$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft File: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft (raw, json) Hash identifier: fd/YebGWh+FsCvF5OnvbSoeaWU02KIbhGQ/Sc3yzzOE= Subject key identifier: FA:81:99:98:1E:D5:41:49:6F:BB:29:DE:BD:E3:20:62:BF:44:E2:58 Authority key identifier: 91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 Certificate issuer: /CN=A91FF5B9/serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Certificate serial: 53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft Manifest number: 50 Signing time: Sat 23 Aug 2025 07:35:33 +0000 Manifest this update: Sat 23 Aug 2025 07:35:33 +0000 Manifest next update: Sat 30 Aug 2025 07:35:33 +0000 Files and hashes: 1: kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl (hash: N5tYmWjgT1sGugurzjzOLXH3cz5qZeo6vRt0gZWt480=) 2: DA700744185511F09304D972C4F9AE02.roa (hash: MiqFluIC5BNSTT1867bwbDdwUanVh/INLvZrWpn+wqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:35:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5B9, serialNumber=91176D169C42F03D95282BBBA204C4E44D31ED09 Validity Not Before: Aug 23 07:35:33 2025 GMT Not After : Aug 30 07:35:33 2025 GMT Subject: CN=68a96f45-d22e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8b:9f:0f:63:ba:c3:a9:89:09:49:d6:33:d3: ac:86:8d:70:a6:d8:a8:53:c3:33:08:69:23:ab:e8: ec:15:90:e1:64:df:52:bf:25:1b:34:71:40:80:17: b8:09:d8:fc:ee:ab:90:22:d5:6a:61:35:31:c7:5a: aa:bc:8a:bb:8c:7b:0f:0a:a0:0c:c3:e1:6e:89:72: 1f:3c:3e:65:9f:8d:5c:fa:23:a9:a2:f3:a1:fe:ce: 51:1b:41:65:e0:72:9e:22:af:e0:d3:c1:ce:4d:e1: de:6d:18:f5:48:0a:ab:65:80:d8:01:ff:6a:25:7e: f1:25:00:e1:16:36:70:cb:44:e5:1b:ca:a7:f8:5c: 0c:08:5e:17:c9:61:21:09:ec:12:ea:19:9b:73:5c: 73:05:7e:fb:e6:b1:a3:b0:42:bc:60:b0:3e:53:f9: a7:b3:77:0a:d9:bd:31:42:8a:b3:3c:52:99:ad:ea: 79:8c:0b:8f:38:e2:4e:9b:f8:26:de:50:0e:e1:8d: 86:0e:b4:f2:04:28:cf:8c:b2:b6:43:c6:4a:16:2b: 81:e2:0a:5b:25:fe:51:60:2c:3e:c5:98:af:a5:27: 6e:ca:72:92:88:f0:00:4e:a4:c2:6d:f5:54:60:8f: 11:67:6b:9d:eb:f1:95:c1:6a:cc:8e:9e:cd:96:fa: 24:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:81:99:98:1E:D5:41:49:6F:BB:29:DE:BD:E3:20:62:BF:44:E2:58 X509v3 Authority Key Identifier: keyid:91:17:6D:16:9C:42:F0:3D:95:28:2B:BB:A2:04:C4:E4:4D:31:ED:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5B9/5202D0280DF911F08E6E762AC4F9AE02/kRdtFpxC8D2VKCu7ogTE5E0x7Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:59:d7:97:1b:a5:75:12:fc:e0:bd:17:12:6e:6b:bd:ca:e2: 11:9f:a6:45:8a:3c:e0:e2:73:82:5c:42:c8:a7:aa:9c:5d:7e: cf:52:c7:32:71:7c:dc:9d:eb:b1:2b:35:8b:6e:7e:a3:97:ce: 53:f3:4c:fa:f5:d8:ce:aa:34:9c:46:56:70:39:23:14:47:61: 4b:5b:3f:cc:93:7a:aa:d2:4b:1e:2b:69:53:68:6e:6e:66:78: 52:da:97:29:13:9d:45:9a:4e:39:f4:cf:f6:a4:fb:04:64:42: dc:09:3d:ef:9f:5f:ae:0d:bd:49:7e:d2:b8:8c:12:32:b9:96: 41:b0:a4:07:cc:09:ca:d6:0e:f4:85:ef:fd:59:4f:de:9f:d4: e0:5a:34:6b:f2:fc:df:af:85:46:db:be:b3:b1:ab:54:51:d4: 4e:b7:5d:59:bf:3d:f4:cc:02:39:d6:2b:61:28:c0:7b:a3:55: 0b:7d:10:2d:35:c5:fe:92:65:9b:41:85:32:6b:93:16:d1:0c: 03:65:99:39:14:4f:aa:dc:f1:73:ba:6f:ef:12:01:07:4f:9c: ab:95:71:68:23:37:ce:17:8d:c2:d0:41:30:c1:a6:e6:f8:c4: 32:34:32:c3:67:75:43:ed:ee:44:52:4d:38:ed:76:55:59:6e: fa:62:a9:02 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RjVCOTExMC8GA1UEBRMoOTExNzZEMTY5QzQyRjAzRDk1MjgyQkJCQTIwNEM0RTQ0 RDMxRUQwOTAeFw0yNTA4MjMwNzM1MzNaFw0yNTA4MzAwNzM1MzNaMBgxFjAUBgNV BAMTDTY4YTk2ZjQ1LWQyMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCi58PY7rDqYkJSdYz06yGjXCm2KhTwzMIaSOr6OwVkOFk31K/JRs0cUCAF7gJ 2Pzuq5Ai1WphNTHHWqq8iruMew8KoAzD4W6Jch88PmWfjVz6I6mi86H+zlEbQWXg cp4ir+DTwc5N4d5tGPVICqtlgNgB/2olfvElAOEWNnDLROUbyqf4XAwIXhfJYSEJ 7BLqGZtzXHMFfvvmsaOwQrxgsD5T+aezdwrZvTFCirM8Upmt6nmMC4844k6b+Cbe UA7hjYYOtPIEKM+MsrZDxkoWK4HiClsl/lFgLD7FmK+lJ27KcpKI8ABOpMJt9VRg jxFna53r8ZXBasyOns2W+iQ9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU+oGZmB7V QUlvuyneveMgYr9E4lgwHwYDVR0jBBgwFoAUkRdtFpxC8D2VKCu7ogTE5E0x7Qkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGNUI5LzUyMDJEMDI4MERG OTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQyVktDdTdvZ1RFNUUweDdR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva1JkdEZweEM4RDJWS0N1N29nVEU1RTB4N1FrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZG NUI5LzUyMDJEMDI4MERGOTExRjA4RTZFNzYyQUM0RjlBRTAyL2tSZHRGcHhDOEQy VktDdTdvZ1RFNUUweDdRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFVZ15cbpXUS/OC9FxJua73K4hGfpkWKPODic4JcQsinqpxdfs9SxzJx fNyd67ErNYtufqOXzlPzTPr12M6qNJxGVnA5IxRHYUtbP8yTeqrSSx4raVNobm5m eFLalykTnUWaTjn0z/ak+wRkQtwJPe+fX64NvUl+0riMEjK5lkGwpAfMCcrWDvSF 7/1ZT96f1OBaNGvy/N+vhUbbvrOxq1RR1E63XVm/PfTMAjnWK2EowHujVQt9EC01 xf6SZZtBhTJrkxbRDANlmTkUT6rc8XO6b+8SAQdPnKuVcWgjN84XjcLQQTDBpub4 xDI0MsNndUPt7kRSTTjtdlVZbvpiqQI= -----END CERTIFICATE-----Generated at Sat Aug 23 17:54:49 2025 by rpki-client