$ rpki-client -vvf rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.mft File: Tn_qcaRHpqFhecJpfr7lVRmdsJg.mft (raw, json) Hash identifier: fs10OvCJdplSsix0eT+HKVvyV6wYXFjxVwTTpQoKJng= Subject key identifier: 4D:D4:00:7B:34:8E:B7:7C:11:88:15:0D:D7:D1:2D:87:5B:04:28:45 Authority key identifier: 4E:7F:EA:71:A4:47:A6:A1:61:79:C2:69:7E:BE:E5:55:19:9D:B0:98 Certificate issuer: /CN=A9148CCE/serialNumber=4E7FEA71A447A6A16179C2697EBEE555199DB098 Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn_qcaRHpqFhecJpfr7lVRmdsJg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.mft Manifest number: 2A Signing time: Wed 03 Sep 2025 08:27:56 +0000 Manifest this update: Wed 03 Sep 2025 08:27:56 +0000 Manifest next update: Wed 10 Sep 2025 08:27:56 +0000 Files and hashes: 1: Tn_qcaRHpqFhecJpfr7lVRmdsJg.crl (hash: r5fg6WHDk2cqMhSdFtkC+Ih2JF5FUzGItpHqYLJ15VY=) 2: 8FD5A938522911F0AECD911AC4F9AE02.roa (hash: Dtb6Fb2JpEd/Zi2+qi9cOHLUquodmN8UKkbWls/zEtM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.crl rsync://rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn_qcaRHpqFhecJpfr7lVRmdsJg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 08:27:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148CCE, serialNumber=4E7FEA71A447A6A16179C2697EBEE555199DB098 Validity Not Before: Sep 3 08:27:56 2025 GMT Not After : Sep 10 08:27:56 2025 GMT Subject: CN=68b7fc0c-2fcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:90:93:07:1d:f8:94:ff:d4:8f:14:b0:14:03: f5:8f:ff:01:29:7d:0f:b7:02:74:31:49:b5:4e:dd: e3:0d:58:09:ed:0f:1c:95:f7:13:68:6b:82:7f:3d: f6:ba:4f:9c:ea:df:b1:b7:a7:a7:f1:14:1c:17:02: 49:e3:b2:23:1c:57:38:34:7e:03:36:4f:09:67:fb: 1e:12:63:da:e5:1a:19:d3:b9:cb:e9:92:d2:2b:62: a1:5e:09:9f:f4:aa:60:56:2c:79:54:2f:d8:33:2b: 28:da:00:14:fa:ed:5a:dc:d2:8f:ef:70:32:35:8a: 6d:a8:b5:8b:43:1d:f6:ab:aa:32:03:20:a4:eb:67: b1:c3:2e:25:ae:2c:a4:1b:6d:42:c3:a1:e8:80:f4: d2:66:a8:88:9d:d3:2d:fd:1f:d7:bb:18:d4:97:97: c2:bd:72:46:d6:96:e4:02:80:44:b2:0b:a3:9e:f4: c3:0c:3a:b1:3c:b9:12:51:6f:f1:32:ac:15:c2:1b: cf:08:ff:95:49:9c:fc:b4:de:28:1a:33:86:84:19: 53:3a:c3:cb:4b:c1:bc:a7:ef:37:07:a4:c9:46:df: 24:76:e9:1c:de:2a:dd:c4:cf:ec:8d:16:db:f6:45: e7:bd:7e:f1:dc:69:03:17:d0:db:64:5d:68:d9:a5: 33:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:D4:00:7B:34:8E:B7:7C:11:88:15:0D:D7:D1:2D:87:5B:04:28:45 X509v3 Authority Key Identifier: keyid:4E:7F:EA:71:A4:47:A6:A1:61:79:C2:69:7E:BE:E5:55:19:9D:B0:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tn_qcaRHpqFhecJpfr7lVRmdsJg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148CCE/8B21909C4FEE11F080379482C4F9AE02/Tn_qcaRHpqFhecJpfr7lVRmdsJg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:af:56:aa:c5:66:80:81:1f:6f:ba:f8:af:5b:c9:8c:c2:40: c9:f3:37:3f:b3:73:3f:18:ad:17:a7:15:c2:76:a1:a1:81:76: 56:09:2c:45:b3:50:3c:77:9d:2d:fc:65:1d:3c:51:58:13:e3: 01:48:91:27:df:fc:8b:05:ca:48:31:a6:db:0a:e3:ba:e9:bc: 47:ed:0f:2c:27:2e:89:21:f8:df:24:cc:23:2f:38:0c:8c:7c: 15:29:89:97:7d:50:86:66:fb:9b:ea:cc:8a:42:17:4e:37:a2: 46:43:7d:e5:6f:50:de:c7:bb:08:29:97:4c:ff:3c:d5:f7:6d: ec:09:4b:da:fb:4c:23:f7:4d:59:9d:7c:d0:ad:73:c5:52:ae: 2f:d6:70:c6:04:a4:ee:0d:e0:ae:13:fc:a5:94:48:3d:ad:aa: d6:a3:fe:9b:d9:fd:05:f0:b8:d0:57:d7:4f:ab:83:35:13:9b: 13:4f:67:ce:7a:5b:7f:be:57:a3:cc:4e:ec:2f:2f:45:08:e8: 93:5c:8d:19:bd:54:d2:34:1f:63:92:09:de:8f:7c:8b:f3:86: 5e:33:74:87:77:2d:fe:ab:90:50:3e:4c:f1:c7:31:a4:14:18: b6:7b:21:9f:10:45:85:86:52:89:a2:9d:97:15:56:e3:99:71: ba:96:54:34 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 OENDRTExMC8GA1UEBRMoNEU3RkVBNzFBNDQ3QTZBMTYxNzlDMjY5N0VCRUU1NTUx OTlEQjA5ODAeFw0yNTA5MDMwODI3NTZaFw0yNTA5MTAwODI3NTZaMBgxFjAUBgNV BAMTDTY4YjdmYzBjLTJmY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0kJMHHfiU/9SPFLAUA/WP/wEpfQ+3AnQxSbVO3eMNWAntDxyV9xNoa4J/Pfa6 T5zq37G3p6fxFBwXAknjsiMcVzg0fgM2Twln+x4SY9rlGhnTucvpktIrYqFeCZ/0 qmBWLHlUL9gzKyjaABT67Vrc0o/vcDI1im2otYtDHfarqjIDIKTrZ7HDLiWuLKQb bULDoeiA9NJmqIid0y39H9e7GNSXl8K9ckbWluQCgESyC6Oe9MMMOrE8uRJRb/Ey rBXCG88I/5VJnPy03igaM4aEGVM6w8tLwbyn7zcHpMlG3yR26RzeKt3Ez+yNFtv2 Ree9fvHcaQMX0NtkXWjZpTO9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTdQAezSO t3wRiBUN19Eth1sEKEUwHwYDVR0jBBgwFoAUTn/qcaRHpqFhecJpfr7lVRmdsJgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ4Q0NFLzhCMjE5MDlDNEZF RTExRjA4MDM3OTQ4MkM0RjlBRTAyL1RuX3FjYVJIcHFGaGVjSnBmcjdsVlJtZHNK Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVG5fcWNhUkhwcUZoZWNKcGZyN2xWUm1kc0pnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ4 Q0NFLzhCMjE5MDlDNEZFRTExRjA4MDM3OTQ4MkM0RjlBRTAyL1RuX3FjYVJIcHFG aGVjSnBmcjdsVlJtZHNKZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMyvVqrFZoCBH2+6+K9byYzCQMnzNz+zcz8YrRenFcJ2oaGBdlYJLEWz UDx3nS38ZR08UVgT4wFIkSff/IsFykgxptsK47rpvEftDywnLokh+N8kzCMvOAyM fBUpiZd9UIZm+5vqzIpCF043okZDfeVvUN7Huwgpl0z/PNX3bewJS9r7TCP3TVmd fNCtc8VSri/WcMYEpO4N4K4T/KWUSD2tqtaj/pvZ/QXwuNBX10+rgzUTmxNPZ856 W3++V6PMTuwvL0UI6JNcjRm9VNI0H2OSCd6PfIvzhl4zdId3Lf6rkFA+TPHHMaQU GLZ7IZ8QRYWGUominZcVVuOZcbqWVDQ= -----END CERTIFICATE-----Generated at Thu Sep 4 13:59:05 2025 by rpki-client