$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft File: PnIyBI3L0sabqyJbikIhYEbBiyU.mft (raw, json) Hash identifier: T1dyLh1svNdlAIPtA68CIjF/nMzxX/WhNAot9qqTQlQ= Subject key identifier: BB:01:AB:5F:86:63:84:1C:EA:2D:51:3E:49:94:DE:B0:D2:EF:BC:36 Authority key identifier: 3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 Certificate issuer: /CN=A911CA78/serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Certificate serial: 01B0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft Manifest number: 01AC Signing time: Sat 06 Sep 2025 19:12:26 +0000 Manifest this update: Sat 06 Sep 2025 19:12:25 +0000 Manifest next update: Sat 13 Sep 2025 19:12:25 +0000 Files and hashes: 1: PnIyBI3L0sabqyJbikIhYEbBiyU.crl (hash: J6z30biKplM95JBUmgD+YOU38Weer1Twe17mx+tKbtM=) 2: 1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa (hash: jx7hnJAbOWXi06R8EaUqGVH9j+g4HwGKu5sUmUZqpVQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 18:15:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 432 (0x1b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78, serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Validity Not Before: Sep 6 19:12:25 2025 GMT Not After : Sep 13 19:12:25 2025 GMT Subject: CN=68bc879a-8bda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:91:58:2c:93:9d:81:2a:4d:0f:4c:01:30:77: 98:0d:f6:c9:a5:e4:dd:d3:d7:80:7c:31:b6:37:2a: aa:67:05:68:1d:ed:dc:70:56:e9:7e:4a:6f:25:a2: ff:61:53:24:a5:a0:9d:b9:fa:94:ed:8e:3a:59:90: fa:d8:14:da:7a:4a:bd:b5:6f:3e:b3:fa:35:6e:8c: 0e:25:2e:87:60:d9:b1:65:65:f4:9f:2e:33:ca:2e: 1f:aa:98:bf:ce:e2:a9:3c:df:95:cd:77:49:d5:24: db:e3:7b:62:14:a3:ff:51:0c:b5:fa:82:39:32:ab: 8f:6d:f4:42:f3:46:85:0d:86:93:9b:f9:f8:e1:21: ed:73:08:ba:20:a6:80:2f:55:47:4c:2d:e7:6b:cd: 30:3d:a0:23:eb:ae:65:64:d9:60:40:7f:fc:91:98: 02:be:b9:ac:64:79:1b:9e:3e:9d:6b:bb:0e:24:f7: 70:81:da:58:64:83:c1:6a:88:6b:42:60:b0:4f:37: b5:3b:48:d9:75:05:c1:d1:9a:94:f9:cb:3b:bc:00: 95:48:af:a8:3d:24:81:08:21:86:45:8f:c2:f5:76: 95:18:57:99:fd:40:a9:97:ae:ac:37:3e:f0:8d:b7: db:12:59:0e:23:5a:7d:d2:02:bf:85:d7:9d:9e:c4: 6c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:01:AB:5F:86:63:84:1C:EA:2D:51:3E:49:94:DE:B0:D2:EF:BC:36 X509v3 Authority Key Identifier: keyid:3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:53:c2:df:a2:c3:8e:3f:90:d1:09:96:0d:86:6e:cb:ce:fe: ba:e2:ae:e6:ea:be:36:fd:86:fa:4b:bf:c8:e5:d8:da:78:a8: 98:c6:89:c7:f1:be:7f:9e:d7:d6:b1:78:1c:3b:e6:86:14:79: 78:2b:ea:9e:3d:b1:b7:b2:b2:c1:f0:ae:e5:82:49:27:d2:ea: d5:1f:3d:fd:db:f5:8e:3e:d7:18:8f:26:57:4a:5c:51:c4:5f: 44:63:b6:b5:1e:a1:8e:56:78:35:12:0f:89:e5:c3:7e:e1:38: a9:b0:f1:9b:bc:1b:74:b9:b9:ee:cf:c4:4c:17:49:ee:7f:bd: fa:a0:97:3c:cb:c0:ab:19:23:82:1b:26:d2:96:01:6a:b0:03: 4b:16:74:44:0e:be:a3:25:bf:08:d4:e6:dd:da:e9:e5:33:75: 80:53:66:5e:ad:ec:b7:81:11:0f:17:5c:7a:f9:e9:90:66:ab: f4:82:18:78:11:cf:91:cf:6c:a0:0e:8f:d0:e0:cf:93:19:e1: 19:10:e7:a6:95:26:36:86:fa:cb:4b:86:91:4b:c3:2e:ca:4a: b5:02:0e:d5:e1:b9:29:86:b9:36:f7:04:ed:d2:37:48:f2:0a: c6:6c:ee:1f:99:97:14:0e:52:55:33:4e:c2:8c:af:13:d5:34: ec:27:7f:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDNFNzIzMjA0OERDQkQyQzY5QkFCMjI1QjhBNDIyMTYw NDZDMThCMjUwHhcNMjUwOTA2MTkxMjI1WhcNMjUwOTEzMTkxMjI1WjAYMRYwFAYD VQQDEw02OGJjODc5YS04YmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2ZFYLJOdgSpND0wBMHeYDfbJpeTd09eAfDG2NyqqZwVoHe3ccFbpfkpvJaL/ YVMkpaCdufqU7Y46WZD62BTaekq9tW8+s/o1bowOJS6HYNmxZWX0ny4zyi4fqpi/ zuKpPN+VzXdJ1STb43tiFKP/UQy1+oI5MquPbfRC80aFDYaTm/n44SHtcwi6IKaA L1VHTC3na80wPaAj665lZNlgQH/8kZgCvrmsZHkbnj6da7sOJPdwgdpYZIPBaohr QmCwTze1O0jZdQXB0ZqU+cs7vACVSK+oPSSBCCGGRY/C9XaVGFeZ/UCpl66sNz7w jbfbElkOI1p90gK/hdednsRsXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLsBq1+G Y4Qc6i1RPkmU3rDS77w2MB8GA1UdIwQYMBaAFD5yMgSNy9LGm6siW4pCIWBGwYsl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC8wMjhGNThGRTE2 RDkxMUVFOUYxNzUzMTVDNEY5QUUwMi9Qbkl5QkkzTDBzYWJxeUpiaWtJaFlFYkJp eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BuSXlCSTNMMHNhYnF5SmJpa0loWUViQml5VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0E3OC8wMjhGNThGRTE2RDkxMUVFOUYxNzUzMTVDNEY5QUUwMi9Qbkl5QkkzTDBz YWJxeUpiaWtJaFlFYkJpeVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADU8LfosOOP5DRCZYNhm7Lzv664q7m6r42/Yb6S7/I5djaeKiYxonH 8b5/ntfWsXgcO+aGFHl4K+qePbG3srLB8K7lgkkn0urVHz392/WOPtcYjyZXSlxR xF9EY7a1HqGOVng1Eg+J5cN+4TipsPGbvBt0ubnuz8RMF0nuf736oJc8y8CrGSOC GybSlgFqsANLFnREDr6jJb8I1Obd2unlM3WAU2Zerey3gREPF1x6+emQZqv0ghh4 Ec+Rz2ygDo/Q4M+TGeEZEOemlSY2hvrLS4aRS8Muykq1Ag7V4bkphrk29wTt0jdI 8grGbO4fmZcUDlJVM07CjK8T1TTsJ3/O -----END CERTIFICATE-----Generated at Sat Sep 6 21:06:15 2025 by rpki-client