$ rpki-client -vvf rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft File: kzrtfDoGQianFEt0eMdAPazdgAU.mft (raw, json) Hash identifier: qfcdRwHbufdJJ9XrInzelvImXkBKOalplABl1uxWmY0= Subject key identifier: 24:C0:7B:B0:AF:10:EB:AC:BF:49:28:5C:67:D4:D0:92:80:4F:36:3D Authority key identifier: 93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 Certificate issuer: /CN=A91A81F7/serialNumber=933AED7C3A064226A7144B7478C7403DACDD8005 Certificate serial: 03D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft Manifest number: 03CD Signing time: Wed 17 Sep 2025 01:06:44 +0000 Manifest this update: Wed 17 Sep 2025 01:06:43 +0000 Manifest next update: Wed 24 Sep 2025 01:06:43 +0000 Files and hashes: 1: kzrtfDoGQianFEt0eMdAPazdgAU.crl (hash: 3UZF2Y50wKOQPk/tgq7saw9cSWEGazIs3PjWVziRy/8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 01:06:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 978 (0x3d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A81F7, serialNumber=933AED7C3A064226A7144B7478C7403DACDD8005 Validity Not Before: Sep 17 01:06:43 2025 GMT Not After : Sep 24 01:06:43 2025 GMT Subject: CN=68ca09a4-5401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:2b:3d:30:3b:f0:5f:23:79:07:f7:5a:bb:8a: 2d:ef:d4:7d:aa:3c:f9:8e:c3:76:f2:93:02:19:17: e5:64:d2:a6:98:19:0c:5a:8d:cc:46:ab:40:98:c2: ec:72:c9:dd:de:66:65:21:42:1e:f1:9d:8c:1d:43: 4c:c6:15:35:90:c7:53:65:6a:f7:0b:6a:b6:65:ee: 65:09:e0:44:97:5f:43:ec:fd:70:ad:55:f0:e0:3d: c3:d0:c6:ef:0c:96:4f:92:31:6c:bf:06:14:90:5b: 9b:fe:14:34:d2:f6:70:06:50:0d:79:8b:06:20:a4: 50:82:7e:9c:6d:c1:f8:2f:88:26:35:29:02:53:98: 0d:34:08:59:14:24:ae:47:2b:23:65:08:8d:24:28: ac:6b:a0:c1:ca:5a:f0:b6:cc:b4:eb:7e:01:a1:0a: c9:25:40:c1:29:d9:07:bf:f7:2c:16:d0:bf:33:ef: e6:99:50:47:ce:65:54:b9:f5:db:ca:d1:ea:c6:b6: a6:22:76:32:70:0d:1e:15:1c:44:73:9a:55:fa:e8: ea:88:6e:37:5e:76:51:0d:7d:77:ea:7d:a4:7f:25: bf:d8:96:0c:95:1e:f4:5a:70:1b:b7:9f:02:f4:de: 5e:cd:6e:cb:d4:10:f9:87:aa:7b:eb:b3:a0:c7:1a: 17:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:C0:7B:B0:AF:10:EB:AC:BF:49:28:5C:67:D4:D0:92:80:4F:36:3D X509v3 Authority Key Identifier: keyid:93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:2d:82:76:8f:2d:cd:67:26:ff:4c:6d:fc:a5:82:45:a1:30: b8:96:f4:5f:53:a6:4f:2e:85:88:b5:76:00:3f:0f:4c:30:56: 5d:2b:9a:77:d2:3b:7a:40:0f:bb:f5:e5:94:a7:86:14:3f:f0: 2a:f7:4b:aa:f7:6c:2e:e8:ef:ed:a9:a8:b5:90:f0:e2:10:2e: 86:b7:da:75:0d:36:97:5f:69:0f:4c:b1:85:15:5e:93:b0:78: be:0b:73:26:3b:96:40:2a:32:53:76:c1:38:22:6a:2f:c3:0f: 0e:46:2d:2a:7a:3c:9e:ca:59:71:43:9c:1d:8f:e0:d8:dc:c5: 32:94:17:9f:1c:db:8a:94:b5:64:5d:fa:1c:56:bd:e7:22:f9: 69:b1:3f:8f:fd:e3:08:34:f6:ad:da:9e:ce:30:39:59:a6:2f: d5:60:a7:29:70:f1:5b:e1:76:ab:ed:2c:40:39:a1:da:d3:39: c4:ae:bc:9e:66:9d:f3:5f:96:ea:5a:04:7c:5b:20:86:05:d6: 92:2a:6b:a3:86:e6:a0:d2:f1:14:2a:be:61:c7:a4:6e:72:9a: 66:ed:f1:f4:8a:e3:b3:45:44:9b:4a:77:a4:a9:e4:ae:6a:15: 53:a4:bf:7f:78:dd:23:69:4c:de:44:ce:e1:70:22:9b:eb:e8: f8:9b:a9:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTgxRjcxMTAvBgNVBAUTKDkzM0FFRDdDM0EwNjQyMjZBNzE0NEI3NDc4Qzc0MDNE QUNERDgwMDUwHhcNMjUwOTE3MDEwNjQzWhcNMjUwOTI0MDEwNjQzWjAYMRYwFAYD VQQDEw02OGNhMDlhNC01NDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyis9MDvwXyN5B/dau4ot79R9qjz5jsN28pMCGRflZNKmmBkMWo3MRqtAmMLs csnd3mZlIUIe8Z2MHUNMxhU1kMdTZWr3C2q2Ze5lCeBEl19D7P1wrVXw4D3D0Mbv DJZPkjFsvwYUkFub/hQ00vZwBlANeYsGIKRQgn6cbcH4L4gmNSkCU5gNNAhZFCSu RysjZQiNJCisa6DBylrwtsy0634BoQrJJUDBKdkHv/csFtC/M+/mmVBHzmVUufXb ytHqxramInYycA0eFRxEc5pV+ujqiG43XnZRDX136n2kfyW/2JYMlR70WnAbt58C 9N5ezW7L1BD5h6p767OgxxoX9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTAe7Cv EOusv0koXGfU0JKATzY9MB8GA1UdIwQYMBaAFJM67Xw6BkImpxRLdHjHQD2s3YAF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODFGNy8zMEY0NkVFRTlG ODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1FpYW5GRXQwZU1kQVBhemRn QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6cnRmRG9HUWlhbkZFdDBlTWRBUGF6ZGdBVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODFGNy8zMEY0NkVFRTlGODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1Fp YW5GRXQwZU1kQVBhemRnQVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjLYJ2jy3NZyb/TG38pYJFoTC4lvRfU6ZPLoWItXYAPw9MMFZdK5p3 0jt6QA+79eWUp4YUP/Aq90uq92wu6O/tqai1kPDiEC6Gt9p1DTaXX2kPTLGFFV6T sHi+C3MmO5ZAKjJTdsE4Imovww8ORi0qejyeyllxQ5wdj+DY3MUylBefHNuKlLVk XfocVr3nIvlpsT+P/eMINPat2p7OMDlZpi/VYKcpcPFb4Xar7SxAOaHa0znErrye Zp3zX5bqWgR8WyCGBdaSKmujhuag0vEUKr5hx6Rucppm7fH0iuOzRUSbSnekqeSu ahVTpL9/eN0jaUzeRM7hcCKb6+j4m6la -----END CERTIFICATE-----Generated at Thu Sep 18 20:24:53 2025 by rpki-client