$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft File: zOnFYkus-dCYXj8tbjHmsthtgq4.mft (raw, json) Hash identifier: dgzYAlNODRmTnenYTFledoKPmUgt+P97Yvi6MaeAsZQ= Subject key identifier: 29:8F:2E:0F:6A:5C:E2:4F:90:97:1D:17:0F:A9:55:1F:CD:58:CF:10 Authority key identifier: CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE Certificate issuer: /CN=A9157B07/serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Certificate serial: 06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft Manifest number: 05 Signing time: Wed 17 Sep 2025 08:55:55 +0000 Manifest this update: Wed 17 Sep 2025 08:55:55 +0000 Manifest next update: Wed 24 Sep 2025 08:55:55 +0000 Files and hashes: 1: zOnFYkus-dCYXj8tbjHmsthtgq4.crl (hash: ZqbYPoCb6gM9OzbbLctyJ9SbxsygNNFFU7plbjYLKgw=) 2: 8CA88A568FD611F09FFCA92CC4F9AE02.roa (hash: X1O7W3t2SP7SDbQ67NRf7y+vow5VXeN/HZMH9HZxaRQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:55:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B07, serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Validity Not Before: Sep 17 08:55:55 2025 GMT Not After : Sep 24 08:55:55 2025 GMT Subject: CN=68ca779b-e75a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f5:58:f9:0f:a2:50:1d:81:89:b1:68:98:45: ac:5c:8c:bf:c4:de:10:df:dc:40:d9:c9:be:ef:84: 36:1b:74:07:e3:bd:12:31:65:27:c7:e5:bf:4d:2d: d2:e2:dc:98:9d:a9:68:fe:04:f2:41:71:eb:e1:45: c6:e4:bf:f9:31:88:58:c0:37:00:0b:1b:b4:ff:ab: c6:a7:24:54:95:c4:32:23:0f:b1:0b:73:62:08:f1: d4:8f:3d:ec:8e:3d:66:7c:3e:09:6a:97:32:77:b4: 6a:ac:d8:3f:cd:70:4f:7c:ac:94:bb:c6:de:25:6e: 14:90:f2:d5:85:21:87:d0:d1:4f:5b:1c:b9:f1:a8: 6d:d8:a9:ef:7f:05:9b:22:3e:6e:56:81:cc:1f:f4: 25:8f:de:4f:97:92:91:7e:d5:11:6e:c1:78:21:cc: 12:2a:90:fc:7c:88:3f:ea:3a:0f:6c:69:3f:69:13: 20:aa:86:b3:26:eb:6b:c1:f2:f8:1c:81:2a:ea:11: 77:f7:61:48:0d:81:10:88:8f:eb:39:38:6f:cc:ab: 4c:dd:92:bd:ac:bd:81:83:89:c5:74:02:55:2e:d6: 45:bc:78:1c:76:89:23:00:31:93:93:be:61:86:0e: f6:52:3c:a2:75:a2:af:8d:de:0a:47:f0:90:8a:6d: ee:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8F:2E:0F:6A:5C:E2:4F:90:97:1D:17:0F:A9:55:1F:CD:58:CF:10 X509v3 Authority Key Identifier: keyid:CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:c0:da:8d:68:31:c8:0a:b9:75:00:0d:46:2a:81:77:13:84: ac:18:1c:15:a7:39:30:0c:b1:39:0f:2c:1f:04:e0:12:e4:75: 74:f6:2e:8a:52:ad:19:49:9b:eb:aa:c9:7a:7c:48:f7:26:bb: 38:0f:1e:32:98:2d:5f:3a:4b:0d:f2:9b:7c:15:96:ed:e7:6d: ff:98:5a:2e:bb:91:bd:15:c1:1a:ea:b5:dc:ea:0c:46:c7:4e: a6:f6:a3:e7:c3:79:69:3b:3f:21:98:5a:11:c2:7f:0d:29:b4: 73:2e:3e:bd:17:7c:ad:42:27:d7:bd:47:7d:48:d2:c1:43:d0: 99:35:bb:9c:9c:43:4a:67:cc:f0:77:39:a2:d5:85:33:4e:85: 33:5c:8e:05:78:97:21:87:7e:4c:49:d5:3e:74:c6:ae:74:9e: db:c9:8b:fd:78:8e:37:cf:1c:7f:44:e9:f7:b7:33:47:da:4b: 24:7e:e5:ca:0c:92:8e:2d:71:9e:d0:c2:72:06:8f:a4:86:33: 0f:14:0c:93:68:d3:15:03:80:ab:0d:19:9a:63:41:be:0b:c1: b8:e4:39:f2:52:f5:1f:b1:1c:e2:b1:4f:4e:47:09:56:d7:b9: 15:27:50:ed:31:b6:23:5b:f9:1e:90:43:09:b2:09:6a:35:35: 45:9c:ae:cd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0IwNzExMC8GA1UEBRMoQ0NFOUM1NjI0QkFDRjlEMDk4NUUzRjJENkUzMUU2QjJE ODZEODJBRTAeFw0yNTA5MTcwODU1NTVaFw0yNTA5MjQwODU1NTVaMBgxFjAUBgNV BAMTDTY4Y2E3NzliLWU3NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCw9Vj5D6JQHYGJsWiYRaxcjL/E3hDf3EDZyb7vhDYbdAfjvRIxZSfH5b9NLdLi 3JidqWj+BPJBcevhRcbkv/kxiFjANwALG7T/q8anJFSVxDIjD7ELc2II8dSPPeyO PWZ8PglqlzJ3tGqs2D/NcE98rJS7xt4lbhSQ8tWFIYfQ0U9bHLnxqG3Yqe9/BZsi Pm5Wgcwf9CWP3k+XkpF+1RFuwXghzBIqkPx8iD/qOg9saT9pEyCqhrMm62vB8vgc gSrqEXf3YUgNgRCIj+s5OG/Mq0zdkr2svYGDicV0AlUu1kW8eBx2iSMAMZOTvmGG DvZSPKJ1oq+N3gpH8JCKbe5jAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKY8uD2pc 4k+Qlx0XD6lVH81YzxAwHwYDVR0jBBgwFoAUzOnFYkus+dCYXj8tbjHmsthtgq4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3QjA3L0Q4ODU0NDkyOEZE NTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRDWVhqOHRiakhtc3RodGdx NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvek9uRllrdXMtZENZWGo4dGJqSG1zdGh0Z3E0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 QjA3L0Q4ODU0NDkyOEZENTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRD WVhqOHRiakhtc3RodGdxNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADTA2o1oMcgKuXUADUYqgXcThKwYHBWnOTAMsTkPLB8E4BLkdXT2LopS rRlJm+uqyXp8SPcmuzgPHjKYLV86Sw3ym3wVlu3nbf+YWi67kb0VwRrqtdzqDEbH Tqb2o+fDeWk7PyGYWhHCfw0ptHMuPr0XfK1CJ9e9R31I0sFD0Jk1u5ycQ0pnzPB3 OaLVhTNOhTNcjgV4lyGHfkxJ1T50xq50ntvJi/14jjfPHH9E6fe3M0faSyR+5coM ko4tcZ7QwnIGj6SGMw8UDJNo0xUDgKsNGZpjQb4LwbjkOfJS9R+xHOKxT05HCVbX uRUnUO0xtiNb+R6QQwmyCWo1NUWcrs0= -----END CERTIFICATE-----Generated at Fri Sep 19 00:33:18 2025 by rpki-client