$ rpki-client -vvf rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft File: 4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft (raw, json) Hash identifier: RHIGa1oy5IkxkjIYRxR5s9oD4Lj3FjQ6MLyd2UFXwfA= Subject key identifier: B3:A7:43:C5:7F:D4:F8:A9:62:16:22:D8:97:EA:2C:07:68:05:D0:E7 Authority key identifier: E0:C8:92:8F:94:51:52:0E:64:D1:DE:D5:8F:07:19:6B:58:61:B2:86 Certificate issuer: /CN=A917D4C4/serialNumber=E0C8928F9451520E64D1DED58F07196B5861B286 Certificate serial: 068C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft Manifest number: 0688 Signing time: Mon 08 Sep 2025 14:46:14 +0000 Manifest this update: Mon 08 Sep 2025 14:46:13 +0000 Manifest next update: Mon 15 Sep 2025 14:46:13 +0000 Files and hashes: 1: 4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl (hash: ImjXycUwluvdgwxlfZd99/w6UMZeN0qFSPBsTTlgAOc=) 2: 6E325DBC0E2F11EDB4659653C4F9AE02.roa (hash: NS8IXL+/osy1aonTB1YcjpMFwDzkEpu3g9yC5lM136w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 14:46:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1676 (0x68c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D4C4, serialNumber=E0C8928F9451520E64D1DED58F07196B5861B286 Validity Not Before: Sep 8 14:46:13 2025 GMT Not After : Sep 15 14:46:13 2025 GMT Subject: CN=68beec35-5ccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:2d:fb:72:1e:eb:04:a2:e9:0b:5d:2b:48:b0: d4:db:06:7d:ea:20:fe:37:e2:c5:98:15:7b:8b:c9: fe:cf:25:d5:23:b0:0c:5f:71:9a:56:c8:da:9e:8b: 2c:59:2e:ea:29:fe:c4:45:cd:25:92:af:c8:dc:9f: 47:c6:a1:f6:6d:50:d0:9f:2e:05:b0:03:45:b3:9f: db:28:e7:94:72:f0:f1:06:06:8d:55:a4:52:c5:5b: f7:13:ea:ea:88:83:74:61:61:a5:bf:3f:eb:5d:80: ad:25:93:26:6d:54:7c:0c:e9:6a:71:ab:e6:ea:4c: dc:56:3c:bf:32:4f:0b:28:ff:57:25:02:02:74:1a: 84:29:1b:ba:96:0a:68:11:57:1c:21:f0:8e:a2:60: 51:b6:cd:4e:08:54:b7:38:bf:24:14:c6:75:4f:7e: 84:1e:c2:35:83:1a:59:38:1a:ce:27:32:4e:da:7a: 5f:af:fb:91:32:8c:43:ed:16:b6:1b:ae:e5:8c:99: 9a:6c:c6:49:b4:1f:29:e8:c5:34:db:19:28:78:bb: 9a:3b:fe:a7:8c:eb:e2:be:d8:1d:42:c4:4d:59:ed: 2e:0a:c6:ed:d7:ad:43:bf:cf:9a:94:8c:a0:c7:b0: bd:cd:1d:eb:ca:22:d0:62:58:37:37:27:95:fa:8e: 86:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:A7:43:C5:7F:D4:F8:A9:62:16:22:D8:97:EA:2C:07:68:05:D0:E7 X509v3 Authority Key Identifier: keyid:E0:C8:92:8F:94:51:52:0E:64:D1:DE:D5:8F:07:19:6B:58:61:B2:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MiSj5RRUg5k0d7VjwcZa1hhsoY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D4C4/439CF87C8D7B11EB8D8BD60BC4F9AE02/4MiSj5RRUg5k0d7VjwcZa1hhsoY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:ee:88:7e:da:9d:ad:5c:0c:4e:15:9b:ec:e2:4d:15:b1:f4: ed:12:20:06:8d:25:ff:df:66:07:14:6f:58:43:e7:73:ee:2f: 27:4b:e1:98:02:00:81:bf:fe:e3:9b:de:25:02:48:4b:a3:ae: 37:10:5c:8b:19:b9:2f:c4:05:33:a4:e7:05:dd:fa:07:2e:e1: a1:79:c7:bf:7d:ba:c7:78:7f:fa:b7:34:6e:4e:ef:64:34:fe: a5:30:43:25:7b:89:1c:ed:d5:1d:09:be:87:bb:b9:52:37:bc: 11:f2:3f:2f:ef:8f:49:9d:c6:93:43:6a:22:29:c7:93:61:79: 30:9a:b7:bd:e8:df:29:62:2b:9f:ee:20:ca:e1:f4:a4:2f:fd: 98:bb:a3:40:e8:01:b6:d1:b1:c0:d6:99:e8:13:e7:0e:31:89: d6:f8:3d:20:f6:89:b5:bb:f3:50:ca:20:09:5b:42:c8:80:34: db:9a:01:4a:d4:6f:06:63:e7:84:16:9e:36:ed:18:a3:49:91: 08:74:5c:83:a3:8b:32:96:61:c6:67:95:a7:a9:20:92:d0:b5: 8b:2e:7d:c0:07:9a:50:a6:00:cf:d8:86:06:82:36:58:ed:4b: 53:01:bd:2e:59:dc:af:bc:b8:9b:96:4b:32:0e:31:8c:c4:44: 7f:47:6a:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q0QzQxMTAvBgNVBAUTKEUwQzg5MjhGOTQ1MTUyMEU2NEQxREVENThGMDcxOTZC NTg2MUIyODYwHhcNMjUwOTA4MTQ0NjEzWhcNMjUwOTE1MTQ0NjEzWjAYMRYwFAYD VQQDEw02OGJlZWMzNS01Y2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApC37ch7rBKLpC10rSLDU2wZ96iD+N+LFmBV7i8n+zyXVI7AMX3GaVsjanoss WS7qKf7ERc0lkq/I3J9HxqH2bVDQny4FsANFs5/bKOeUcvDxBgaNVaRSxVv3E+rq iIN0YWGlvz/rXYCtJZMmbVR8DOlqcavm6kzcVjy/Mk8LKP9XJQICdBqEKRu6lgpo EVccIfCOomBRts1OCFS3OL8kFMZ1T36EHsI1gxpZOBrOJzJO2npfr/uRMoxD7Ra2 G67ljJmabMZJtB8p6MU02xkoeLuaO/6njOvivtgdQsRNWe0uCsbt161Dv8+alIyg x7C9zR3ryiLQYlg3NyeV+o6G6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLOnQ8V/ 1PipYhYi2JfqLAdoBdDnMB8GA1UdIwQYMBaAFODIko+UUVIOZNHe1Y8HGWtYYbKG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDRDNC80MzlDRjg3QzhE N0IxMUVCOEQ4QkQ2MEJDNEY5QUUwMi80TWlTajVSUlVnNWswZDdWandjWmExaGhz b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRNaVNqNVJSVWc1azBkN1Zqd2NaYTFoaHNvWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDRDNC80MzlDRjg3QzhEN0IxMUVCOEQ4QkQ2MEJDNEY5QUUwMi80TWlTajVSUlVn NWswZDdWandjWmExaGhzb1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+7oh+2p2tXAxOFZvs4k0VsfTtEiAGjSX/32YHFG9YQ+dz7i8nS+GY AgCBv/7jm94lAkhLo643EFyLGbkvxAUzpOcF3foHLuGhece/fbrHeH/6tzRuTu9k NP6lMEMle4kc7dUdCb6Hu7lSN7wR8j8v749JncaTQ2oiKceTYXkwmre96N8pYiuf 7iDK4fSkL/2Yu6NA6AG20bHA1pnoE+cOMYnW+D0g9om1u/NQyiAJW0LIgDTbmgFK 1G8GY+eEFp427RijSZEIdFyDo4sylmHGZ5WnqSCS0LWLLn3AB5pQpgDP2IYGgjZY 7UtTAb0uWdyvvLiblksyDjGMxER/R2rN -----END CERTIFICATE-----Generated at Tue Sep 9 17:26:40 2025 by rpki-client