$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.mft File: suiO3TYbzGGUyX9oxHJRgP8C9yQ.mft (raw, json) Hash identifier: Ajutg0ZsmLILvZ7LQIDT4hvU8Ssnnq4r+kaGCtv4RWU= Subject key identifier: DA:97:DD:AD:2E:E1:33:28:E0:0E:F5:F9:CC:F0:68:F1:03:00:7E:87 Authority key identifier: B2:E8:8E:DD:36:1B:CC:61:94:C9:7F:68:C4:72:51:80:FF:02:F7:24 Certificate issuer: /CN=A91FA69F/serialNumber=B2E88EDD361BCC6194C97F68C4725180FF02F724 Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/suiO3TYbzGGUyX9oxHJRgP8C9yQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.mft Manifest number: DA Signing time: Sat 23 Aug 2025 05:41:21 +0000 Manifest this update: Sat 23 Aug 2025 05:41:21 +0000 Manifest next update: Sat 30 Aug 2025 05:41:21 +0000 Files and hashes: 1: suiO3TYbzGGUyX9oxHJRgP8C9yQ.crl (hash: ra0mPBH9A/JpQ5G7nTEMsjCq9BHlj3kjcR3rfhz4MvY=) 2: 0D38E31833A411EF82E92524C4F9AE02.roa (hash: EPqvpxlJgwQtY4nw1cFwMuEYfLLzI7V4J9A9JpW8gvM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.crl rsync://rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/suiO3TYbzGGUyX9oxHJRgP8C9yQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:41:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA69F, serialNumber=B2E88EDD361BCC6194C97F68C4725180FF02F724 Validity Not Before: Aug 23 05:41:21 2025 GMT Not After : Aug 30 05:41:21 2025 GMT Subject: CN=68a95481-ca69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:cf:8f:d9:61:b8:ae:52:b2:4f:e1:e6:30:b1: 93:75:88:ec:ed:c8:83:3e:33:5b:50:46:98:13:a6: 82:b5:d1:f2:ef:10:1b:7c:e8:db:7a:e0:db:6a:56: c7:6e:78:4a:58:80:90:5b:36:5f:14:84:fb:88:c2: 9b:98:59:80:3c:7d:de:68:6e:f7:e9:e1:47:bf:0d: d6:27:1c:03:85:90:52:91:04:07:d1:47:39:5d:fd: 6d:26:c8:be:2c:48:14:3c:4a:4a:5c:26:ff:52:91: a4:ea:ac:92:e1:70:e7:d0:26:0b:c4:18:b4:26:63: 4f:46:0c:7d:01:54:a7:ff:02:dd:c0:f8:bd:44:8d: 82:bf:4d:55:57:ea:77:08:94:b3:3b:d3:3e:49:df: a5:d9:51:17:81:86:63:e9:5a:6a:62:27:cd:b9:cf: 5d:6a:bb:ef:67:13:82:6e:53:e5:06:80:86:56:d1: de:f0:0d:27:a0:6a:b0:ee:98:27:84:3a:bc:09:1f: 12:f0:03:a5:00:ff:bd:52:3f:25:c3:40:d9:b5:bb: 1b:bb:f6:3b:e9:23:70:18:44:be:8c:a2:34:95:2a: ed:15:4b:e6:84:72:ce:ff:2d:2a:09:ed:95:b9:aa: f8:5e:d8:59:12:6a:d4:8a:e0:e1:b1:8e:91:be:fb: 14:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:97:DD:AD:2E:E1:33:28:E0:0E:F5:F9:CC:F0:68:F1:03:00:7E:87 X509v3 Authority Key Identifier: keyid:B2:E8:8E:DD:36:1B:CC:61:94:C9:7F:68:C4:72:51:80:FF:02:F7:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/suiO3TYbzGGUyX9oxHJRgP8C9yQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA69F/BD859F9633A311EFA5B49B23C4F9AE02/suiO3TYbzGGUyX9oxHJRgP8C9yQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:e3:d9:f8:66:93:7e:21:09:af:41:b3:b2:b5:4c:b5:4b:80: 20:13:86:d3:07:ec:0b:0b:5c:6a:ac:48:76:78:3b:51:7e:c1: b1:0f:5b:cc:30:f2:11:61:82:c8:3a:25:4c:6e:56:4f:1d:80: f6:57:30:c1:d7:02:c6:8b:10:85:ec:b1:78:e6:5d:ff:6f:c9: d4:0e:cb:cc:f0:4d:38:e0:d6:f4:28:1e:60:e4:87:29:8a:a4: 4a:5f:31:4e:b4:3e:ba:9c:5d:33:82:fd:75:81:1e:8e:65:05: f1:f5:8a:9c:16:45:7f:d8:cc:6a:f1:82:f1:df:b2:fd:6b:3b: 13:07:f1:a0:41:f8:8c:88:31:a6:6c:c6:de:69:03:b5:2e:af: e5:9f:55:15:27:f7:56:61:de:90:38:e2:b4:c8:aa:05:3d:b7: a3:ed:e4:1a:e3:de:51:9c:30:7d:c9:3b:2f:1a:3d:c9:6f:80: eb:67:b8:3c:f5:52:70:41:2d:f3:0e:81:41:de:ed:26:d9:4d: 00:c4:2d:eb:92:94:78:34:51:b2:0f:0e:e4:59:19:44:0e:9d: 15:e0:98:77:d1:8f:37:70:a0:c2:87:72:e4:fd:7e:23:1e:4a: dd:d8:9d:0b:9e:99:fd:56:bf:1d:e9:ea:22:5a:e1:ce:74:b2: 12:e8:4b:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE2OUYxMTAvBgNVBAUTKEIyRTg4RUREMzYxQkNDNjE5NEM5N0Y2OEM0NzI1MTgw RkYwMkY3MjQwHhcNMjUwODIzMDU0MTIxWhcNMjUwODMwMDU0MTIxWjAYMRYwFAYD VQQDEw02OGE5NTQ4MS1jYTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtM+P2WG4rlKyT+HmMLGTdYjs7ciDPjNbUEaYE6aCtdHy7xAbfOjbeuDbalbH bnhKWICQWzZfFIT7iMKbmFmAPH3eaG736eFHvw3WJxwDhZBSkQQH0Uc5Xf1tJsi+ LEgUPEpKXCb/UpGk6qyS4XDn0CYLxBi0JmNPRgx9AVSn/wLdwPi9RI2Cv01VV+p3 CJSzO9M+Sd+l2VEXgYZj6VpqYifNuc9darvvZxOCblPlBoCGVtHe8A0noGqw7pgn hDq8CR8S8AOlAP+9Uj8lw0DZtbsbu/Y76SNwGES+jKI0lSrtFUvmhHLO/y0qCe2V uar4XthZEmrUiuDhsY6RvvsUZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNqX3a0u 4TMo4A71+czwaPEDAH6HMB8GA1UdIwQYMBaAFLLojt02G8xhlMl/aMRyUYD/Avck MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTY5Ri9CRDg1OUY5NjMz QTMxMUVGQTVCNDlCMjNDNEY5QUUwMi9zdWlPM1RZYnpHR1V5WDlveEhKUmdQOEM5 eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3N1aU8zVFliekdHVXlYOW94SEpSZ1A4Qzl5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTY5Ri9CRDg1OUY5NjMzQTMxMUVGQTVCNDlCMjNDNEY5QUUwMi9zdWlPM1RZYnpH R1V5WDlveEhKUmdQOEM5eVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCS49n4ZpN+IQmvQbOytUy1S4AgE4bTB+wLC1xqrEh2eDtRfsGxD1vM MPIRYYLIOiVMblZPHYD2VzDB1wLGixCF7LF45l3/b8nUDsvM8E044Nb0KB5g5Icp iqRKXzFOtD66nF0zgv11gR6OZQXx9YqcFkV/2Mxq8YLx37L9azsTB/GgQfiMiDGm bMbeaQO1Lq/ln1UVJ/dWYd6QOOK0yKoFPbej7eQa495RnDB9yTsvGj3Jb4DrZ7g8 9VJwQS3zDoFB3u0m2U0AxC3rkpR4NFGyDw7kWRlEDp0V4Jh30Y83cKDCh3Lk/X4j Hkrd2J0Lnpn9Vr8d6eoiWuHOdLIS6Et2 -----END CERTIFICATE-----Generated at Sun Aug 24 03:09:25 2025 by rpki-client