$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: oUEeIB7czJcD2RZuAxXP4rk/3zADpcZIPK528u9zV0Q= Subject key identifier: 93:3F:B7:87:4B:87:D7:8F:55:2A:F7:50:82:44:F9:7D:B9:1E:FA:95 Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 0217 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 020B Signing time: Fri 19 Sep 2025 02:49:11 +0000 Manifest this update: Fri 19 Sep 2025 02:49:11 +0000 Manifest next update: Fri 26 Sep 2025 02:49:11 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: z8wNHhM4gSkKkjrLRKY6WztxudQzmM0pjIhHwuIzHSg=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 02:49:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 535 (0x217) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2, serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Validity Not Before: Sep 19 02:49:11 2025 GMT Not After : Sep 26 02:49:11 2025 GMT Subject: CN=68ccc4a7-5945 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:35:9c:1c:68:5d:c0:ac:30:76:0c:1c:a8:a6: 5e:b9:bc:7b:b8:3f:18:eb:b0:ab:bd:24:09:c4:cf: 59:ec:5c:e6:b2:54:ca:a4:12:28:1f:d5:e1:d5:1a: e3:4b:51:c1:ed:e0:54:81:0c:14:3f:ac:c1:81:90: c0:f6:6d:a4:a4:b7:98:d6:c2:cd:d1:10:02:59:59: 93:62:c1:ed:1b:54:99:1e:73:75:d8:4f:b5:0a:f7: b4:5b:72:af:99:a0:15:b8:37:c2:c9:b2:92:6c:91: 88:92:c3:41:a8:57:f8:cf:66:f8:70:7b:1c:3d:e2: b9:ae:c4:00:39:23:4a:2b:49:df:f2:7d:b5:95:f8: a5:66:ae:7f:12:90:cb:ef:08:78:94:00:b8:01:33: ad:75:eb:7e:b6:e9:f4:8a:6b:a9:18:14:24:bc:45: 5b:2f:41:56:1c:d6:26:e7:62:48:2a:df:df:88:40: 9e:7c:7c:5e:d1:74:69:75:cb:e7:88:d0:1e:12:22: d3:87:94:25:e4:6d:77:16:9d:5f:df:5c:d7:f6:cd: e7:e6:d2:b9:3d:8d:7f:2b:83:0c:1c:52:3f:ca:5a: 33:e1:6b:c9:82:8a:21:cc:45:a9:ed:22:8b:c2:ee: f7:b4:3f:c2:8e:c1:aa:c1:1e:05:17:d6:12:43:94: 83:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:3F:B7:87:4B:87:D7:8F:55:2A:F7:50:82:44:F9:7D:B9:1E:FA:95 X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:8f:ef:b6:a1:67:1f:58:46:13:38:73:39:4d:d4:b1:dc:7e: 0f:2a:bb:78:c7:50:4c:84:cc:a2:71:46:bb:a1:73:0d:56:67: 23:7d:ca:bf:20:e6:9b:76:99:be:6c:8a:c9:68:87:6e:30:00: 25:41:46:0c:54:22:04:45:20:d4:62:db:80:a3:15:38:39:95: 0d:11:89:2c:6b:6d:44:2e:45:b9:5f:66:ba:93:e3:3e:60:db: e9:52:45:83:d7:22:aa:f0:be:3c:6a:4d:8d:97:b1:ff:e4:f8: 47:23:9a:cf:18:a0:6f:69:b4:fd:9d:50:36:60:0f:b2:7c:31: 19:a7:2d:0e:d4:fa:25:12:c4:f3:bb:e3:63:67:a1:c1:11:8a: d1:2e:73:e4:81:36:50:67:9c:df:14:5f:d3:29:21:33:4e:48: ff:5f:8a:32:cd:45:68:c2:bc:4a:f0:b2:40:93:8a:2c:ef:9e: c2:a4:29:82:53:a5:40:4a:8c:ca:00:3d:6f:71:a7:1e:39:19: c6:60:12:a4:de:01:6a:f3:89:85:d1:5d:64:3c:5c:c2:cb:7f: f5:13:2e:b4:5e:c8:09:07:9c:2c:39:a7:4a:14:5d:a0:8e:8f: 9c:42:2b:25:d2:a3:ca:97:ee:ea:51:2d:e8:5d:73:3d:66:11: dc:17:96:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUwOTE5MDI0OTExWhcNMjUwOTI2MDI0OTExWjAYMRYwFAYD VQQDEw02OGNjYzRhNy01OTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjWcHGhdwKwwdgwcqKZeubx7uD8Y67CrvSQJxM9Z7FzmslTKpBIoH9Xh1Rrj S1HB7eBUgQwUP6zBgZDA9m2kpLeY1sLN0RACWVmTYsHtG1SZHnN12E+1Cve0W3Kv maAVuDfCybKSbJGIksNBqFf4z2b4cHscPeK5rsQAOSNKK0nf8n21lfilZq5/EpDL 7wh4lAC4ATOtdet+tun0imupGBQkvEVbL0FWHNYm52JIKt/fiECefHxe0XRpdcvn iNAeEiLTh5Ql5G13Fp1f31zX9s3n5tK5PY1/K4MMHFI/yloz4WvJgoohzEWp7SKL wu73tD/CjsGqwR4FF9YSQ5SDkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJM/t4dL h9ePVSr3UIJE+X25HvqVMB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgj++2oWcfWEYTOHM5TdSx3H4PKrt4x1BMhMyicUa7oXMNVmcjfcq/ IOabdpm+bIrJaIduMAAlQUYMVCIERSDUYtuAoxU4OZUNEYksa21ELkW5X2a6k+M+ YNvpUkWD1yKq8L48ak2Nl7H/5PhHI5rPGKBvabT9nVA2YA+yfDEZpy0O1PolEsTz u+NjZ6HBEYrRLnPkgTZQZ5zfFF/TKSEzTkj/X4oyzUVowrxK8LJAk4os757CpCmC U6VASozKAD1vcaceORnGYBKk3gFq84mF0V1kPFzCy3/1Ey60XsgJB5wsOadKFF2g jo+cQisl0qPKl+7qUS3oXXM9ZhHcF5Z3 -----END CERTIFICATE-----Generated at Fri Sep 19 15:16:50 2025 by rpki-client