$ rpki-client -vvf rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft File: 1OMXbLn0iT50xOgF-n-12QpKewo.mft (raw, json) Hash identifier: iXWJMTcBzmO4B5b432vf4My3u8ji36RPyk2qdRu1Soo= Subject key identifier: A8:3A:F9:6C:15:5F:ED:03:EC:9D:83:EA:77:5D:53:DE:AB:DE:FE:FA Authority key identifier: D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A Certificate issuer: /CN=A9154AFB/serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Certificate serial: 177B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft Manifest number: 1766 Signing time: Thu 18 Sep 2025 16:43:51 +0000 Manifest this update: Thu 18 Sep 2025 16:43:51 +0000 Manifest next update: Thu 25 Sep 2025 16:43:51 +0000 Files and hashes: 1: 1OMXbLn0iT50xOgF-n-12QpKewo.crl (hash: 26nkidrO3Me7cqK8sADeZcIIchZbsT835EN2kltoAak=) 2: 81368CD6594B11EE924DCC64C4F9AE02.roa (hash: XhkwHyloR+2rDxWbay2n/StJn5+0QtLglAfKwVMv/5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 16:43:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6011 (0x177b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154AFB, serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Validity Not Before: Sep 18 16:43:51 2025 GMT Not After : Sep 25 16:43:51 2025 GMT Subject: CN=68cc36c7-7526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:67:dc:57:71:ef:b4:cb:71:61:01:49:fd:e1: 7f:ef:1c:d7:49:00:c2:90:5f:cd:a5:bf:fb:58:3e: 4b:0b:25:f8:91:1d:f5:24:01:4f:e6:e2:58:30:e6: 28:0c:a3:e1:65:32:91:ee:78:d9:7b:7c:d0:aa:db: 3b:6d:ab:45:5d:19:0c:8e:9a:57:f0:ea:4f:7e:d5: 93:47:d0:ea:b3:eb:21:f4:3a:06:b8:d8:0d:3b:eb: c7:25:4e:e5:2e:86:7a:d5:9e:41:93:28:bd:c5:7b: 41:36:a4:20:21:c5:3b:14:c6:82:c9:87:d2:5e:c2: b5:82:b0:36:81:b1:22:e4:4a:c6:08:f5:c6:7a:fd: 25:4e:61:99:43:13:88:9c:be:9b:0d:43:02:63:a8: 03:17:a9:bd:1c:6a:54:2e:dd:a1:17:b3:31:1f:b9: 30:72:3b:6c:4a:f1:aa:fb:fd:8d:5d:d2:f5:90:4d: 69:10:3a:2b:5d:f6:72:fe:40:c7:75:5e:23:90:39: 09:92:13:83:fb:0a:79:cb:75:e0:cc:b6:58:f3:56: 76:f2:9a:81:49:3d:d1:e5:5c:b8:54:f5:b7:c3:89: d2:c4:4d:9c:a6:42:99:2e:11:70:9f:9c:58:87:e8: 19:73:45:79:d5:38:e5:db:c2:89:09:f7:af:a8:2b: 28:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:3A:F9:6C:15:5F:ED:03:EC:9D:83:EA:77:5D:53:DE:AB:DE:FE:FA X509v3 Authority Key Identifier: keyid:D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:51:9a:4b:00:63:38:33:8e:ac:ae:5d:3b:3b:89:3f:32:26: bb:ac:d2:46:c2:d4:df:72:0c:5f:28:65:74:db:0b:08:36:00: 52:dc:a1:89:73:84:b8:c1:53:3b:29:ee:62:57:38:59:b5:83: 08:2e:b3:d5:d6:15:d6:2f:ad:ae:bf:24:41:5e:85:13:f1:4d: b9:91:1e:79:0f:fd:d2:b2:15:1e:04:6e:94:77:e9:0f:5b:31: 5b:44:e4:12:ca:61:10:e5:e5:f5:5b:87:6c:a4:8a:f2:a2:49: 76:25:f2:10:3c:71:ac:ad:cc:48:76:de:33:b9:b1:a3:a8:bb: b1:9a:02:07:84:16:f1:7d:d4:9c:2a:6e:ba:0a:39:7a:f5:58: 1a:b0:d1:d5:21:32:fa:3e:10:75:3f:8d:8e:28:e2:9d:70:c3: 25:ae:4c:6e:86:73:12:da:f3:48:b8:60:44:91:6b:b0:3d:c6: 05:f2:04:dc:36:5e:5d:49:2c:e0:fc:58:b7:23:9c:69:4b:32: 25:cd:b5:b9:d8:bc:a3:16:dc:54:a4:18:b3:bc:47:5e:c0:bb: 44:12:7a:8e:9d:4c:1d:87:2b:ef:ee:d6:2c:b8:62:43:03:59: 0f:b6:b3:39:b0:45:82:09:55:91:38:2d:2e:84:ef:04:60:d3: c5:c3:0f:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRBRkIxMTAvBgNVBAUTKEQ0RTMxNzZDQjlGNDg5M0U3NEM0RTgwNUZBN0ZCNUQ5 MEE0QTdCMEEwHhcNMjUwOTE4MTY0MzUxWhcNMjUwOTI1MTY0MzUxWjAYMRYwFAYD VQQDEw02OGNjMzZjNy03NTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGfcV3HvtMtxYQFJ/eF/7xzXSQDCkF/Npb/7WD5LCyX4kR31JAFP5uJYMOYo DKPhZTKR7njZe3zQqts7batFXRkMjppX8OpPftWTR9Dqs+sh9DoGuNgNO+vHJU7l LoZ61Z5Bkyi9xXtBNqQgIcU7FMaCyYfSXsK1grA2gbEi5ErGCPXGev0lTmGZQxOI nL6bDUMCY6gDF6m9HGpULt2hF7MxH7kwcjtsSvGq+/2NXdL1kE1pEDorXfZy/kDH dV4jkDkJkhOD+wp5y3XgzLZY81Z28pqBST3R5Vy4VPW3w4nSxE2cpkKZLhFwn5xY h+gZc0V51Tjl28KJCfevqCsoKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKg6+WwV X+0D7J2D6nddU96r3v76MB8GA1UdIwQYMBaAFNTjF2y59Ik+dMToBfp/tdkKSnsK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEFGQi83OEEwNEU0Q0Uz MkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlUNTB4T2dGLW4tMTJRcEtl d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFPTVhiTG4waVQ1MHhPZ0Ytbi0xMlFwS2V3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEFGQi83OEEwNEU0Q0UzMkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlU NTB4T2dGLW4tMTJRcEtld28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIUZpLAGM4M46srl07O4k/Mia7rNJGwtTfcgxfKGV02wsINgBS3KGJ c4S4wVM7Ke5iVzhZtYMILrPV1hXWL62uvyRBXoUT8U25kR55D/3SshUeBG6Ud+kP WzFbROQSymEQ5eX1W4dspIryokl2JfIQPHGsrcxIdt4zubGjqLuxmgIHhBbxfdSc Km66Cjl69VgasNHVITL6PhB1P42OKOKdcMMlrkxuhnMS2vNIuGBEkWuwPcYF8gTc Nl5dSSzg/Fi3I5xpSzIlzbW52LyjFtxUpBizvEdewLtEEnqOnUwdhyvv7tYsuGJD A1kPtrM5sEWCCVWROC0uhO8EYNPFww8u -----END CERTIFICATE-----Generated at Fri Sep 19 02:46:46 2025 by rpki-client