:9d:2f: b3:33:dc:ae:4b:d7:09:76:23:76:06:3e:14:ac:29:65:f9:cb: d3:bc:ac:d4:dc:ec:aa:37:6e:60:ca:ab:6f:25:86:d5:2e:ed: 04:61:47:19:6c:6b:c4:95:87:fc:8a:e0:05:71:07:b2:03:09: 51:12:1b:71:f0:67:90:22:bd:11:42:71:60:01:1d:e7:0d:98: 79:91:9b:68:ea:24:98:13:0e:bd:67:c3:61:0c:d5:ca:69:40: 11:16:67:3d:8a:5c:6d:20:b1:09:1a:5c:cd:71:df:50:75:b1: 60:55:e2:1f:4d:3e:d2:41:96:c6:2f:0b:a1:9b:dd:be:a4:7c: 24:a2:a0:89:1c:8c:70:40:88:20:98:f0:a2:27:15:ce:c4:c0: 45:b8:ef:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlGQTIxMTAvBgNVBAUTKEZBMDdFOEVBQkE4NDcwQThBNUZFNEJBMTNFNzVEOUU1 RkVBMzNCMjcwHhcNMjUwODIyMjAwMzU2WhcNMjUwODI5MjAwMzU2WjAYMRYwFAYD VQQDEw02OGE4Y2QyZC0wNzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAln1XY2SrS7p9kiPoz6PQ/Au7FSCUHUTx9BYXwCXb7CPdubPeEhP5lZEt08LZ 3mdQz3CTaWwDXaCn4L3kqCmyJvA4qJJddv5mY8fACoDOFCxr2D2+P1ePBOGP9rpx XE1nga9IpPWh/GIErngVy1aGjzp3iLqfFZMnhl3azNwc5/L6/CbkGgyANLnvhxpy WNJow/oNNz+Qs3VLsaevPI6uQ5RS4zxvR3R96NWaokiyN8itSyWdcbFLdnrf+JMp KerFRDD2VBmSs24e9V45xAl2mT81TGq19px5wVhMVRMcBwFgojm3G3Mbx0u5uuu4 3mieRbaPlta5BXGlerZzi3tZRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFoiZfx6 fsy2djWVE9ejejID5uX7MB8GA1UdIwQYMBaAFPoH6Oq6hHCopf5LoT512eX+ozsn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUZBMi8xQzg4QjAzQTg0 NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNLaWxfa3VoUG5YWjVmNmpP eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1nZm82cnFFY0tpbF9rdWhQblhaNWY2ak95Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUZBMi8xQzg4QjAzQTg0NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNL aWxfa3VoUG5YWjVmNmpPeWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDFLLYtZIWS5YeZKrK+RgFVon7TkNcZcs8msBhQBrbD6/tpVHj+s5vM Zs9iSQtTi7QGxIbMqXZISVTAFedE5PFthJOJjiqB03UvwNVJ4oeXXYaUe4URx1JB VcVjIHbNCAs/k5fZxDfl4Ft4nS+zM9yuS9cJdiN2Bj4UrCll+cvTvKzU3OyqN25g yqtvJYbVLu0EYUcZbGvElYf8iuAFcQeyAwlREhtx8GeQIr0RQnFgAR3nDZh5kZto 6iSYEw69Z8NhDNXKaUARFmc9ilxtILEJGlzNcd9QdbFgVeIfTT7SQZbGLwuhm92+ pHwkoqCJHIxwQIggmPCiJxXOxMBFuO9k -----END CERTIFICATE-----Generated at Sat Aug 23 20:43:09 2025 by rpki-client