$ rpki-client -vvf rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft File: 23LIuvHa9pOYGFLuAyIwMF7ICRA.mft (raw, json) Hash identifier: sk0dVJffGlrSUtUn82SqQlcmEZmQgReGfRNoio6uz94= Subject key identifier: 23:9A:BF:9A:7D:53:8C:BE:52:7C:1D:15:62:05:8C:07:38:4F:27:0B Authority key identifier: DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 Certificate issuer: /CN=A91B289C/serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Certificate serial: 08D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft Manifest number: 08CE Signing time: Thu 18 Sep 2025 20:41:22 +0000 Manifest this update: Thu 18 Sep 2025 20:41:22 +0000 Manifest next update: Thu 25 Sep 2025 20:41:22 +0000 Files and hashes: 1: 23LIuvHa9pOYGFLuAyIwMF7ICRA.crl (hash: 1+aUYDXTXglOs1CsPb1hxSYasRQJMiY2jfBn1AWccnM=) 2: E6F3687CBCE711EAACD6466CC4F9AE02.roa (hash: f4udCcisFsQWGXJxlj4yAW3MNSfW4g1HYUDDKGCbXqA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2262 (0x8d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B289C, serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Validity Not Before: Sep 18 20:41:22 2025 GMT Not After : Sep 25 20:41:22 2025 GMT Subject: CN=68cc6e72-0e75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b8:99:7e:3b:e3:74:4e:ff:af:47:a5:c8:79: 4f:12:1d:26:af:63:e5:09:2b:54:9d:2b:04:e6:b5: 95:82:f4:7a:66:a8:a4:95:13:54:d3:e1:a1:f8:68: 54:09:62:9d:67:9d:53:28:00:a5:4f:bb:76:05:d9: 72:0c:ee:67:b6:d3:aa:f4:64:e2:f5:cc:9e:d4:d6: 89:7c:cc:79:d2:b0:05:d9:6f:c3:0d:27:5d:58:5d: 53:f7:eb:b2:9f:2c:81:e0:89:2e:31:bf:30:a8:ef: 7d:aa:76:97:26:bb:6a:04:e6:85:cc:b6:db:93:f2: 4a:3d:b2:56:60:03:c5:56:72:df:fd:94:5a:dc:4c: ae:fe:34:55:fd:ec:2b:d4:c1:e3:0c:4b:c1:51:66: 8d:34:65:64:b7:64:e2:e1:cd:99:eb:ea:f2:ec:39: 0a:a6:90:08:85:f8:ed:bb:ca:8f:4f:80:9b:54:42: 06:40:4b:5b:70:fe:21:df:bf:6d:3a:fb:b4:e0:92: 3b:a9:8c:c4:c8:0d:a5:e1:2f:ad:40:94:dd:e8:08: 6d:3c:12:da:41:bd:2d:40:80:c2:2d:6f:73:61:5e: 0d:40:db:09:89:e6:c5:99:c4:56:29:3c:1d:c5:8f: ff:93:80:54:49:de:32:fa:db:56:d3:e5:9b:da:97: bf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:9A:BF:9A:7D:53:8C:BE:52:7C:1D:15:62:05:8C:07:38:4F:27:0B X509v3 Authority Key Identifier: keyid:DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:8d:4f:e0:36:c0:37:17:42:fe:74:0d:5f:1a:7b:ba:f3:25: bb:32:8f:bb:60:c2:1c:9b:55:65:22:6f:e7:83:f5:ae:b3:c9: a8:81:38:ba:3d:fe:0a:c9:f5:ee:49:a3:d1:6c:e4:fd:76:dc: 2e:76:ab:ce:e7:2f:6d:5d:67:9b:98:ec:b9:f7:fa:f0:4f:d8: 3f:5e:e2:b9:95:ae:52:e3:d4:2a:68:45:0f:5f:c8:15:e8:00: 0d:a9:44:b7:34:8c:09:d7:e5:93:e9:26:5a:ea:02:b3:51:2f: 75:a2:f7:e0:ef:50:99:67:4a:73:71:86:0a:bb:5a:c5:a9:3a: 4a:5d:d2:2f:3a:29:7a:d4:c2:13:81:12:38:a5:14:d8:78:d5: 36:6f:3b:a1:76:33:a2:6a:a4:50:30:27:78:c3:9e:81:ed:06: 61:25:58:21:13:52:b7:4a:9d:46:e0:bc:de:28:f7:71:e1:9f: de:d6:7d:b6:27:2b:18:f3:e4:80:16:1d:12:9b:65:61:d6:26: d5:eb:0a:9f:f6:39:de:aa:8a:f6:d1:00:37:ee:a7:fe:e2:c7: 80:aa:05:9c:fc:1d:a0:37:fb:cc:48:c6:8c:ed:b3:d6:e5:c7: 94:37:85:50:6e:70:6c:18:ba:62:02:f2:5a:ae:d6:13:93:25: dc:34:9e:fa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI4OUMxMTAvBgNVBAUTKERCNzJDOEJBRjFEQUY2OTM5ODE4NTJFRTAzMjIzMDMw NUVDODA5MTAwHhcNMjUwOTE4MjA0MTIyWhcNMjUwOTI1MjA0MTIyWjAYMRYwFAYD VQQDEw02OGNjNmU3Mi0wZTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7iZfjvjdE7/r0elyHlPEh0mr2PlCStUnSsE5rWVgvR6ZqiklRNU0+Gh+GhU CWKdZ51TKAClT7t2BdlyDO5nttOq9GTi9cye1NaJfMx50rAF2W/DDSddWF1T9+uy nyyB4IkuMb8wqO99qnaXJrtqBOaFzLbbk/JKPbJWYAPFVnLf/ZRa3Eyu/jRV/ewr 1MHjDEvBUWaNNGVkt2Ti4c2Z6+ry7DkKppAIhfjtu8qPT4CbVEIGQEtbcP4h379t Ovu04JI7qYzEyA2l4S+tQJTd6AhtPBLaQb0tQIDCLW9zYV4NQNsJiebFmcRWKTwd xY//k4BUSd4y+ttW0+Wb2pe/uQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCOav5p9 U4y+UnwdFWIFjAc4TycLMB8GA1UdIwQYMBaAFNtyyLrx2vaTmBhS7gMiMDBeyAkQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjg5Qy8zQUIxRTJEQ0JD RTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlwT1lHRkx1QXlJd01GN0lD UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzIzTEl1dkhhOXBPWUdGTHVBeUl3TUY3SUNSQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Mjg5Qy8zQUIxRTJEQ0JDRTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlw T1lHRkx1QXlJd01GN0lDUkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcjU/gNsA3F0L+dA1fGnu68yW7Mo+7YMIcm1VlIm/ng/Wus8mogTi6 Pf4KyfXuSaPRbOT9dtwudqvO5y9tXWebmOy59/rwT9g/XuK5la5S49QqaEUPX8gV 6AANqUS3NIwJ1+WT6SZa6gKzUS91ovfg71CZZ0pzcYYKu1rFqTpKXdIvOil61MIT gRI4pRTYeNU2bzuhdjOiaqRQMCd4w56B7QZhJVghE1K3Sp1G4LzeKPdx4Z/e1n22 JysY8+SAFh0Sm2Vh1ibV6wqf9jneqor20QA37qf+4seAqgWc/B2gN/vMSMaM7bPW 5ceUN4VQbnBsGLpiAvJartYTkyXcNJ76 -----END CERTIFICATE-----Generated at Fri Sep 19 03:36:26 2025 by rpki-client