$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft File: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft (raw, json) Hash identifier: kujNE+nhKwwxmfcUVW3OlOXtWTwbA9KuOs8q3iL9KbI= Subject key identifier: B9:80:83:F9:39:6A:EB:FB:DF:32:74:B9:27:C5:E1:57:DF:00:C5:9B Authority key identifier: CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 Certificate issuer: /CN=A91A4B1A/serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Certificate serial: 1E4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft Manifest number: 1E39 Signing time: Thu 04 Sep 2025 16:10:44 +0000 Manifest this update: Thu 04 Sep 2025 16:10:43 +0000 Manifest next update: Thu 11 Sep 2025 16:10:43 +0000 Files and hashes: 1: zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl (hash: aJUPymyHDQ+a966BRDmhbZyEKubmsVBQjPe4mZGl7Ro=) 2: 4A6679EC14DF11EEAB46A86DC4F9AE02.roa (hash: yY5rZMTsOpnGO6cAR5A6bi22J/lJ789z+ED1oN3orxw=) 3: 4B52A44814DF11EEAB46A86DC4F9AE02.roa (hash: 36rBW03tvoWvEp5FFhkEkP0PegguzR76VTv8hEMsFNk=) 4: 1DBC9D405DB411EEA017251AC4F9AE02.roa (hash: 2w+ZZZiHGzET+UAGMpulJr633xByME/2FAJYerduoZE=) 5: 4CE75372B9DE11EEBC5B0D21C4F9AE02.roa (hash: yps3mcP7HEC1/XDzl5d78p6GLXVPbcsPt7pEv3x1HZA=) 6: 4999305414DF11EEAB46A86DC4F9AE02.roa (hash: Bl17bhrifD1PMrI4c5ur7v5yVCt37LP+FsjpzcQgt1k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 16:10:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7754 (0x1e4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B1A, serialNumber=CE114680FF6F4D9BC3F1880D610D6AEEEAEBF0D4 Validity Not Before: Sep 4 16:10:43 2025 GMT Not After : Sep 11 16:10:43 2025 GMT Subject: CN=68b9ba03-86af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a2:db:c6:b4:92:5f:75:9e:93:c9:bf:1b:19: 63:95:4e:88:17:01:6c:7e:43:92:43:db:5c:a2:90: d6:f7:75:ff:b1:89:a7:bf:b3:69:88:4d:58:f7:04: 9a:97:21:5b:a3:b5:e8:82:5d:25:f4:c5:44:7f:68: c6:a2:6c:54:f4:1a:80:21:bc:21:f0:b9:f5:ff:f3: c2:ed:ac:7b:8e:ac:1b:df:c9:9f:59:00:2f:3e:67: 13:99:58:1c:5d:b1:53:42:1b:a7:75:0b:28:2e:72: b2:a0:9b:33:45:bf:2e:c2:74:9d:41:db:2f:3c:0f: 20:14:8e:96:b1:52:fc:f6:19:cc:58:f5:e8:44:65: 88:2f:32:19:ef:0e:d8:47:05:49:12:16:83:47:12: 34:0d:a9:08:d1:e4:70:7b:a3:21:49:3e:76:4a:14: 2d:e6:ee:85:dd:ed:e3:75:20:f0:35:99:b2:bd:bb: 83:48:6d:5a:a7:76:0f:5a:58:42:f4:47:9f:3a:cf: c1:05:d4:39:9c:0a:32:29:5c:0b:99:2a:a8:f6:fe: 8b:38:25:a3:fe:d6:30:4f:33:2d:d9:8c:af:b6:6b: 90:c8:bf:5a:87:02:3a:bc:79:b1:a3:18:5d:a6:ec: 71:b1:2a:33:0d:89:cb:2a:4c:26:dd:8f:e0:5e:9c: 78:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:80:83:F9:39:6A:EB:FB:DF:32:74:B9:27:C5:E1:57:DF:00:C5:9B X509v3 Authority Key Identifier: keyid:CE:11:46:80:FF:6F:4D:9B:C3:F1:88:0D:61:0D:6A:EE:EA:EB:F0:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/5DD48AB689F211E69E5F6339C4F9AE02/zhFGgP9vTZvD8YgNYQ1q7urr8NQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:17:55:5b:0b:c7:cf:2b:1b:55:f7:bd:3c:3a:09:85:c4:53: 12:76:6a:ce:cc:52:27:39:e7:84:db:1e:22:3f:8f:3c:1a:15: d7:2a:9e:07:f3:e3:d4:1e:86:50:3d:1d:c1:e3:09:d6:8b:98: 27:e5:f0:76:37:73:9d:7e:20:bf:33:58:75:40:e2:44:b4:b1: 22:df:69:cc:73:c7:cd:cd:62:44:5c:8f:26:54:3c:04:7f:10: e4:b1:79:46:f6:95:89:18:b9:92:9f:ee:46:7b:ed:d7:88:43: d7:c9:73:3b:b1:90:bb:c6:e5:2f:35:21:46:9f:76:8c:2c:e2: c4:cd:47:21:5d:eb:4f:9e:cd:88:63:79:6a:e7:da:57:a9:3d: 4a:7c:82:99:12:73:e8:d6:59:93:4f:3f:ea:db:68:01:76:54: 8e:cb:86:ba:01:89:6a:bb:3f:6a:f8:4e:39:dd:f8:16:1e:45: 63:18:87:70:19:75:da:2d:f7:42:be:35:02:d2:34:7c:94:df: 99:1f:13:bf:ef:b7:7a:6a:ca:35:11:9c:7f:fe:7a:a9:f2:a1: 6d:b8:14:97:82:0d:e3:0f:76:39:2f:c8:c7:49:3c:02:e5:2f: 81:fd:89:a4:b1:eb:16:49:a5:67:33:b7:79:00:f8:ef:16:e3: 2a:5c:2e:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMUExMTAvBgNVBAUTKENFMTE0NjgwRkY2RjREOUJDM0YxODgwRDYxMEQ2QUVF RUFFQkYwRDQwHhcNMjUwOTA0MTYxMDQzWhcNMjUwOTExMTYxMDQzWjAYMRYwFAYD VQQDEw02OGI5YmEwMy04NmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxqLbxrSSX3Wek8m/GxljlU6IFwFsfkOSQ9tcopDW93X/sYmnv7NpiE1Y9wSa lyFbo7Xogl0l9MVEf2jGomxU9BqAIbwh8Ln1//PC7ax7jqwb38mfWQAvPmcTmVgc XbFTQhundQsoLnKyoJszRb8uwnSdQdsvPA8gFI6WsVL89hnMWPXoRGWILzIZ7w7Y RwVJEhaDRxI0DakI0eRwe6MhST52ShQt5u6F3e3jdSDwNZmyvbuDSG1ap3YPWlhC 9EefOs/BBdQ5nAoyKVwLmSqo9v6LOCWj/tYwTzMt2YyvtmuQyL9ahwI6vHmxoxhd puxxsSozDYnLKkwm3Y/gXpx4pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLmAg/k5 auv73zJ0uSfF4VffAMWbMB8GA1UdIwQYMBaAFM4RRoD/b02bw/GIDWENau7q6/DU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS81REQ0OEFCNjg5 RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRadkQ4WWdOWVExcTd1cnI4 TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3poRkdnUDl2VFp2RDhZZ05ZUTFxN3VycjhOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NEIxQS81REQ0OEFCNjg5RjIxMUU2OUU1RjYzMzlDNEY5QUUwMi96aEZHZ1A5dlRa dkQ4WWdOWVExcTd1cnI4TlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqF1VbC8fPKxtV9708OgmFxFMSdmrOzFInOeeE2x4iP488GhXXKp4H 8+PUHoZQPR3B4wnWi5gn5fB2N3OdfiC/M1h1QOJEtLEi32nMc8fNzWJEXI8mVDwE fxDksXlG9pWJGLmSn+5Ge+3XiEPXyXM7sZC7xuUvNSFGn3aMLOLEzUchXetPns2I Y3lq59pXqT1KfIKZEnPo1lmTTz/q22gBdlSOy4a6AYlquz9q+E453fgWHkVjGIdw GXXaLfdCvjUC0jR8lN+ZHxO/77d6aso1EZx//nqp8qFtuBSXgg3jD3Y5L8jHSTwC 5S+B/YmksesWSaVnM7d5APjvFuMqXC5R -----END CERTIFICATE-----Generated at Sat Sep 6 16:11:57 2025 by rpki-client