$ rpki-client -vvf rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft File: sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft (raw, json) Hash identifier: 9MQsxCQMUTZRfsy0B3CSQ3qkyVND0ce1G3Gbo69fpno= Subject key identifier: 91:20:AE:FD:41:8A:77:F1:26:18:E4:51:4B:3D:BE:22:2B:9A:85:80 Authority key identifier: B1:4B:2E:E5:C5:ED:73:6A:B7:36:B2:55:35:86:75:9A:FC:DE:C3:E2 Certificate issuer: /CN=A913BF1E/serialNumber=B14B2EE5C5ED736AB736B2553586759AFCDEC3E2 Certificate serial: 0FA2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUsu5cXtc2q3NrJVNYZ1mvzew-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft Manifest number: 0F8D Signing time: Wed 10 Sep 2025 17:41:53 +0000 Manifest this update: Wed 10 Sep 2025 17:41:52 +0000 Manifest next update: Wed 17 Sep 2025 17:41:52 +0000 Files and hashes: 1: sUsu5cXtc2q3NrJVNYZ1mvzew-I.crl (hash: ZUvO3yd5+8AlAFQjPWx31Ae8SI7nvtRc8Vrv2Y/PJHs=) 2: 164B42E2414111F0A098A82DC4F9AE02.roa (hash: dJHoDekjFkpD+HydVswBgGgsUVupPAujnF3OBVrSpKI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.crl rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUsu5cXtc2q3NrJVNYZ1mvzew-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 17:41:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4002 (0xfa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913BF1E, serialNumber=B14B2EE5C5ED736AB736B2553586759AFCDEC3E2 Validity Not Before: Sep 10 17:41:52 2025 GMT Not After : Sep 17 17:41:52 2025 GMT Subject: CN=68c1b861-eeef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:65:6b:ea:04:4b:bb:b8:d8:8e:a5:a6:49:98: 18:bf:00:ba:bb:b3:39:63:e7:c5:d5:0b:68:e1:b6: 3a:b0:37:4c:a3:36:f6:1a:97:04:ae:d6:d2:64:47: b7:9b:fb:d8:56:e4:d7:75:6b:66:24:70:90:ae:34: 82:58:63:c2:49:d5:e8:2d:21:74:74:ec:a0:79:f7: 60:11:c9:79:a0:08:0d:2a:53:73:e0:d7:12:81:dc: 93:98:ed:6d:79:a5:ea:0e:bb:ee:e4:99:be:4f:4e: dc:7f:8b:08:5b:21:94:c5:f0:18:7c:7a:32:bb:72: 8a:15:fa:c7:16:94:18:49:3e:5f:35:ae:de:40:ac: cb:2d:e9:60:1c:3f:21:90:51:7c:d8:d2:c8:39:ce: da:72:07:c7:fe:9a:94:42:c5:05:67:9c:04:1f:62: cb:fb:01:56:48:28:49:c3:48:75:b1:85:63:f6:0e: 02:74:e8:00:24:68:3c:3a:a8:15:80:96:d4:a5:71: 00:55:89:76:9a:cc:39:1d:01:17:5a:df:fd:dc:ae: 76:6e:25:3b:28:96:67:7a:3d:a3:56:0f:31:b7:6e: 78:99:32:fa:f8:e0:ff:88:85:25:57:6b:e8:64:b4: ae:78:9b:39:7b:00:4f:47:8e:dc:ad:7c:27:98:1d: cd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:20:AE:FD:41:8A:77:F1:26:18:E4:51:4B:3D:BE:22:2B:9A:85:80 X509v3 Authority Key Identifier: keyid:B1:4B:2E:E5:C5:ED:73:6A:B7:36:B2:55:35:86:75:9A:FC:DE:C3:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sUsu5cXtc2q3NrJVNYZ1mvzew-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913BF1E/DBB2BF666E6F11E9AA017C33C4F9AE02/sUsu5cXtc2q3NrJVNYZ1mvzew-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:20:ef:b5:a7:58:1b:0f:ef:b0:22:b0:3f:1f:49:0a:1a:a0: 3f:a4:2a:ae:80:5b:fb:2e:f3:28:a3:04:86:6d:bc:b8:31:e2: f9:c4:e4:6a:97:2a:77:e1:95:55:ad:02:07:74:6c:01:08:9a: 82:a7:35:f6:ca:fd:ce:ed:c3:5d:47:aa:bb:4b:54:82:e7:73: cf:cb:10:40:98:8b:68:ad:93:6d:1a:d6:a8:98:cb:fb:ea:9a: 6a:03:f2:9b:9e:5f:5f:9d:98:2f:3b:44:cd:10:ea:fd:db:de: 22:e9:cf:b3:32:45:cd:18:d1:c4:a5:88:f7:10:91:19:bd:7d: 71:e4:1d:d6:f8:9f:40:7a:08:9e:4f:26:e7:3c:9e:0a:8b:29: 6b:09:9d:a8:db:3f:d3:dc:e6:77:83:d0:0f:5d:15:41:c1:61: 2e:ea:34:92:62:64:7d:df:25:ff:14:ee:7a:20:b1:ad:f1:a3: a4:47:3d:df:de:1a:8a:0d:4f:8f:27:0a:72:71:c1:e2:20:b7: a7:ea:b5:f0:4b:ed:e3:54:16:3f:a3:99:29:44:06:28:58:c6: 84:82:1b:4b:3c:58:43:af:9e:fe:21:36:96:16:da:e4:b1:8a: 6c:39:31:cb:cc:0e:b8:6b:0c:a3:1d:bb:7c:1a:5f:88:5b:2a: b8:92:87:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD6IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0JGMUUxMTAvBgNVBAUTKEIxNEIyRUU1QzVFRDczNkFCNzM2QjI1NTM1ODY3NTlB RkNERUMzRTIwHhcNMjUwOTEwMTc0MTUyWhcNMjUwOTE3MTc0MTUyWjAYMRYwFAYD VQQDEw02OGMxYjg2MS1lZWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2mVr6gRLu7jYjqWmSZgYvwC6u7M5Y+fF1Qto4bY6sDdMozb2GpcErtbSZEe3 m/vYVuTXdWtmJHCQrjSCWGPCSdXoLSF0dOygefdgEcl5oAgNKlNz4NcSgdyTmO1t eaXqDrvu5Jm+T07cf4sIWyGUxfAYfHoyu3KKFfrHFpQYST5fNa7eQKzLLelgHD8h kFF82NLIOc7acgfH/pqUQsUFZ5wEH2LL+wFWSChJw0h1sYVj9g4CdOgAJGg8OqgV gJbUpXEAVYl2msw5HQEXWt/93K52biU7KJZnej2jVg8xt254mTL6+OD/iIUlV2vo ZLSueJs5ewBPR47crXwnmB3NEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJEgrv1B infxJhjkUUs9viIrmoWAMB8GA1UdIwQYMBaAFLFLLuXF7XNqtzayVTWGdZr83sPi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQkYxRS9EQkIyQkY2NjZF NkYxMUU5QUEwMTdDMzNDNEY5QUUwMi9zVXN1NWNYdGMycTNOckpWTllaMW12emV3 LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NVc3U1Y1h0YzJxM05ySlZOWVoxbXZ6ZXctSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QkYxRS9EQkIyQkY2NjZFNkYxMUU5QUEwMTdDMzNDNEY5QUUwMi9zVXN1NWNYdGMy cTNOckpWTllaMW12emV3LUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiIO+1p1gbD++wIrA/H0kKGqA/pCqugFv7LvMoowSGbby4MeL5xORq lyp34ZVVrQIHdGwBCJqCpzX2yv3O7cNdR6q7S1SC53PPyxBAmItorZNtGtaomMv7 6ppqA/Kbnl9fnZgvO0TNEOr9294i6c+zMkXNGNHEpYj3EJEZvX1x5B3W+J9Aegie TybnPJ4KiylrCZ2o2z/T3OZ3g9APXRVBwWEu6jSSYmR93yX/FO56ILGt8aOkRz3f 3hqKDU+PJwpyccHiILen6rXwS+3jVBY/o5kpRAYoWMaEghtLPFhDr57+ITaWFtrk sYpsOTHLzA64awyjHbt8Gl+IWyq4koeS -----END CERTIFICATE-----Generated at Thu Sep 11 22:06:19 2025 by rpki-client