$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: M9zMjGiC3mxYp96nNoZCLgscSsSImrFroP2MOzP6UnI= Subject key identifier: 89:43:4F:66:AB:13:7D:90:66:B0:3B:22:DA:89:66:FC:FF:FA:9F:60 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 020D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 020A Signing time: Wed 17 Sep 2025 02:43:08 +0000 Manifest this update: Wed 17 Sep 2025 02:43:07 +0000 Manifest next update: Wed 24 Sep 2025 02:43:07 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: +D80bPHsqM95EEz7sgN5bzk4eurKXWGGWzSBUYOTHsU=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 02:43:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 525 (0x20d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Sep 17 02:43:07 2025 GMT Not After : Sep 24 02:43:07 2025 GMT Subject: CN=68ca203b-9ac4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:84:0b:9d:12:54:96:13:eb:59:36:1a:11:e7: 87:34:01:97:44:f6:fb:64:d7:c5:cb:48:8f:22:74: 52:c0:55:4d:b3:7e:2f:43:8c:8e:1f:e0:38:2b:dc: d3:d3:a4:7d:74:be:48:b1:04:b8:97:b0:58:48:8a: 3b:cd:96:e4:98:f3:02:dc:cf:7d:37:8f:f0:96:bd: 5b:b8:bd:4d:07:20:d7:5b:92:fb:eb:62:d3:72:b6: ff:b2:27:31:90:9e:11:9a:e5:71:21:df:3f:b9:7b: 9c:08:71:81:f1:be:db:b4:de:ad:33:2a:77:5a:bf: 75:08:67:bd:6a:a2:e6:a9:d1:81:82:7f:49:28:68: 56:82:37:8e:b7:3d:f3:25:7f:85:9e:de:03:87:0d: cd:c9:ee:c8:ef:ba:af:7c:48:5c:6a:29:61:13:7b: d0:a5:d7:43:a8:23:bf:fd:96:86:b6:82:6d:c7:af: d5:5c:8a:24:21:3c:15:f5:86:8f:29:71:c2:46:fd: ec:24:d1:63:81:79:88:93:f9:e8:df:4f:86:c1:69: b7:ee:53:6a:6d:17:06:ff:63:76:a7:e1:86:ad:fa: 09:dd:61:b0:44:4b:be:cb:f5:18:c8:45:0a:5c:8c: d0:4a:3b:54:a7:34:47:17:9f:de:76:9a:10:14:2d: 21:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:43:4F:66:AB:13:7D:90:66:B0:3B:22:DA:89:66:FC:FF:FA:9F:60 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:40:06:b5:af:2a:e7:af:b9:2c:9e:3f:9a:9d:a3:22:b7:b5: 15:a1:a7:d1:b5:b0:9f:3c:05:0d:01:cd:f0:12:d9:93:1c:fc: cd:94:7c:95:77:61:da:7b:e2:11:f2:e4:e6:5b:7d:7f:ca:5a: a0:f1:6b:e5:c9:c3:a3:40:82:15:68:cc:41:68:96:dd:03:c1: 07:b5:6e:ce:4b:64:e5:fa:02:be:25:c6:b7:c9:57:7b:3c:21: 64:60:98:c8:e5:e1:f0:06:26:ae:e5:4e:bd:a4:97:7d:a5:61: 36:50:12:37:c5:53:09:95:00:5e:96:64:97:24:27:63:45:c1: c9:03:42:bd:58:e0:dc:d6:f7:64:66:3b:7b:c1:c2:e8:79:f1: ea:fe:c0:cc:70:51:9e:0b:ee:ee:17:fe:63:90:95:1e:6a:a7: 17:2a:b4:e6:b9:82:d9:61:c1:5b:d0:33:5d:af:15:b5:55:1e: d6:54:3b:34:8e:52:40:a3:fd:06:c0:23:4e:47:10:98:69:38: ec:2a:85:4b:27:02:ec:ea:f9:b5:a9:3b:1f:f3:92:de:8a:0c: ef:db:2e:10:2e:2b:cc:5a:c2:26:be:e5:3e:33:d7:04:88:11: 97:8f:f3:f8:16:ee:b2:33:30:c9:da:85:26:cb:78:64:a2:0f: 80:f4:cf:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUwOTE3MDI0MzA3WhcNMjUwOTI0MDI0MzA3WjAYMRYwFAYD VQQDEw02OGNhMjAzYi05YWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5oQLnRJUlhPrWTYaEeeHNAGXRPb7ZNfFy0iPInRSwFVNs34vQ4yOH+A4K9zT 06R9dL5IsQS4l7BYSIo7zZbkmPMC3M99N4/wlr1buL1NByDXW5L762LTcrb/sicx kJ4RmuVxId8/uXucCHGB8b7btN6tMyp3Wr91CGe9aqLmqdGBgn9JKGhWgjeOtz3z JX+Fnt4Dhw3Nye7I77qvfEhcailhE3vQpddDqCO//ZaGtoJtx6/VXIokITwV9YaP KXHCRv3sJNFjgXmIk/no30+GwWm37lNqbRcG/2N2p+GGrfoJ3WGwREu+y/UYyEUK XIzQSjtUpzRHF5/edpoQFC0hPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlDT2ar E32QZrA7ItqJZvz/+p9gMB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVQAa1ryrnr7ksnj+anaMit7UVoafRtbCfPAUNAc3wEtmTHPzNlHyV d2Hae+IR8uTmW31/ylqg8WvlycOjQIIVaMxBaJbdA8EHtW7OS2Tl+gK+Jca3yVd7 PCFkYJjI5eHwBiau5U69pJd9pWE2UBI3xVMJlQBelmSXJCdjRcHJA0K9WODc1vdk Zjt7wcLoefHq/sDMcFGeC+7uF/5jkJUeaqcXKrTmuYLZYcFb0DNdrxW1VR7WVDs0 jlJAo/0GwCNORxCYaTjsKoVLJwLs6vm1qTsf85Leigzv2y4QLivMWsImvuU+M9cE iBGXj/P4Fu6yMzDJ2oUmy3hkog+A9M/q -----END CERTIFICATE-----Generated at Fri Sep 19 00:48:07 2025 by rpki-client