$ rpki-client -vvf rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.mft File: 1rdRTL8L4gRsE8oNf10iNS_aWO4.mft (raw, json) Hash identifier: gz5DpTLhBvPUGg6CRs2BOAARKsXmRz/1XVyBRrlMDDA= Subject key identifier: 97:EB:BF:93:B5:63:F6:1B:11:56:CD:0C:08:CF:E0:B1:5F:56:0F:6B Authority key identifier: D6:B7:51:4C:BF:0B:E2:04:6C:13:CA:0D:7F:5D:22:35:2F:DA:58:EE Certificate issuer: /CN=A9134B2D/serialNumber=D6B7514CBF0BE2046C13CA0D7F5D22352FDA58EE Certificate serial: 0206 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1rdRTL8L4gRsE8oNf10iNS_aWO4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.mft Manifest number: 0202 Signing time: Wed 17 Sep 2025 02:51:48 +0000 Manifest this update: Wed 17 Sep 2025 02:51:48 +0000 Manifest next update: Wed 24 Sep 2025 02:51:48 +0000 Files and hashes: 1: 1rdRTL8L4gRsE8oNf10iNS_aWO4.crl (hash: iXp5jByJ1t/MgCqz0tIPbv2Jb1YoE/4xrjcV0tALaOo=) 2: 8E3128B4837D11EDB082012FC4F9AE02.roa (hash: pbCZups9CHpt8yF1jqE6eaTv1T+fEJy3uGbRYPbMwLg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.crl rsync://rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1rdRTL8L4gRsE8oNf10iNS_aWO4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 02:51:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 518 (0x206) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134B2D, serialNumber=D6B7514CBF0BE2046C13CA0D7F5D22352FDA58EE Validity Not Before: Sep 17 02:51:48 2025 GMT Not After : Sep 24 02:51:48 2025 GMT Subject: CN=68ca2244-1be3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:19:1a:47:3c:d5:63:12:a7:ec:53:72:10:19: 70:94:a7:41:78:e6:bb:3e:f7:2b:34:b4:85:89:98: 3f:0d:d4:b0:91:c8:ef:4d:1d:46:18:24:98:ca:08: 77:ba:9b:e0:12:27:b0:42:03:83:9a:bf:60:09:68: 08:03:66:7b:1b:2b:9a:96:09:87:97:97:28:e7:dd: 75:9a:fa:50:71:f3:b0:40:70:01:d9:1e:2b:ff:bb: b2:c8:ab:8d:3f:05:b4:4a:04:d7:17:3a:c6:df:6b: e8:b8:e9:c1:a0:1d:f4:45:77:85:69:64:fb:35:e9: 56:89:03:d4:03:16:da:c8:5e:aa:fb:62:67:a0:4b: 85:54:69:89:3a:8b:9a:46:2c:f4:c7:47:25:5f:ec: 7c:b1:9b:e5:a9:ee:70:6b:d7:de:5a:4c:19:bf:31: 23:f4:6f:3e:a1:e2:0f:af:2a:52:92:8b:d6:1e:13: 44:b2:b5:88:be:bd:df:11:7f:48:ab:33:4f:14:8d: 34:f0:97:9b:a4:d8:63:2e:30:da:e0:f5:8a:b6:20: b1:cc:ec:aa:73:71:ad:e9:c1:32:9c:72:31:72:df: 6f:f2:67:4f:a9:3a:4c:4b:bd:13:8e:53:47:27:8f: 05:69:04:73:fc:db:07:9b:c1:7a:0b:52:31:e4:ad: 48:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:EB:BF:93:B5:63:F6:1B:11:56:CD:0C:08:CF:E0:B1:5F:56:0F:6B X509v3 Authority Key Identifier: keyid:D6:B7:51:4C:BF:0B:E2:04:6C:13:CA:0D:7F:5D:22:35:2F:DA:58:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1rdRTL8L4gRsE8oNf10iNS_aWO4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134B2D/031F451E837B11ED805D402EC4F9AE02/1rdRTL8L4gRsE8oNf10iNS_aWO4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:15:53:b5:5f:b1:d7:07:9a:5b:8c:82:a9:5e:9a:b2:29:17: 5b:b9:ad:a9:85:27:74:6b:f9:75:43:01:e5:bc:be:cb:78:39: 83:34:e8:18:1e:85:36:39:ef:e6:15:fc:83:0e:d3:8d:7f:c4: 0b:79:23:d9:51:fe:fb:d5:18:ba:61:ab:13:ad:35:0e:d4:24: 44:c8:3f:e9:d6:72:7c:d4:eb:1a:1e:79:d4:df:52:d0:c0:b6: 1c:4b:1a:e3:64:40:aa:2d:d6:2e:3b:3b:a5:88:fa:1c:30:eb: 67:f0:d3:e0:dc:e2:9f:0f:e3:bf:df:56:ca:05:6a:fa:2e:10: 44:49:c1:d6:c2:e6:32:c2:f8:bc:63:3d:77:36:3d:47:6d:97: 48:2a:5f:e5:54:aa:f7:1f:0b:84:99:51:3e:f7:59:03:21:f8: ab:cf:9f:80:1c:3c:d8:5e:09:85:ea:25:d3:ad:83:6f:39:6d: 48:98:4b:2f:c0:59:1e:6b:a3:d4:22:80:d3:be:77:e8:b9:8a: 7b:e4:cd:bf:bf:93:6a:99:f9:76:12:0c:bc:68:4e:c3:99:94: 64:df:34:aa:5e:de:0e:fc:11:da:f0:54:1f:37:64:a1:2b:67: 0c:aa:f6:11:5c:78:e3:ad:fd:10:26:e8:18:60:d1:6d:b8:24: 3c:00:e6:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCMkQxMTAvBgNVBAUTKEQ2Qjc1MTRDQkYwQkUyMDQ2QzEzQ0EwRDdGNUQyMjM1 MkZEQTU4RUUwHhcNMjUwOTE3MDI1MTQ4WhcNMjUwOTI0MDI1MTQ4WjAYMRYwFAYD VQQDEw02OGNhMjI0NC0xYmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArBkaRzzVYxKn7FNyEBlwlKdBeOa7PvcrNLSFiZg/DdSwkcjvTR1GGCSYygh3 upvgEiewQgODmr9gCWgIA2Z7GyualgmHl5co5911mvpQcfOwQHAB2R4r/7uyyKuN PwW0SgTXFzrG32vouOnBoB30RXeFaWT7NelWiQPUAxbayF6q+2JnoEuFVGmJOoua Riz0x0clX+x8sZvlqe5wa9feWkwZvzEj9G8+oeIPrypSkovWHhNEsrWIvr3fEX9I qzNPFI008JebpNhjLjDa4PWKtiCxzOyqc3Gt6cEynHIxct9v8mdPqTpMS70TjlNH J48FaQRz/NsHm8F6C1Ix5K1ImwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJfrv5O1 Y/YbEVbNDAjP4LFfVg9rMB8GA1UdIwQYMBaAFNa3UUy/C+IEbBPKDX9dIjUv2lju MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEIyRC8wMzFGNDUxRTgz N0IxMUVEODA1RDQwMkVDNEY5QUUwMi8xcmRSVEw4TDRnUnNFOG9OZjEwaU5TX2FX TzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFyZFJUTDhMNGdSc0U4b05mMTBpTlNfYVdPNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEIyRC8wMzFGNDUxRTgzN0IxMUVEODA1RDQwMkVDNEY5QUUwMi8xcmRSVEw4TDRn UnNFOG9OZjEwaU5TX2FXTzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOFVO1X7HXB5pbjIKpXpqyKRdbua2phSd0a/l1QwHlvL7LeDmDNOgY HoU2Oe/mFfyDDtONf8QLeSPZUf771Ri6YasTrTUO1CREyD/p1nJ81OsaHnnU31LQ wLYcSxrjZECqLdYuOzuliPocMOtn8NPg3OKfD+O/31bKBWr6LhBEScHWwuYywvi8 Yz13Nj1HbZdIKl/lVKr3HwuEmVE+91kDIfirz5+AHDzYXgmF6iXTrYNvOW1ImEsv wFkea6PUIoDTvnfouYp75M2/v5Nqmfl2Egy8aE7DmZRk3zSqXt4O/BHa8FQfN2Sh K2cMqvYRXHjjrf0QJugYYNFtuCQ8AOYJ -----END CERTIFICATE-----Generated at Thu Sep 18 23:28:15 2025 by rpki-client