$ rpki-client -vvf rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft File: cXGYzRpGea2dRS7h2wLQASpDdOw.mft (raw, json) Hash identifier: iWpttPeSrEJ9m595kT5V0SYPoHUs8Dbe5o+8dbdQd+w= Subject key identifier: BE:13:33:EA:43:A8:29:3E:81:27:38:1C:25:F4:1F:BC:60:5F:67:67 Authority key identifier: 71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC Certificate issuer: /CN=A9169F49/serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Certificate serial: 66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft Manifest number: 65 Signing time: Wed 17 Sep 2025 07:43:57 +0000 Manifest this update: Wed 17 Sep 2025 07:43:56 +0000 Manifest next update: Wed 24 Sep 2025 07:43:56 +0000 Files and hashes: 1: cXGYzRpGea2dRS7h2wLQASpDdOw.crl (hash: UhjH3LZal4JOMp9PMONBv+yc2qds8FHZrTikLFfMqu8=) 2: 2B42D1D8F9B611EFB3AB154BC4F9AE02.roa (hash: qRFt1VDcs2OHFjFWZc9CCxRhXeBrmwOFxAL6+b0Q2Co=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 07:43:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 102 (0x66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169F49, serialNumber=717198CD1A4679AD9D452EE1DB02D0012A4374EC Validity Not Before: Sep 17 07:43:56 2025 GMT Not After : Sep 24 07:43:56 2025 GMT Subject: CN=68ca66bd-e039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:2c:d2:13:a4:db:05:81:da:01:9e:9f:40:63: 22:b5:46:e6:9f:ee:34:5e:0e:b3:f8:ae:5d:68:4b: 75:ec:ad:5a:49:db:f6:16:ff:45:ac:27:a0:0f:0c: 69:14:c8:c7:8b:19:ad:03:f5:13:a8:aa:d1:fe:29: 5a:b3:2a:06:4d:b6:ba:02:00:46:18:20:c6:59:84: 8b:c0:ed:61:41:40:62:9e:67:01:f9:31:ca:9a:0c: b9:92:54:24:ea:a8:f7:8b:21:24:2f:e4:ba:bf:23: f6:da:56:f0:26:61:f4:91:22:fc:4c:81:6d:61:30: bd:73:96:b8:a4:a8:80:17:7c:ea:12:f3:de:38:4a: d4:b8:47:1d:35:8f:f8:d0:5a:38:ac:df:45:5f:5e: c8:be:4b:76:fc:90:42:71:71:e8:1d:e6:a3:b7:ae: 62:1e:b6:74:50:05:f0:ab:28:26:aa:b2:63:84:cb: 44:20:46:50:a7:02:41:13:b3:c7:e3:f4:e6:b4:5d: b2:9b:eb:38:25:be:57:33:e4:98:95:6f:f0:24:62: c1:e6:c5:c4:0f:84:f8:ad:18:4e:80:2d:24:c9:69: c3:81:42:ea:cb:95:ca:8f:30:6e:63:e8:90:3f:b4: d2:d2:18:c4:d5:f4:31:20:55:57:e6:c2:45:fe:b4: f4:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:13:33:EA:43:A8:29:3E:81:27:38:1C:25:F4:1F:BC:60:5F:67:67 X509v3 Authority Key Identifier: keyid:71:71:98:CD:1A:46:79:AD:9D:45:2E:E1:DB:02:D0:01:2A:43:74:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXGYzRpGea2dRS7h2wLQASpDdOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169F49/B2C5FB9AF9B511EFA5D73C47C4F9AE02/cXGYzRpGea2dRS7h2wLQASpDdOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:82:34:b0:b8:2d:7b:4b:b1:1c:a2:01:7f:38:04:fc:0f:df: 3e:78:8c:9b:4a:bb:18:a8:d5:70:1a:2f:9e:6e:c2:16:30:a9: 6d:b8:0a:2c:7e:d6:e2:6e:c0:38:cd:5c:8e:55:32:ba:3c:4c: 6d:d7:72:87:39:e0:76:db:00:9f:56:60:55:6b:3c:74:24:8b: c1:ae:59:45:03:4b:f6:a3:3d:b5:a6:69:ce:86:05:25:45:b7: b5:fb:c4:56:22:c2:08:72:ca:7f:1c:5b:db:c1:d8:1e:38:5c: 98:81:b4:44:f4:35:8f:60:07:a8:32:cc:51:de:a2:14:e7:0a: 5f:de:da:51:87:1f:c2:36:2f:3b:cc:5f:d5:94:45:0e:7a:e5: da:e0:2a:66:2c:55:f6:e5:a3:08:a8:86:3d:13:75:6a:bd:e9: 98:d8:78:d0:4b:d6:05:ef:f1:7f:71:2c:4e:86:e7:bc:dd:76: 03:5e:ef:9f:09:eb:8c:1e:04:01:17:57:90:ac:bd:2e:20:df: 71:d7:8e:fd:15:a4:6f:a5:55:8e:58:a2:72:23:05:61:05:c5: 84:5d:30:c9:30:01:fd:d7:8c:d9:31:79:67:cc:d5:fe:28:33: e9:db:44:f2:a0:d9:e7:c6:29:58:c6:a0:86:3e:3c:a5:61:8b: 1c:23:7f:b7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 OUY0OTExMC8GA1UEBRMoNzE3MTk4Q0QxQTQ2NzlBRDlENDUyRUUxREIwMkQwMDEy QTQzNzRFQzAeFw0yNTA5MTcwNzQzNTZaFw0yNTA5MjQwNzQzNTZaMBgxFjAUBgNV BAMTDTY4Y2E2NmJkLWUwMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDkLNITpNsFgdoBnp9AYyK1Ruaf7jReDrP4rl1oS3XsrVpJ2/YW/0WsJ6APDGkU yMeLGa0D9ROoqtH+KVqzKgZNtroCAEYYIMZZhIvA7WFBQGKeZwH5McqaDLmSVCTq qPeLISQv5Lq/I/baVvAmYfSRIvxMgW1hML1zlrikqIAXfOoS8944StS4Rx01j/jQ Wjis30VfXsi+S3b8kEJxcegd5qO3rmIetnRQBfCrKCaqsmOEy0QgRlCnAkETs8fj 9Oa0XbKb6zglvlcz5JiVb/AkYsHmxcQPhPitGE6ALSTJacOBQurLlcqPMG5j6JA/ tNLSGMTV9DEgVVfmwkX+tPSFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvhMz6kOo KT6BJzgcJfQfvGBfZ2cwHwYDVR0jBBgwFoAUcXGYzRpGea2dRS7h2wLQASpDdOww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5RjQ5L0IyQzVGQjlBRjlC NTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEyZFJTN2gyd0xRQVNwRGRP dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY1hHWXpScEdlYTJkUlM3aDJ3TFFBU3BEZE93LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5 RjQ5L0IyQzVGQjlBRjlCNTExRUZBNUQ3M0M0N0M0RjlBRTAyL2NYR1l6UnBHZWEy ZFJTN2gyd0xRQVNwRGRPdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACyCNLC4LXtLsRyiAX84BPwP3z54jJtKuxio1XAaL55uwhYwqW24Cix+ 1uJuwDjNXI5VMro8TG3Xcoc54HbbAJ9WYFVrPHQki8GuWUUDS/ajPbWmac6GBSVF t7X7xFYiwghyyn8cW9vB2B44XJiBtET0NY9gB6gyzFHeohTnCl/e2lGHH8I2LzvM X9WURQ565drgKmYsVfblowiohj0TdWq96ZjYeNBL1gXv8X9xLE6G57zddgNe758J 64weBAEXV5CsvS4g33HXjv0VpG+lVY5YonIjBWEFxYRdMMkwAf3XjNkxeWfM1f4o M+nbRPKg2efGKVjGoIY+PKVhixwjf7c= -----END CERTIFICATE-----Generated at Fri Sep 19 00:57:34 2025 by rpki-client