$ rpki-client -vvf rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft File: 2fpCBt8OmUfNUB39UlsuRmlv1EI.mft (raw, json) Hash identifier: lnGv8lDiV78oyemgDundrnBmCcPovAj6eEbggG67x8c= Subject key identifier: 62:82:1B:01:06:1E:05:EC:98:20:58:66:43:38:F5:32:1B:67:B8:CB Authority key identifier: D9:FA:42:06:DF:0E:99:47:CD:50:1D:FD:52:5B:2E:46:69:6F:D4:42 Certificate issuer: /CN=A911D40B/serialNumber=D9FA4206DF0E9947CD501DFD525B2E46696FD442 Certificate serial: 0153 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft Manifest number: 0150 Signing time: Tue 09 Sep 2025 04:16:37 +0000 Manifest this update: Tue 09 Sep 2025 04:16:37 +0000 Manifest next update: Tue 16 Sep 2025 04:16:37 +0000 Files and hashes: 1: 2fpCBt8OmUfNUB39UlsuRmlv1EI.crl (hash: NeiwRs96nrYip8tMxkbR2srT6nOT6jvtOaGizWeZhC4=) 2: 91BCF5D08E0811EE91C7BD62C4F9AE02.roa (hash: 16O4tOIwTKe9KyjFOBLZvUGIgda/sT358bnVtxfjCnM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.crl rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 04:16:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 339 (0x153) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D40B, serialNumber=D9FA4206DF0E9947CD501DFD525B2E46696FD442 Validity Not Before: Sep 9 04:16:37 2025 GMT Not After : Sep 16 04:16:37 2025 GMT Subject: CN=68bfaa25-fc69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:04:c2:ab:b6:83:03:01:a0:6c:54:00:91:0c: 7c:73:bc:73:a7:c6:bb:9e:28:15:3e:d3:9e:51:0a: 6d:f1:0f:f5:de:b3:a7:b9:e5:a5:0b:69:f9:6e:12: f9:42:f4:36:ba:50:52:71:c9:9a:fe:70:fe:ef:ac: 6b:96:05:d7:af:a6:17:a1:6a:69:f8:ad:2f:57:54: 77:f8:7d:ad:76:99:6f:98:d9:d4:50:4c:8e:94:4a: 63:b1:db:8a:7d:fe:59:1c:b7:82:45:eb:49:ee:3d: e8:5b:c5:79:ff:24:89:6b:28:d7:5d:6c:76:11:bc: 8d:ca:69:32:86:ea:84:f7:7f:c8:d1:81:c9:cb:5b: 9a:32:25:69:bc:3a:49:c3:0b:0b:4d:3f:c3:c7:ba: 32:ff:85:32:54:2f:6e:fb:a7:ad:6c:5c:b1:a2:7e: 09:60:22:a5:c8:cc:15:36:35:60:ae:9c:cc:89:dd: e3:c3:7c:b2:f5:9d:a5:60:16:38:5e:1e:6a:cd:85: dc:f2:48:82:51:a8:ca:32:2f:2a:40:36:c0:2b:a9: 83:ed:59:e7:42:3a:7b:b3:4f:c8:50:1b:a7:75:1c: 3e:d8:f3:03:66:c8:47:5c:10:27:9e:f2:9e:f5:cc: 56:72:e6:8d:44:1b:f4:3f:10:0c:a6:e2:9e:6a:d7: 17:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:82:1B:01:06:1E:05:EC:98:20:58:66:43:38:F5:32:1B:67:B8:CB X509v3 Authority Key Identifier: keyid:D9:FA:42:06:DF:0E:99:47:CD:50:1D:FD:52:5B:2E:46:69:6F:D4:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:15:16:4f:53:f6:b8:ad:1a:70:2f:8b:2a:80:20:0a:6c:12: 47:dc:99:33:01:9b:38:0d:25:d8:2c:13:c2:c7:33:8a:6b:23: a5:32:bb:b0:d6:43:7a:3a:dd:f9:fe:76:a9:67:b1:75:a7:4b: 95:2c:e2:87:19:10:d6:a3:a0:1a:e3:15:2c:c9:82:82:fc:c7: 2e:26:11:70:92:39:43:27:8f:8f:74:cb:eb:3c:50:df:12:f4: 29:71:b4:f3:bc:36:8c:77:76:85:1c:0b:53:02:3c:c9:37:47: 96:d9:71:2c:87:69:e8:76:77:b1:45:d8:3b:b6:6c:29:48:02: 29:e9:ed:94:ef:11:ef:a1:68:4c:86:ba:dd:81:ac:26:4e:2a: 92:fb:c6:37:ad:86:53:5e:2a:08:4d:a4:87:32:93:4d:a1:21: 43:e6:4e:18:8f:12:ba:09:f1:bc:7b:7c:a9:0a:1e:dd:7e:07: 09:2b:a8:82:29:db:a3:89:88:97:68:e4:cf:99:c5:8e:a8:d8: d3:ce:09:8e:79:44:4b:cf:5b:92:67:ab:12:46:58:e4:d4:74: 04:14:dc:84:1e:61:36:60:b8:85:ab:30:3d:5e:11:a7:27:ca: e5:b2:c1:1d:f7:c3:49:00:7f:0f:c8:30:4a:70:e2:ad:24:7c: ff:78:5d:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ0MEIxMTAvBgNVBAUTKEQ5RkE0MjA2REYwRTk5NDdDRDUwMURGRDUyNUIyRTQ2 Njk2RkQ0NDIwHhcNMjUwOTA5MDQxNjM3WhcNMjUwOTE2MDQxNjM3WjAYMRYwFAYD VQQDEw02OGJmYWEyNS1mYzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnATCq7aDAwGgbFQAkQx8c7xzp8a7nigVPtOeUQpt8Q/13rOnueWlC2n5bhL5 QvQ2ulBSccma/nD+76xrlgXXr6YXoWpp+K0vV1R3+H2tdplvmNnUUEyOlEpjsduK ff5ZHLeCRetJ7j3oW8V5/ySJayjXXWx2EbyNymkyhuqE93/I0YHJy1uaMiVpvDpJ wwsLTT/Dx7oy/4UyVC9u+6etbFyxon4JYCKlyMwVNjVgrpzMid3jw3yy9Z2lYBY4 Xh5qzYXc8kiCUajKMi8qQDbAK6mD7VnnQjp7s0/IUBundRw+2PMDZshHXBAnnvKe 9cxWcuaNRBv0PxAMpuKeatcXjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGKCGwEG HgXsmCBYZkM49TIbZ7jLMB8GA1UdIwQYMBaAFNn6QgbfDplHzVAd/VJbLkZpb9RC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDQwQi80NjI2QkIxQThF MDgxMUVFOUM5REU0NjFDNEY5QUUwMi8yZnBDQnQ4T21VZk5VQjM5VWxzdVJtbHYx RUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJmcENCdDhPbVVmTlVCMzlVbHN1Um1sdjFFSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDQwQi80NjI2QkIxQThFMDgxMUVFOUM5REU0NjFDNEY5QUUwMi8yZnBDQnQ4T21V Zk5VQjM5VWxzdVJtbHYxRUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqFRZPU/a4rRpwL4sqgCAKbBJH3JkzAZs4DSXYLBPCxzOKayOlMruw 1kN6Ot35/napZ7F1p0uVLOKHGRDWo6Aa4xUsyYKC/McuJhFwkjlDJ4+PdMvrPFDf EvQpcbTzvDaMd3aFHAtTAjzJN0eW2XEsh2nodnexRdg7tmwpSAIp6e2U7xHvoWhM hrrdgawmTiqS+8Y3rYZTXioITaSHMpNNoSFD5k4YjxK6CfG8e3ypCh7dfgcJK6iC KdujiYiXaOTPmcWOqNjTzgmOeURLz1uSZ6sSRljk1HQEFNyEHmE2YLiFqzA9XhGn J8rlssEd98NJAH8PyDBKcOKtJHz/eF1G -----END CERTIFICATE-----Generated at Tue Sep 9 11:20:10 2025 by rpki-client