$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: Ur6pAHoRAWLWAq8ZZsnbsXPxH9s4w5pJwCi2oc0+a3c= Subject key identifier: D7:1C:9E:3C:50:72:72:DF:C0:70:5C:A1:CD:5D:51:07:C3:CA:A2:C0 Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 34D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 34C7 Signing time: Thu 18 Sep 2025 15:11:14 +0000 Manifest this update: Thu 18 Sep 2025 15:11:13 +0000 Manifest next update: Thu 25 Sep 2025 15:11:13 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: DrdxCZwAD76Xa+vPs91R2fK7RMr44jOpyNOYA8cEsIo=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 15:11:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13522 (0x34d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Sep 18 15:11:13 2025 GMT Not After : Sep 25 15:11:13 2025 GMT Subject: CN=68cc2112-2aa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a2:52:40:39:fa:0b:58:f5:d9:02:ca:5c:98: 2f:75:f3:f4:cc:b8:30:65:0d:6b:41:4a:0b:e7:6e: c1:bf:ec:70:98:c7:fc:55:15:41:48:4c:a9:86:db: be:7c:34:b7:de:e2:38:b2:75:6d:f5:a5:ca:39:31: 45:c7:a9:ad:4f:69:f7:fc:0c:e4:55:88:a4:d2:de: 78:a8:fb:43:41:b5:28:f6:f8:7f:60:b5:d6:cb:98: c1:71:cf:9c:25:b3:b7:09:f3:d7:54:94:97:64:1d: 4a:b3:c5:7f:bb:1c:7a:f7:28:6d:84:a9:1a:81:36: ca:d9:95:10:f3:81:19:ff:1c:c7:07:75:5c:1f:ec: 87:4f:30:15:01:22:90:c3:69:90:5a:05:f9:de:f0: 48:04:13:32:53:fa:b2:85:1a:3e:8f:ad:4b:73:ae: 8e:fa:c0:ec:4a:da:a5:ea:45:c4:1a:7a:2f:b2:d1: 35:37:03:98:a4:dc:9a:2f:76:25:e2:c9:f5:b3:1d: a6:31:7e:23:9a:20:94:a7:e1:c1:ce:16:cb:dc:ee: 25:29:7e:cd:7f:2e:e7:3e:6f:cd:3b:e0:38:d0:ca: c4:b8:4a:86:76:93:1c:46:cd:82:9a:83:2c:7b:84: ce:73:13:03:2e:bb:a3:01:f3:d7:2e:ae:02:21:81: 01:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:1C:9E:3C:50:72:72:DF:C0:70:5C:A1:CD:5D:51:07:C3:CA:A2:C0 X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:3a:82:68:f4:af:ef:cb:26:93:b5:e9:09:9c:a6:dd:07:76: 43:6d:41:ab:23:25:2c:e5:8b:4f:b8:db:f7:f2:c4:33:03:d0: ab:a6:6a:a3:61:bb:33:73:30:6c:26:88:7c:93:0b:88:cd:b3: ee:b8:19:e4:ca:a6:4c:e0:da:9b:22:30:4a:ba:4b:47:35:fe: b4:7c:fc:47:ff:b0:5d:f3:ea:ff:11:5d:a6:df:c5:e3:67:a8: bb:b5:2d:a0:30:df:48:6e:e0:a7:35:5c:da:49:bc:76:6b:d1: 84:fa:73:b7:4a:16:94:ec:af:de:25:9c:27:47:ca:48:cd:79: 75:e9:a8:13:ef:6b:21:de:f1:6e:9e:67:1c:23:f7:b9:33:2e: 52:0d:25:67:61:e7:6c:d3:ab:67:3f:66:05:1f:fb:65:32:94: 05:5b:fa:c3:b6:c5:d8:e0:c1:92:36:db:bb:43:18:3d:09:c6: a3:35:c2:70:03:10:6b:ee:ed:e6:3f:e9:91:da:e9:1c:64:0d: 2d:d1:18:3b:b7:99:98:45:11:e8:de:8d:ee:bf:98:81:d5:c5: 7f:85:d5:d6:a4:1f:ba:7c:0c:87:4e:45:fb:cd:e2:0f:9c:85: 7a:2d:f0:9c:90:b3:91:51:cd:a5:f4:ca:5c:3f:5d:81:2e:1e: 51:30:58:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwOTE4MTUxMTEzWhcNMjUwOTI1MTUxMTEzWjAYMRYwFAYD VQQDEw02OGNjMjExMi0yYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqJSQDn6C1j12QLKXJgvdfP0zLgwZQ1rQUoL527Bv+xwmMf8VRVBSEyphtu+ fDS33uI4snVt9aXKOTFFx6mtT2n3/AzkVYik0t54qPtDQbUo9vh/YLXWy5jBcc+c JbO3CfPXVJSXZB1Ks8V/uxx69yhthKkagTbK2ZUQ84EZ/xzHB3VcH+yHTzAVASKQ w2mQWgX53vBIBBMyU/qyhRo+j61Lc66O+sDsStql6kXEGnovstE1NwOYpNyaL3Yl 4sn1sx2mMX4jmiCUp+HBzhbL3O4lKX7Nfy7nPm/NO+A40MrEuEqGdpMcRs2CmoMs e4TOcxMDLrujAfPXLq4CIYEBHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNccnjxQ cnLfwHBcoc1dUQfDyqLAMB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChOoJo9K/vyyaTtekJnKbdB3ZDbUGrIyUs5YtPuNv38sQzA9Crpmqj YbszczBsJoh8kwuIzbPuuBnkyqZM4NqbIjBKuktHNf60fPxH/7Bd8+r/EV2m38Xj Z6i7tS2gMN9IbuCnNVzaSbx2a9GE+nO3ShaU7K/eJZwnR8pIzXl16agT72sh3vFu nmccI/e5My5SDSVnYeds06tnP2YFH/tlMpQFW/rDtsXY4MGSNtu7Qxg9CcajNcJw AxBr7u3mP+mR2ukcZA0t0Rg7t5mYRRHo3o3uv5iB1cV/hdXWpB+6fAyHTkX7zeIP nIV6LfCckLORUc2l9MpcP12BLh5RMFgP -----END CERTIFICATE-----Generated at Fri Sep 19 02:28:39 2025 by rpki-client