$ rpki-client -vvf rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.mft File: o9--Ea-KeOViz7RXkAzKuQkMK1k.mft (raw, json) Hash identifier: GKNfyjZmhtpmTkE/ZMHdDRFwHSokn0L5T9LnkrRNOts= Subject key identifier: 83:70:55:EA:0D:4F:E4:73:33:5E:16:A5:6A:70:84:27:C0:8E:15:04 Authority key identifier: A3:DF:BE:11:AF:8A:78:E5:62:CF:B4:57:90:0C:CA:B9:09:0C:2B:59 Certificate issuer: /CN=A9145604/serialNumber=A3DFBE11AF8A78E562CFB457900CCAB9090C2B59 Certificate serial: 0949 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9--Ea-KeOViz7RXkAzKuQkMK1k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.mft Manifest number: 0943 Signing time: Sat 06 Sep 2025 20:23:36 +0000 Manifest this update: Sat 06 Sep 2025 20:23:35 +0000 Manifest next update: Sat 13 Sep 2025 20:23:35 +0000 Files and hashes: 1: o9--Ea-KeOViz7RXkAzKuQkMK1k.crl (hash: xztYHAJTk5RTnXqId5mCXSc+v+xd7FF1jOprGc1cCWs=) 2: C0A21C70A4A711EA835CCA70C4F9AE02.roa (hash: oh99riu32xDufqLh4s49Z+OfJBlHg4YCfXKo4NVguOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.crl rsync://rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9--Ea-KeOViz7RXkAzKuQkMK1k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 20:23:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2377 (0x949) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145604, serialNumber=A3DFBE11AF8A78E562CFB457900CCAB9090C2B59 Validity Not Before: Sep 6 20:23:35 2025 GMT Not After : Sep 13 20:23:35 2025 GMT Subject: CN=68bc9847-7761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:eb:71:ec:13:1b:8a:cc:c1:93:2e:29:ce:f8: 9a:20:69:27:56:e7:d4:3a:89:bf:a6:93:7a:fe:d1: 42:16:36:e9:89:18:9f:a9:1d:2e:e5:0a:a5:19:6d: 26:63:0d:78:dd:c2:25:d7:13:14:f9:bb:05:94:f0: 01:92:07:f9:34:e0:02:1e:61:74:91:e8:53:bb:5b: f8:fb:c2:12:1a:a8:bc:90:62:19:41:f0:07:da:c6: 50:52:79:28:65:fd:48:b6:3d:56:3a:82:8d:ec:5c: bd:f7:b5:6d:1a:b0:80:34:2a:1d:f0:24:58:0e:44: e3:85:2c:25:da:e8:d3:53:e9:e0:54:8d:22:f7:ef: 17:a6:63:e1:40:d2:a2:84:48:12:29:5d:de:38:43: 98:6c:8b:39:8c:81:50:73:41:54:3c:38:cb:c3:19: ae:79:39:82:ca:c0:3b:9f:25:c1:be:4a:3e:4c:5f: 1e:8d:77:1f:fa:79:c3:6f:05:25:fe:51:25:e4:92: 67:dd:b6:3c:d4:2b:37:c9:12:82:35:a9:89:f0:d7: 7d:bb:51:86:97:65:07:20:23:83:7c:17:d5:59:a5: db:46:8a:f8:ec:61:24:2d:68:03:bc:48:a6:5f:fa: 5e:5e:ae:31:a7:f5:d5:a8:c5:3b:64:25:cd:80:0b: c4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:70:55:EA:0D:4F:E4:73:33:5E:16:A5:6A:70:84:27:C0:8E:15:04 X509v3 Authority Key Identifier: keyid:A3:DF:BE:11:AF:8A:78:E5:62:CF:B4:57:90:0C:CA:B9:09:0C:2B:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9--Ea-KeOViz7RXkAzKuQkMK1k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145604/BCEC6C5EA4A011EA8FBAB45DC4F9AE02/o9--Ea-KeOViz7RXkAzKuQkMK1k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:14:09:1f:08:47:bf:c4:d3:7d:a6:47:85:5e:27:57:db:5c: 6b:64:90:86:3d:ed:4d:48:71:81:23:5a:e0:3f:11:8c:e4:89: c4:ec:47:e1:f9:c4:47:6d:55:f0:8a:cf:21:00:d5:a0:6b:24: 39:43:2b:90:ed:19:2a:c8:c4:14:ac:70:6e:f3:b0:19:86:ac: 57:f0:44:19:e5:cb:f0:c0:60:5c:a9:7d:8d:47:2f:c2:4d:da: 2b:b4:86:e4:84:7b:5f:49:4f:bd:11:0f:4d:cc:0a:0a:e6:cd: 36:89:a1:ca:4f:89:86:1c:bd:13:d8:86:d7:8a:2f:1e:df:52: 04:3c:14:ab:51:60:b0:53:f2:88:bb:54:e8:b3:67:12:94:72: 7e:9d:f5:1e:ae:ee:8e:8b:19:f7:28:ff:b7:cd:5a:01:9a:81: e0:97:9b:d3:a8:87:17:c6:2e:11:40:7f:fe:b5:b0:67:c0:f4: 1d:4a:fe:48:2c:bc:ec:bf:bf:14:7d:de:33:09:d5:d4:a5:b2: 2a:a0:ba:d7:2c:0f:01:28:16:01:b4:54:ca:1d:b8:b3:04:f7: 66:fd:55:e2:d7:f2:3b:59:c8:51:b9:5a:99:02:f8:dc:1a:78: 09:11:7a:3c:0e:d5:52:85:eb:f5:91:88:6e:e0:99:2c:37:98: e3:45:b4:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU2MDQxMTAvBgNVBAUTKEEzREZCRTExQUY4QTc4RTU2MkNGQjQ1NzkwMENDQUI5 MDkwQzJCNTkwHhcNMjUwOTA2MjAyMzM1WhcNMjUwOTEzMjAyMzM1WjAYMRYwFAYD VQQDEw02OGJjOTg0Ny03NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr+tx7BMbiszBky4pzviaIGknVufUOom/ppN6/tFCFjbpiRifqR0u5QqlGW0m Yw143cIl1xMU+bsFlPABkgf5NOACHmF0kehTu1v4+8ISGqi8kGIZQfAH2sZQUnko Zf1Itj1WOoKN7Fy997VtGrCANCod8CRYDkTjhSwl2ujTU+ngVI0i9+8XpmPhQNKi hEgSKV3eOEOYbIs5jIFQc0FUPDjLwxmueTmCysA7nyXBvko+TF8ejXcf+nnDbwUl /lEl5JJn3bY81Cs3yRKCNamJ8Nd9u1GGl2UHICODfBfVWaXbRor47GEkLWgDvEim X/peXq4xp/XVqMU7ZCXNgAvEIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFINwVeoN T+RzM14WpWpwhCfAjhUEMB8GA1UdIwQYMBaAFKPfvhGvinjlYs+0V5AMyrkJDCtZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTYwNC9CQ0VDNkM1RUE0 QTAxMUVBOEZCQUI0NURDNEY5QUUwMi9vOS0tRWEtS2VPVml6N1JYa0F6S3VRa01L MWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL285LS1FYS1LZU9WaXo3UlhrQXpLdVFrTUsxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NTYwNC9CQ0VDNkM1RUE0QTAxMUVBOEZCQUI0NURDNEY5QUUwMi9vOS0tRWEtS2VP Vml6N1JYa0F6S3VRa01LMWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJFAkfCEe/xNN9pkeFXidX21xrZJCGPe1NSHGBI1rgPxGM5InE7Efh +cRHbVXwis8hANWgayQ5QyuQ7RkqyMQUrHBu87AZhqxX8EQZ5cvwwGBcqX2NRy/C TdortIbkhHtfSU+9EQ9NzAoK5s02iaHKT4mGHL0T2IbXii8e31IEPBSrUWCwU/KI u1Tos2cSlHJ+nfUeru6Oixn3KP+3zVoBmoHgl5vTqIcXxi4RQH/+tbBnwPQdSv5I LLzsv78Ufd4zCdXUpbIqoLrXLA8BKBYBtFTKHbizBPdm/VXi1/I7WchRuVqZAvjc GngJEXo8DtVShev1kYhu4JksN5jjRbQU -----END CERTIFICATE-----Generated at Mon Sep 8 08:47:59 2025 by rpki-client