$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft File: htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft (raw, json) Hash identifier: 9nKS6h4mEIaaXBmdSQ9p6BagXxNYi7i8JRqz17Bz4qA= Subject key identifier: BF:DE:54:D7:F6:5E:C9:F9:55:AB:53:A1:CF:CD:E4:11:3E:1F:6B:D5 Authority key identifier: 86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D Certificate issuer: /CN=A91A99C5/serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft Manifest number: 25 Signing time: Wed 17 Sep 2025 08:32:17 +0000 Manifest this update: Wed 17 Sep 2025 08:32:17 +0000 Manifest next update: Wed 24 Sep 2025 08:32:17 +0000 Files and hashes: 1: htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl (hash: gsjTGszxPCRbPXeSBI1L14t/RZ3dctxe6zuOm2FdRdE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:32:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A99C5, serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Validity Not Before: Sep 17 08:32:17 2025 GMT Not After : Sep 24 08:32:17 2025 GMT Subject: CN=68ca7211-1809 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b5:2f:d8:9b:eb:5b:23:b6:75:04:89:74:21: 6f:5f:f1:d0:f0:cf:6a:e7:9f:0f:8b:75:48:1f:54: 60:c8:7d:bf:13:ee:05:8c:6e:72:85:e5:37:15:aa: 26:f2:88:0f:a9:6c:09:00:24:e4:ca:4b:d4:b5:e9: 75:bd:a5:d9:6c:11:d0:cc:9c:72:00:fd:46:88:7a: 54:51:b5:e6:4f:16:c4:06:1a:e7:64:c2:98:07:0f: f1:11:6b:d8:a8:9c:5c:89:bc:3b:6b:b7:d4:90:95: 03:31:c5:da:55:5a:89:3e:24:9e:ec:7d:6c:6c:06: f8:a1:b7:2f:74:d7:5e:91:84:73:a0:65:88:1d:b8: 11:a2:fe:bf:8c:63:82:19:4b:31:57:25:14:46:3f: 50:28:31:e8:cd:a8:9d:cb:1a:a7:c9:cf:49:d5:7c: 4b:25:d5:1f:69:d5:61:76:37:06:0b:fd:fd:02:01: 0c:f2:c0:6f:48:4d:53:e7:b8:71:2c:9f:9b:d8:fd: 42:c7:d0:65:d9:27:2a:0b:4f:20:f7:57:95:c2:b0: 9d:1b:72:10:99:5b:3e:69:65:24:cc:09:8a:6a:fa: ee:56:7f:df:22:42:0b:65:c4:06:51:da:ae:39:4f: f9:90:96:54:34:f9:e4:23:15:c2:b4:22:22:a4:35: a1:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:DE:54:D7:F6:5E:C9:F9:55:AB:53:A1:CF:CD:E4:11:3E:1F:6B:D5 X509v3 Authority Key Identifier: keyid:86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:53:8e:96:d0:21:fe:b9:bb:66:bd:13:72:2c:b4:d9:61:52: 76:8b:1e:3f:e4:cf:9d:07:7b:6d:6e:1e:01:de:79:f7:a0:e2: e0:02:8c:8d:c6:1f:6c:ba:ec:15:20:81:20:58:2d:e1:9e:6c: 95:99:2e:fd:f7:4a:63:e0:df:c0:87:ac:f2:23:68:86:ad:8f: 89:0c:dd:b8:a9:a2:65:48:c5:e5:ec:75:7b:7b:44:43:79:c2: 9d:97:a1:c1:ea:23:78:a7:26:5d:52:86:b2:e6:83:89:b5:1c: 63:3a:0a:a6:49:5c:13:de:a1:15:9b:db:84:f8:35:ec:9f:40: a8:27:32:a6:81:3f:43:fd:7e:9c:90:83:5f:23:ec:e3:7d:5a: 03:54:37:00:22:b3:23:c2:08:f1:c7:3a:84:84:bf:f4:75:85: ed:7d:32:40:9c:31:99:40:fe:d9:aa:20:27:f1:99:3b:e6:72: ee:f7:19:fa:78:79:20:91:3f:c0:80:20:b8:d5:0c:75:9f:ab: 7c:69:7f:e6:9f:e8:9b:87:b8:ed:61:28:c4:10:3b:9c:50:db: 36:33:98:61:20:ba:36:c3:83:9f:ec:0e:84:5d:8f:19:84:47: 32:38:08:7e:b4:35:fd:e9:4d:49:30:db:2e:42:a6:a0:9a:ec: 5f:3e:07:5d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTlDNTExMC8GA1UEBRMoODZEOTVGNDFFRDE5ODFGQThEMEI1OTA4RDY0NDQ2NTEw RTZFQUM3RDAeFw0yNTA5MTcwODMyMTdaFw0yNTA5MjQwODMyMTdaMBgxFjAUBgNV BAMTDTY4Y2E3MjExLTE4MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4tS/Ym+tbI7Z1BIl0IW9f8dDwz2rnnw+LdUgfVGDIfb8T7gWMbnKF5TcVqiby iA+pbAkAJOTKS9S16XW9pdlsEdDMnHIA/UaIelRRteZPFsQGGudkwpgHD/ERa9io nFyJvDtrt9SQlQMxxdpVWok+JJ7sfWxsBvihty90116RhHOgZYgduBGi/r+MY4IZ SzFXJRRGP1AoMejNqJ3LGqfJz0nVfEsl1R9p1WF2NwYL/f0CAQzywG9ITVPnuHEs n5vY/ULH0GXZJyoLTyD3V5XCsJ0bchCZWz5pZSTMCYpq+u5Wf98iQgtlxAZR2q45 T/mQllQ0+eQjFcK0IiKkNaFZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUv95U1/Ze yflVq1Ohz83kET4fa9UwHwYDVR0jBBgwFoAUhtlfQe0ZgfqNC1kI1kRGUQ5urH0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUM1LzA2MDNFNUJFNURC QzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2ZxTkMxa0kxa1JHVVE1dXJI MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaHRsZlFlMFpnZnFOQzFrSTFrUkdVUTV1ckgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 OUM1LzA2MDNFNUJFNURCQzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2Zx TkMxa0kxa1JHVVE1dXJIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAClTjpbQIf65u2a9E3IstNlhUnaLHj/kz50He21uHgHeefeg4uACjI3G H2y67BUggSBYLeGebJWZLv33SmPg38CHrPIjaIatj4kM3bipomVIxeXsdXt7REN5 wp2XocHqI3inJl1ShrLmg4m1HGM6CqZJXBPeoRWb24T4NeyfQKgnMqaBP0P9fpyQ g18j7ON9WgNUNwAisyPCCPHHOoSEv/R1he19MkCcMZlA/tmqICfxmTvmcu73Gfp4 eSCRP8CAILjVDHWfq3xpf+af6JuHuO1hKMQQO5xQ2zYzmGEgujbDg5/sDoRdjxmE RzI4CH60Nf3pTUkw2y5CpqCa7F8+B10= -----END CERTIFICATE-----Generated at Fri Sep 19 04:04:43 2025 by rpki-client