$ rpki-client -vvf rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft File: 8CJFNT_B8ZSpAipKwBl33l_eNvk.mft (raw, json) Hash identifier: 2C+Av3fyQ4YnzP94UtR1n1eLOGQdCJf8w4jXak2wBGY= Subject key identifier: 2B:EA:BF:68:CF:4C:F6:1F:9D:1C:5C:EA:CC:DF:76:3B:A0:62:F4:CC Authority key identifier: F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9 Certificate issuer: /CN=A918A96A/serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9 Certificate serial: 03AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft Manifest number: 0396 Signing time: Wed 17 Sep 2025 01:19:43 +0000 Manifest this update: Wed 17 Sep 2025 01:19:43 +0000 Manifest next update: Wed 24 Sep 2025 01:19:43 +0000 Files and hashes: 1: 8CJFNT_B8ZSpAipKwBl33l_eNvk.crl (hash: xWFiGMIHg4ZkqWc/Vko5Q+6NfIsbCWYchcwv9iDBOfA=) 2: 2DE4C8AA9B6111EF99A97B52C4F9AE02.roa (hash: XtdmJSxuSqJLeY4yGf6y31fYXsFvKu/1qBD/nGzqK1E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.crl rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 01:19:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 938 (0x3aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A96A, serialNumber=F02245353FC1F194A9022A4AC01977DE5FDE36F9 Validity Not Before: Sep 17 01:19:43 2025 GMT Not After : Sep 24 01:19:43 2025 GMT Subject: CN=68ca0caf-652e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:28:33:21:db:2b:03:0b:03:8f:7d:f0:3d:26: b9:48:80:23:02:68:6c:ec:33:72:d9:a4:55:2d:77: 22:b7:a4:3c:41:1e:5a:ae:76:0f:61:df:76:cd:ea: e1:ae:a1:60:67:74:9b:97:43:2f:05:46:ee:47:f3: 1b:f5:48:86:1f:38:87:c5:a6:77:e7:58:fe:74:04: e5:1e:be:b1:c7:3e:a3:6b:15:44:70:98:9c:29:5e: e8:44:bc:20:33:e3:e2:00:44:f0:ae:91:48:6b:c1: 7a:aa:48:4c:d6:a9:99:5e:0d:0c:37:2a:df:20:e3: d7:f1:9a:ee:0d:1d:51:25:6c:08:66:61:9a:eb:ac: 30:d3:ae:87:25:43:d2:3b:95:7f:1f:d0:0f:ae:58: 42:d4:21:ec:70:07:24:45:2c:44:51:ef:9e:30:f2: f4:5e:25:f1:ce:2f:27:01:57:d3:61:f2:e8:0b:bc: 34:9b:97:f8:51:74:7c:8a:5b:4e:78:99:43:da:02: e7:24:5b:1c:f8:c9:92:2e:bb:ff:51:b4:48:7f:46: 0d:4f:0a:26:83:74:3a:a5:ba:45:25:d1:75:9d:21: bf:ca:d2:d2:23:75:84:5d:af:fe:ce:d1:ea:a8:27: dc:e0:50:a2:70:a0:fa:27:c8:50:f7:24:66:12:fc: 51:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:EA:BF:68:CF:4C:F6:1F:9D:1C:5C:EA:CC:DF:76:3B:A0:62:F4:CC X509v3 Authority Key Identifier: keyid:F0:22:45:35:3F:C1:F1:94:A9:02:2A:4A:C0:19:77:DE:5F:DE:36:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8CJFNT_B8ZSpAipKwBl33l_eNvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A96A/28785F60BFBF11ECAED48C71C4F9AE02/8CJFNT_B8ZSpAipKwBl33l_eNvk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:7c:b2:4e:92:aa:51:df:2d:0d:bf:12:d0:3d:5f:89:4a:7a: 66:60:77:33:ec:07:f2:3e:11:31:6d:c6:30:08:24:b8:2a:99: 1c:da:fc:fa:cc:6d:22:b5:09:71:1a:40:b8:19:df:bd:95:7a: 71:88:d0:fc:48:5b:c2:cb:e6:7c:bd:79:56:10:e6:3d:8c:95: b9:d9:21:ee:4c:c0:fc:25:1d:32:2f:e7:f0:24:78:8d:7b:ea: e9:f9:7e:6c:1a:ca:27:3a:b8:97:4e:c0:d5:91:b0:e4:bd:6f: e6:ba:59:0c:59:58:45:18:33:c3:0b:a7:1c:0f:c8:09:60:61: 76:2c:ef:df:11:7f:86:9d:b7:92:94:c5:51:9a:3a:3c:95:e6: 89:80:73:27:c4:ec:ee:45:43:ed:ad:4f:8c:12:8d:9f:b9:ed: 8f:36:6f:c0:49:55:46:ac:a3:cd:c4:e3:75:37:ea:4a:57:4e: bd:21:60:0e:e0:99:85:21:64:9b:f9:7f:8e:75:ef:71:00:4f: 93:fc:2a:b1:1a:a0:fc:af:7e:47:c9:03:19:96:38:3a:a2:d5: 5a:95:e0:de:6f:ec:f7:60:22:2f:c5:0c:31:b9:c6:50:ce:4a: 4a:5d:35:50:02:e5:0f:6b:51:8d:10:f2:3c:6c:5a:03:4c:14: be:ec:7e:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE5NkExMTAvBgNVBAUTKEYwMjI0NTM1M0ZDMUYxOTRBOTAyMkE0QUMwMTk3N0RF NUZERTM2RjkwHhcNMjUwOTE3MDExOTQzWhcNMjUwOTI0MDExOTQzWjAYMRYwFAYD VQQDEw02OGNhMGNhZi02NTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3CgzIdsrAwsDj33wPSa5SIAjAmhs7DNy2aRVLXcit6Q8QR5arnYPYd92zerh rqFgZ3Sbl0MvBUbuR/Mb9UiGHziHxaZ351j+dATlHr6xxz6jaxVEcJicKV7oRLwg M+PiAETwrpFIa8F6qkhM1qmZXg0MNyrfIOPX8ZruDR1RJWwIZmGa66ww066HJUPS O5V/H9APrlhC1CHscAckRSxEUe+eMPL0XiXxzi8nAVfTYfLoC7w0m5f4UXR8iltO eJlD2gLnJFsc+MmSLrv/UbRIf0YNTwomg3Q6pbpFJdF1nSG/ytLSI3WEXa/+ztHq qCfc4FCicKD6J8hQ9yRmEvxRwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCvqv2jP TPYfnRxc6szfdjugYvTMMB8GA1UdIwQYMBaAFPAiRTU/wfGUqQIqSsAZd95f3jb5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTk2QS8yODc4NUY2MEJG QkYxMUVDQUVENDhDNzFDNEY5QUUwMi84Q0pGTlRfQjhaU3BBaXBLd0JsMzNsX2VO dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhDSkZOVF9COFpTcEFpcEt3QmwzM2xfZU52ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTk2QS8yODc4NUY2MEJGQkYxMUVDQUVENDhDNzFDNEY5QUUwMi84Q0pGTlRfQjha U3BBaXBLd0JsMzNsX2VOdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSfLJOkqpR3y0NvxLQPV+JSnpmYHcz7AfyPhExbcYwCCS4Kpkc2vz6 zG0itQlxGkC4Gd+9lXpxiND8SFvCy+Z8vXlWEOY9jJW52SHuTMD8JR0yL+fwJHiN e+rp+X5sGsonOriXTsDVkbDkvW/mulkMWVhFGDPDC6ccD8gJYGF2LO/fEX+GnbeS lMVRmjo8leaJgHMnxOzuRUPtrU+MEo2fue2PNm/ASVVGrKPNxON1N+pKV069IWAO 4JmFIWSb+X+Ode9xAE+T/CqxGqD8r35HyQMZljg6otValeDeb+z3YCIvxQwxucZQ zkpKXTVQAuUPa1GNEPI8bFoDTBS+7H63 -----END CERTIFICATE-----Generated at Fri Sep 19 00:47:45 2025 by rpki-client