$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft File: 71OR8qIt1l9IQxoyJt3MZbdllqk.mft (raw, json) Hash identifier: /uh18AxXSlnUVvAz3yVut8ZZw+i0Hp+TnfFYlUYaF/s= Subject key identifier: 18:02:E7:18:7B:91:B1:24:C6:AF:11:1E:AD:C3:37:59:7C:55:A8:62 Authority key identifier: EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 Certificate issuer: /CN=A9157DA9/serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft Manifest number: CF Signing time: Wed 17 Sep 2025 06:17:28 +0000 Manifest this update: Wed 17 Sep 2025 06:17:28 +0000 Manifest next update: Wed 24 Sep 2025 06:17:28 +0000 Files and hashes: 1: 71OR8qIt1l9IQxoyJt3MZbdllqk.crl (hash: dU31djnWEA1SoraPdR+o94ERqfTydUEUBFYUa29tj8M=) 2: 897F96FC5A1811EFAF24E138C4F9AE02.roa (hash: V/66FKVQueBWCxe2q60voG68SskFvIkojTU44XWkp4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 06:17:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA9, serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Validity Not Before: Sep 17 06:17:28 2025 GMT Not After : Sep 24 06:17:28 2025 GMT Subject: CN=68ca5278-feb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:59:47:61:56:c3:d5:fd:00:2e:85:6f:16:c1: ef:4c:ac:53:fa:c8:42:92:ea:b7:c8:26:36:9e:1a: b2:a8:b7:af:e3:ca:40:8d:04:32:43:15:61:d0:cf: fc:2e:69:97:cb:c9:2d:0e:18:9d:6e:2a:8e:51:33: ce:48:98:b1:1b:6e:d2:82:d5:76:9d:e1:60:b8:21: 5a:b9:4a:c8:70:02:e1:f5:29:52:40:fd:d8:89:bb: 87:fc:b6:e7:53:ab:f4:21:24:2d:1d:35:b3:bc:e5: c1:8c:9e:2a:3f:d6:0f:fc:44:bc:54:44:e6:2c:23: 5c:10:33:2c:50:7a:c3:68:2a:b1:55:d2:e4:41:ed: 42:ac:d4:7a:86:07:34:32:c7:3d:d2:46:09:7b:34: c5:45:b4:3f:a4:da:b5:2b:fd:38:b1:c8:c9:68:13: 05:6f:21:2b:c2:54:79:f0:6b:c3:c1:ee:42:c5:8a: 70:1e:3b:fc:e4:49:59:b1:e4:68:89:97:8e:eb:f1: 78:5f:0f:7f:1b:de:42:b2:94:38:92:5b:9e:2b:24: 98:b1:af:36:f9:98:a5:26:31:d3:1e:34:d0:85:d6: dc:5d:82:36:07:ac:aa:c3:0d:a0:a6:d1:6e:0a:b4: 1d:9e:3a:45:b7:0a:92:d8:2b:47:91:28:a0:7e:e0: 4a:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:02:E7:18:7B:91:B1:24:C6:AF:11:1E:AD:C3:37:59:7C:55:A8:62 X509v3 Authority Key Identifier: keyid:EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:c9:80:4f:a7:18:27:e1:d7:d2:ca:2b:8f:15:3f:77:12:40: f7:a3:bf:ce:09:e3:c5:25:1e:9b:9d:06:24:86:ca:16:2d:6b: 07:46:e3:3d:a0:a8:0d:15:89:9c:c3:e9:11:f6:4c:e3:e1:b4: 10:ff:c7:5e:b1:53:6f:39:8c:50:a6:ee:4e:45:85:10:48:bb: f8:cf:c1:da:94:6d:f5:39:af:e3:b8:7a:38:ca:09:ba:4c:00: 85:83:45:9f:ca:fe:7f:df:d6:ca:22:19:8a:63:4f:7b:d8:bc: 9f:ef:a6:42:04:47:1c:20:15:60:cd:d0:6f:7d:9d:98:e0:f4: 7a:0a:d9:df:c0:f3:39:bb:78:a7:bc:11:aa:cb:4f:b2:29:50: ed:07:58:34:0c:1e:e4:43:4e:e2:c6:4f:43:53:d9:b9:d0:5a: c5:bc:34:60:a5:cb:3d:b7:7d:7d:43:16:4a:d3:76:e5:c9:1f: 0d:65:34:bd:5f:de:6e:a4:e4:70:fc:0f:7e:dc:84:3f:67:b0: cb:b4:fe:8f:94:55:75:1d:75:a9:9d:49:ad:e6:31:c9:8c:83: d0:4f:5e:fe:cd:a1:cb:9e:d1:10:1d:21:e6:e6:39:1e:da:e0: 80:c6:d5:63:03:8d:28:3d:ac:f2:cd:25:3c:be:6c:62:f0:a2: c0:ad:2c:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTkxMTAvBgNVBAUTKEVGNTM5MUYyQTIyREQ2NUY0ODQzMUEzMjI2RERDQzY1 Qjc2NTk2QTkwHhcNMjUwOTE3MDYxNzI4WhcNMjUwOTI0MDYxNzI4WjAYMRYwFAYD VQQDEw02OGNhNTI3OC1mZWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvVlHYVbD1f0ALoVvFsHvTKxT+shCkuq3yCY2nhqyqLev48pAjQQyQxVh0M/8 LmmXy8ktDhidbiqOUTPOSJixG27SgtV2neFguCFauUrIcALh9SlSQP3YibuH/Lbn U6v0ISQtHTWzvOXBjJ4qP9YP/ES8VETmLCNcEDMsUHrDaCqxVdLkQe1CrNR6hgc0 Msc90kYJezTFRbQ/pNq1K/04scjJaBMFbyErwlR58GvDwe5CxYpwHjv85ElZseRo iZeO6/F4Xw9/G95CspQ4klueKySYsa82+ZilJjHTHjTQhdbcXYI2B6yqww2gptFu CrQdnjpFtwqS2CtHkSigfuBKQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBgC5xh7 kbEkxq8RHq3DN1l8VahiMB8GA1UdIwQYMBaAFO9TkfKiLdZfSEMaMibdzGW3ZZap MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBOS80MjNFMUFENDVB MTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFsOUlReG95SnQzTVpiZGxs cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcxT1I4cUl0MWw5SVF4b3lKdDNNWmJkbGxxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBOS80MjNFMUFENDVBMTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFs OUlReG95SnQzTVpiZGxscWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuyYBPpxgn4dfSyiuPFT93EkD3o7/OCePFJR6bnQYkhsoWLWsHRuM9 oKgNFYmcw+kR9kzj4bQQ/8desVNvOYxQpu5ORYUQSLv4z8HalG31Oa/juHo4ygm6 TACFg0Wfyv5/39bKIhmKY0972Lyf76ZCBEccIBVgzdBvfZ2Y4PR6CtnfwPM5u3in vBGqy0+yKVDtB1g0DB7kQ07ixk9DU9m50FrFvDRgpcs9t319QxZK03blyR8NZTS9 X95upORw/A9+3IQ/Z7DLtP6PlFV1HXWpnUmt5jHJjIPQT17+zaHLntEQHSHm5jke 2uCAxtVjA40oPazyzSU8vmxi8KLArSxo -----END CERTIFICATE-----Generated at Wed Sep 17 09:09:12 2025 by rpki-client