$ rpki-client -vvf rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.mft File: 0Z0h9lpMk802wwczAhMPTmW38Ok.mft (raw, json) Hash identifier: 2K+llh7rSw4d50ZoMcC4aNE1EcHo3je4vpYjxgYTU6M= Subject key identifier: 51:B2:49:7E:CF:1A:55:09:03:6F:0E:69:02:6A:F2:6D:C2:35:40:44 Authority key identifier: D1:9D:21:F6:5A:4C:93:CD:36:C3:07:33:02:13:0F:4E:65:B7:F0:E9 Certificate issuer: /CN=A91765CB/serialNumber=D19D21F65A4C93CD36C3073302130F4E65B7F0E9 Certificate serial: 01B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Z0h9lpMk802wwczAhMPTmW38Ok.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.mft Manifest number: 01AC Signing time: Sun 07 Sep 2025 03:36:16 +0000 Manifest this update: Sun 07 Sep 2025 03:36:16 +0000 Manifest next update: Sun 14 Sep 2025 03:36:16 +0000 Files and hashes: 1: 0Z0h9lpMk802wwczAhMPTmW38Ok.crl (hash: Hiy2OjZkpmCV76+kDrFj/KvUjIJxxDykOeds15aHtJM=) 2: 5CBE3872145C11F0BFD6B347C4F9AE02.roa (hash: wN+RYivC51/sVMn5qM1gC8zTEDi66N47MLSR9Ot7lLw=) 3: 4C30AA30B08411EFA29E6722C4F9AE02.roa (hash: eyu3cJvMk8x/lB+NzC776MbDc6l8Tfm9D0VXNEV1yIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.crl rsync://rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Z0h9lpMk802wwczAhMPTmW38Ok.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 03:36:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 436 (0x1b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91765CB, serialNumber=D19D21F65A4C93CD36C3073302130F4E65B7F0E9 Validity Not Before: Sep 7 03:36:16 2025 GMT Not After : Sep 14 03:36:16 2025 GMT Subject: CN=68bcfdb0-b64b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0b:0f:7f:10:df:4b:60:e8:bc:1b:50:80:c8: 4c:16:87:a4:c4:73:13:4a:29:37:66:97:72:2f:94: f6:07:66:f4:09:a2:77:8f:30:94:1a:f5:2a:e2:84: 36:c4:0a:ae:5a:4f:e9:ee:00:0a:a4:8e:81:ee:59: 28:01:12:cd:6a:2d:12:2b:b2:f0:ac:dd:91:41:36: 34:b0:53:45:76:a2:4b:cf:b8:3e:8b:b8:66:f6:c1: 4e:34:6c:ff:64:00:5e:65:5a:68:6f:d1:b3:3d:2e: 53:89:d3:12:51:35:98:af:53:31:9e:39:0e:00:07: 6f:d8:de:19:7b:36:5a:a3:90:4d:47:f4:a1:80:fc: 49:3f:9f:b5:19:d1:bc:51:f2:32:e6:5b:e3:ff:d5: 1d:01:ad:46:5b:ee:f9:f0:68:95:6a:56:e7:27:c4: 28:19:f5:43:e1:3f:7f:e6:40:b6:0a:d6:45:70:09: 68:40:df:4d:41:b0:ad:2a:2d:6f:dc:1c:30:a4:be: 22:1e:c8:8c:e6:4e:36:b5:72:cd:b5:06:48:52:78: fd:8e:ec:07:37:56:e7:99:21:4a:a8:a9:73:91:6c: 78:79:8b:0f:9f:63:3e:13:f4:db:02:95:7c:b8:25: f6:72:0c:a6:9a:c9:61:86:4b:f8:d9:c8:ab:ad:db: 8a:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:B2:49:7E:CF:1A:55:09:03:6F:0E:69:02:6A:F2:6D:C2:35:40:44 X509v3 Authority Key Identifier: keyid:D1:9D:21:F6:5A:4C:93:CD:36:C3:07:33:02:13:0F:4E:65:B7:F0:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Z0h9lpMk802wwczAhMPTmW38Ok.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91765CB/695515E0062811EEA714C263C4F9AE02/0Z0h9lpMk802wwczAhMPTmW38Ok.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:27:ef:d4:4d:f5:fa:1d:4a:19:79:e1:f8:68:fe:2a:af:40: c4:09:44:56:a2:64:ea:fc:00:9d:ed:24:ad:9b:86:c7:80:31: 6f:8f:f2:5a:52:bf:0f:df:31:ac:31:e6:d0:bc:9f:a7:a3:10: d4:7e:87:5a:27:67:2d:82:ec:34:e9:8f:63:a2:a9:2c:35:9d: ca:96:ac:0b:96:49:9e:c1:5f:42:75:9b:20:32:9c:b7:18:b6: ab:37:1c:95:c1:fa:4b:c1:94:63:31:0f:06:94:ad:a3:4f:2c: c6:a8:2b:a0:ab:33:24:02:3e:dc:b5:7f:27:c1:7f:85:e5:1c: 0c:d3:c5:03:3a:fd:b3:14:2e:de:03:96:05:7a:a5:61:91:6c: aa:99:70:4a:69:99:fe:4f:c3:b3:b2:a4:7a:a8:7d:ed:eb:57: 81:bd:ba:c4:ca:04:b5:a0:0d:9d:3d:ea:6d:7f:6b:26:7e:cf: db:93:bc:05:3d:51:59:8d:7c:2f:9a:3e:fe:59:1b:0e:37:59: fa:00:c8:d0:ec:19:60:ae:e3:52:34:b5:17:f4:c7:6e:d4:9e: 32:cd:3a:c4:76:29:da:a2:da:bb:03:3b:72:ad:d5:c4:cb:ae: 9e:7b:e5:28:91:76:85:95:5f:c0:82:15:88:aa:1a:dd:4c:0c: bb:e0:0c:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzY1Q0IxMTAvBgNVBAUTKEQxOUQyMUY2NUE0QzkzQ0QzNkMzMDczMzAyMTMwRjRF NjVCN0YwRTkwHhcNMjUwOTA3MDMzNjE2WhcNMjUwOTE0MDMzNjE2WjAYMRYwFAYD VQQDEw02OGJjZmRiMC1iNjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2wsPfxDfS2DovBtQgMhMFoekxHMTSik3ZpdyL5T2B2b0CaJ3jzCUGvUq4oQ2 xAquWk/p7gAKpI6B7lkoARLNai0SK7LwrN2RQTY0sFNFdqJLz7g+i7hm9sFONGz/ ZABeZVpob9GzPS5TidMSUTWYr1MxnjkOAAdv2N4ZezZao5BNR/ShgPxJP5+1GdG8 UfIy5lvj/9UdAa1GW+758GiValbnJ8QoGfVD4T9/5kC2CtZFcAloQN9NQbCtKi1v 3BwwpL4iHsiM5k42tXLNtQZIUnj9juwHN1bnmSFKqKlzkWx4eYsPn2M+E/TbApV8 uCX2cgymmslhhkv42cirrduK3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFGySX7P GlUJA28OaQJq8m3CNUBEMB8GA1UdIwQYMBaAFNGdIfZaTJPNNsMHMwITD05lt/Dp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjVDQi82OTU1MTVFMDA2 MjgxMUVFQTcxNEMyNjNDNEY5QUUwMi8wWjBoOWxwTWs4MDJ3d2N6QWhNUFRtVzM4 T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBaMGg5bHBNazgwMnd3Y3pBaE1QVG1XMzhPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NjVDQi82OTU1MTVFMDA2MjgxMUVFQTcxNEMyNjNDNEY5QUUwMi8wWjBoOWxwTWs4 MDJ3d2N6QWhNUFRtVzM4T2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKJ+/UTfX6HUoZeeH4aP4qr0DECURWomTq/ACd7SStm4bHgDFvj/Ja Ur8P3zGsMebQvJ+noxDUfodaJ2ctguw06Y9joqksNZ3KlqwLlkmewV9CdZsgMpy3 GLarNxyVwfpLwZRjMQ8GlK2jTyzGqCugqzMkAj7ctX8nwX+F5RwM08UDOv2zFC7e A5YFeqVhkWyqmXBKaZn+T8OzsqR6qH3t61eBvbrEygS1oA2dPeptf2smfs/bk7wF PVFZjXwvmj7+WRsON1n6AMjQ7BlgruNSNLUX9Mdu1J4yzTrEdinaotq7AztyrdXE y66ee+UokXaFlV/AghWIqhrdTAy74AyQ -----END CERTIFICATE-----Generated at Sun Sep 7 10:55:33 2025 by rpki-client