$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: A3//btBInjUKF940CScxqjFkKdEbp9Ort+0K4XanGv4= Subject key identifier: 07:CC:5F:5C:52:7C:17:2D:7F:FD:36:72:3B:EF:CC:A0:00:3C:0E:62 Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0D43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0D3B Signing time: Thu 18 Sep 2025 18:12:19 +0000 Manifest this update: Thu 18 Sep 2025 18:12:19 +0000 Manifest next update: Thu 25 Sep 2025 18:12:19 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: /7ehR9DKPIFfx4jQRbeJqN7Pludn+Zix/jc3LdhDBo4=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:12:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3395 (0xd43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Sep 18 18:12:19 2025 GMT Not After : Sep 25 18:12:19 2025 GMT Subject: CN=68cc4b83-6d69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9e:16:c8:dc:91:25:fa:71:17:c3:e4:2e:36: 05:f9:8d:de:ae:ad:84:79:a3:62:68:b2:c4:87:7c: 14:6c:f1:19:6c:cc:48:4c:6c:15:50:8b:46:15:53: 5b:1d:98:2c:5c:0c:36:96:89:5a:6d:f6:77:b5:8b: ee:20:25:ad:63:3c:8b:ed:5c:4e:26:29:1a:3e:46: f5:7f:5c:e9:35:85:be:18:a2:fe:aa:3c:9c:a3:f3: ce:9c:f3:95:12:83:40:f4:2a:5e:70:04:5d:4a:ff: 9f:71:45:80:94:d4:a7:6b:11:70:31:17:94:b6:90: 87:04:96:0b:8c:a6:21:a6:dd:38:5a:36:d4:10:39: 00:0e:20:36:1b:bc:56:ef:a1:33:25:fc:8f:cb:12: 6a:9f:e4:40:66:b6:8f:7c:7d:6e:c2:84:41:75:b3: cf:bd:05:f6:b7:27:e1:f1:bc:f1:c2:41:c6:5d:94: a2:6d:06:47:82:c0:19:dd:e3:69:fd:2f:27:18:20: 78:be:cd:6d:6b:2a:a6:6a:3a:02:cc:49:1c:2e:1b: 1b:0d:90:62:20:6a:53:fa:ed:29:40:14:87:da:ee: 43:77:b2:ae:2f:07:a1:6f:eb:af:ac:fd:6b:dd:9c: 55:c5:ea:da:4b:d3:af:6e:9d:45:b5:b0:e8:87:7e: f5:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:CC:5F:5C:52:7C:17:2D:7F:FD:36:72:3B:EF:CC:A0:00:3C:0E:62 X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:1c:72:a7:50:fc:13:38:8b:e5:23:7a:5e:77:f6:0f:12:72: f3:4b:6b:6d:69:66:d7:80:f8:30:cd:0d:34:4c:bb:29:5c:ea: bd:1f:ab:6d:dd:89:d5:7a:4b:c8:9a:71:bc:d0:ef:55:75:52: e3:fa:cf:ae:5a:5a:db:15:03:ff:26:e2:e3:04:cb:1a:f4:ad: f0:ae:b4:27:36:72:63:4a:cd:f0:bb:53:ba:df:11:39:b2:b5: 2d:63:dd:c3:98:bd:40:cc:8e:8b:99:9a:71:db:f8:88:dd:71: e9:a6:9f:cf:41:49:f7:4d:ed:9c:a1:c0:0f:58:64:c7:d9:d8: 51:c8:8e:17:0d:cc:2c:a6:f5:97:1c:a6:0b:e6:2f:70:a0:2e: b1:7b:76:2d:80:39:ea:39:c1:a2:2d:67:9c:3a:ef:8d:c3:ee: 2b:85:2c:aa:cf:24:46:7e:de:29:c5:99:d2:bd:99:f9:b1:3b: b3:35:9e:cb:9e:80:57:ac:97:9a:81:5c:5d:88:68:0e:7f:ec: 3e:b5:d6:2c:89:12:88:f1:b1:6e:a0:7f:1e:c2:21:ae:e1:9b: 39:d2:cc:4e:e0:31:2c:cc:b9:a6:98:fc:38:15:98:70:3b:52: 98:f3:54:32:38:bc:cf:a2:bd:3f:7b:2c:d9:c8:22:64:c0:8d: 1f:f7:9e:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjUwOTE4MTgxMjE5WhcNMjUwOTI1MTgxMjE5WjAYMRYwFAYD VQQDEw02OGNjNGI4My02ZDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Z4WyNyRJfpxF8PkLjYF+Y3erq2EeaNiaLLEh3wUbPEZbMxITGwVUItGFVNb HZgsXAw2lolabfZ3tYvuICWtYzyL7VxOJikaPkb1f1zpNYW+GKL+qjyco/POnPOV EoNA9CpecARdSv+fcUWAlNSnaxFwMReUtpCHBJYLjKYhpt04WjbUEDkADiA2G7xW 76EzJfyPyxJqn+RAZraPfH1uwoRBdbPPvQX2tyfh8bzxwkHGXZSibQZHgsAZ3eNp /S8nGCB4vs1tayqmajoCzEkcLhsbDZBiIGpT+u0pQBSH2u5Dd7KuLwehb+uvrP1r 3ZxVxeraS9Ovbp1FtbDoh3715wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfMX1xS fBctf/02cjvvzKAAPA5iMB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOHHKnUPwTOIvlI3ped/YPEnLzS2ttaWbXgPgwzQ00TLspXOq9H6tt 3YnVekvImnG80O9VdVLj+s+uWlrbFQP/JuLjBMsa9K3wrrQnNnJjSs3wu1O63xE5 srUtY93DmL1AzI6LmZpx2/iI3XHppp/PQUn3Te2cocAPWGTH2dhRyI4XDcwspvWX HKYL5i9woC6xe3YtgDnqOcGiLWecOu+Nw+4rhSyqzyRGft4pxZnSvZn5sTuzNZ7L noBXrJeagVxdiGgOf+w+tdYsiRKI8bFuoH8ewiGu4Zs50sxO4DEszLmmmPw4FZhw O1KY81QyOLzPor0/eyzZyCJkwI0f955r -----END CERTIFICATE-----Generated at Thu Sep 18 20:23:23 2025 by rpki-client