$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft File: iOe1QfQimNbptRZdllJGzBzB9aI.mft (raw, json) Hash identifier: xZQpTYD3uSW0CvvfJDnCXgO5j41WNjFMhnXSN9nvkMI= Subject key identifier: 7B:5F:8B:AC:97:D7:41:2C:82:E4:81:50:CB:D2:76:F1:56:1C:15:85 Authority key identifier: 88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 Certificate issuer: /CN=A91A9D0F/serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Certificate serial: 0F95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft Manifest number: 0F5A Signing time: Mon 08 Sep 2025 17:39:17 +0000 Manifest this update: Mon 08 Sep 2025 17:39:17 +0000 Manifest next update: Mon 15 Sep 2025 17:39:17 +0000 Files and hashes: 1: iOe1QfQimNbptRZdllJGzBzB9aI.crl (hash: kkrt93IAPa0iwL/Hd3lCGR8OKBmdI+HfTlbXsNrXbHQ=) 2: 13C1EDA8767911EE9A957930C4F9AE02.roa (hash: rMgdKojSnMQn5zP9ArOeE344pCaixcohoQsewhOoy54=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 17:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3989 (0xf95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9D0F, serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Validity Not Before: Sep 8 17:39:17 2025 GMT Not After : Sep 15 17:39:17 2025 GMT Subject: CN=68bf14c5-0944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7b:aa:c0:1d:15:c4:68:be:10:92:5b:d6:ed: b8:51:fa:0f:3b:69:f5:af:52:43:28:ff:88:cf:6f: b2:95:90:6c:e4:cd:ff:92:84:6f:cd:12:c9:ef:aa: 10:d5:a5:5c:58:27:4e:b1:2b:38:71:f8:61:11:b9: 1f:87:88:bf:7a:e4:e1:07:0a:69:d6:98:bb:e0:c0: 90:eb:e5:d9:b4:fb:33:87:ce:c3:2a:26:86:81:81: e2:25:ba:60:77:d5:04:2b:20:e8:dd:35:b6:54:cb: c9:ed:aa:f3:46:94:66:e1:d1:5d:3a:3b:03:76:f4: d3:aa:86:ac:a6:5f:fc:7f:ea:22:05:13:23:f6:d5: 75:5f:49:e3:b1:f7:64:68:40:ab:d1:8f:76:30:97: c1:11:8c:5a:5e:01:22:a4:4b:f8:e0:5d:27:cd:30: ce:f2:5f:d8:41:25:ef:93:28:cb:00:f4:82:60:ef: 99:28:82:e2:3a:fc:08:66:06:3e:cb:a4:d9:34:29: 49:16:d7:40:f6:e5:e4:dd:ff:12:51:4c:a9:29:81: 37:fa:b3:0a:28:24:8d:0a:6c:f9:ee:79:61:a5:c3: 63:63:d4:e8:d8:48:9c:d5:ad:fb:38:57:2e:e4:d9: de:ad:1c:ee:4f:1b:37:52:5e:b7:36:dc:5e:73:7c: cd:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:5F:8B:AC:97:D7:41:2C:82:E4:81:50:CB:D2:76:F1:56:1C:15:85 X509v3 Authority Key Identifier: keyid:88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:a2:7e:f3:87:5c:90:5e:4c:51:88:55:1e:71:86:db:84:d0: c9:92:90:61:40:fc:b9:a4:78:fd:4d:20:1b:62:1b:41:35:58: f2:38:f9:c7:d6:72:51:0f:2c:ad:5f:d0:1e:3b:42:f3:ce:2f: 27:a6:10:11:73:93:46:15:a4:0f:97:fe:cd:24:d1:52:27:92: 7b:45:22:b7:3c:c7:97:b1:d2:05:14:02:fc:99:fb:30:29:7d: 18:61:aa:08:7f:db:07:f8:bf:fb:45:2a:37:f9:38:f6:dc:41: a9:17:02:65:8a:3a:75:09:0c:83:d3:3a:24:98:17:ad:c8:84: f8:d5:56:4d:09:b0:a3:cf:0b:79:04:4a:e7:7c:14:5c:0d:d3: f4:11:07:6b:b0:17:71:37:22:7b:46:77:92:48:11:9d:57:4c: 92:f5:ce:ab:1b:72:d0:ba:87:6c:de:fb:ee:3c:6c:22:2d:0a: d7:e0:f0:06:c0:58:69:3f:a3:1d:be:ce:62:2e:05:cb:02:53: d9:f2:36:01:35:25:54:fe:28:11:0b:1f:13:eb:f1:01:19:c9: 98:93:ae:35:f4:fc:f1:c5:97:7c:c1:8c:0b:85:14:fa:4f:80: f2:3b:f2:e0:8a:84:50:12:fa:a8:11:2f:cc:eb:18:b9:82:8c: 68:0c:d8:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlEMEYxMTAvBgNVBAUTKDg4RTdCNTQxRjQyMjk4RDZFOUI1MTY1RDk2NTI0NkND MUNDMUY1QTIwHhcNMjUwOTA4MTczOTE3WhcNMjUwOTE1MTczOTE3WjAYMRYwFAYD VQQDEw02OGJmMTRjNS0wOTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxnuqwB0VxGi+EJJb1u24UfoPO2n1r1JDKP+Iz2+ylZBs5M3/koRvzRLJ76oQ 1aVcWCdOsSs4cfhhEbkfh4i/euThBwpp1pi74MCQ6+XZtPszh87DKiaGgYHiJbpg d9UEKyDo3TW2VMvJ7arzRpRm4dFdOjsDdvTTqoaspl/8f+oiBRMj9tV1X0njsfdk aECr0Y92MJfBEYxaXgEipEv44F0nzTDO8l/YQSXvkyjLAPSCYO+ZKILiOvwIZgY+ y6TZNClJFtdA9uXk3f8SUUypKYE3+rMKKCSNCmz57nlhpcNjY9To2Eic1a37OFcu 5NnerRzuTxs3Ul63Ntxec3zNhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHtfi6yX 10EsguSBUMvSdvFWHBWFMB8GA1UdIwQYMBaAFIjntUH0IpjW6bUWXZZSRswcwfWi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUQwRi83NEJFMzhENjgw Q0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1OYnB0UlpkbGxKR3pCekI5 YUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lPZTFRZlFpbU5icHRSWmRsbEpHekJ6QjlhSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUQwRi83NEJFMzhENjgwQ0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1O YnB0UlpkbGxKR3pCekI5YUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDAon7zh1yQXkxRiFUecYbbhNDJkpBhQPy5pHj9TSAbYhtBNVjyOPnH 1nJRDyytX9AeO0Lzzi8nphARc5NGFaQPl/7NJNFSJ5J7RSK3PMeXsdIFFAL8mfsw KX0YYaoIf9sH+L/7RSo3+Tj23EGpFwJlijp1CQyD0zokmBetyIT41VZNCbCjzwt5 BErnfBRcDdP0EQdrsBdxNyJ7RneSSBGdV0yS9c6rG3LQuods3vvuPGwiLQrX4PAG wFhpP6Mdvs5iLgXLAlPZ8jYBNSVU/igRCx8T6/EBGcmYk6419PzxxZd8wYwLhRT6 T4DyO/LgioRQEvqoES/M6xi5goxoDNie -----END CERTIFICATE-----Generated at Tue Sep 9 13:11:13 2025 by rpki-client