$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft File: 2gNU-zgfRSHBCxY-y9IqCD-3omw.mft (raw, json) Hash identifier: LOrt30lEZlP/uqZ0/FKY8CmsoD5j0QATieUmD93AQrU= Subject key identifier: 2E:C3:01:44:87:61:F3:DB:A5:F8:8F:98:9D:DA:33:CF:5B:E9:BC:DF Authority key identifier: DA:03:54:FB:38:1F:45:21:C1:0B:16:3E:CB:D2:2A:08:3F:B7:A2:6C Certificate issuer: /CN=A91B2CDA/serialNumber=DA0354FB381F4521C10B163ECBD22A083FB7A26C Certificate serial: 1622 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft Manifest number: 1611 Signing time: Thu 18 Sep 2025 16:52:47 +0000 Manifest this update: Thu 18 Sep 2025 16:52:46 +0000 Manifest next update: Thu 25 Sep 2025 16:52:46 +0000 Files and hashes: 1: 2gNU-zgfRSHBCxY-y9IqCD-3omw.crl (hash: nuS1CPF1wE83NrIuR6MnlaRMwoqg97fgSZHk0tK9MnY=) 2: 7F3ED5DE9C4411ECBD85CE4FC4F9AE02.roa (hash: IzneJg8uANhMNifeTA7mpjTNJJeW/3cdEs9nqqZnnZs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.crl rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 16:52:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5666 (0x1622) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2CDA, serialNumber=DA0354FB381F4521C10B163ECBD22A083FB7A26C Validity Not Before: Sep 18 16:52:46 2025 GMT Not After : Sep 25 16:52:46 2025 GMT Subject: CN=68cc38de-5824 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:97:e3:55:6b:d3:1d:ef:a0:e2:e0:b6:ab:8f: 71:41:bd:a1:ff:e9:61:0f:6a:3f:75:60:2e:1a:0e: fd:0a:1e:0f:17:e0:0c:80:09:1e:9c:e2:c9:23:b2: 10:02:66:1e:52:80:be:7b:46:81:69:b7:7d:45:1e: cf:85:a1:b8:bc:be:7b:51:a5:a8:d6:17:d3:20:96: 86:9c:aa:bd:d1:a9:ea:6e:0e:4f:d4:f8:c2:96:9e: 30:53:45:23:c5:a4:5a:24:66:11:37:64:3c:6d:9e: 59:8d:d4:31:8e:fb:92:cd:59:f4:46:15:5b:73:7e: 3a:99:a3:c3:e7:a0:3b:a4:99:4a:1e:2d:63:f6:bd: c3:63:76:2b:9d:65:c0:c2:12:c1:39:1a:f7:29:bb: 70:48:b0:17:30:61:c6:86:eb:b4:4c:71:e1:96:e5: ad:da:0c:b3:20:b9:82:3a:3d:a1:bf:16:22:a7:da: 04:0b:a5:c7:e0:10:8e:c7:50:8d:23:7d:81:88:d4: 00:30:86:dc:91:74:49:2f:e9:0b:de:fe:ec:c3:98: 7d:75:fb:d3:f4:6b:cf:45:08:17:a7:88:4b:5b:1b: 72:83:e6:1d:32:75:b7:de:72:46:5e:1e:c7:90:99: 8e:43:47:d2:10:cb:bc:2a:52:fe:a3:e2:83:7e:bc: 06:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C3:01:44:87:61:F3:DB:A5:F8:8F:98:9D:DA:33:CF:5B:E9:BC:DF X509v3 Authority Key Identifier: keyid:DA:03:54:FB:38:1F:45:21:C1:0B:16:3E:CB:D2:2A:08:3F:B7:A2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:09:d2:27:11:31:98:71:e1:77:c1:fd:d9:83:00:ad:8c:b9: 94:14:2c:18:f5:e8:6f:5a:f4:1f:28:e2:89:25:70:69:53:69: e5:d4:45:f7:91:bf:74:52:55:7b:63:d5:4f:22:54:b6:2c:62: 2e:ec:d2:d5:9b:76:ba:41:c8:b0:f4:dc:c1:f7:7c:52:18:90: 46:16:97:52:f0:cd:e4:f2:9b:dd:85:7e:a1:4c:08:4e:33:24: 1c:05:cc:91:11:28:cc:cb:cc:a1:16:3c:90:0f:f4:e1:67:11: fb:bc:85:77:b8:a9:1c:ee:9d:e2:3c:8a:6c:f5:0b:21:0c:e6: 79:35:b5:ae:b3:dd:d7:f0:de:38:42:a1:5f:72:1c:8a:e6:74: d9:97:c3:ef:0b:18:ca:ca:7d:2b:1c:af:87:b0:1e:3d:97:62: 19:17:cc:b6:8c:c1:fc:c1:c0:a7:43:75:f4:01:a1:16:c4:5e: 77:9a:52:40:62:80:8a:2d:ff:6e:0e:40:95:ae:cb:a2:99:ef: 9f:af:50:c4:95:d6:fc:cc:85:a6:36:fb:c5:5f:2a:b8:68:04: 78:05:b4:72:66:80:25:f9:8c:6b:e9:df:0f:54:4a:d4:14:2a: f5:2f:1a:c6:0d:b7:d3:23:20:6b:0f:23:b6:bd:4d:91:e4:d8: 84:fe:5b:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDREExMTAvBgNVBAUTKERBMDM1NEZCMzgxRjQ1MjFDMTBCMTYzRUNCRDIyQTA4 M0ZCN0EyNkMwHhcNMjUwOTE4MTY1MjQ2WhcNMjUwOTI1MTY1MjQ2WjAYMRYwFAYD VQQDEw02OGNjMzhkZS01ODI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupfjVWvTHe+g4uC2q49xQb2h/+lhD2o/dWAuGg79Ch4PF+AMgAkenOLJI7IQ AmYeUoC+e0aBabd9RR7PhaG4vL57UaWo1hfTIJaGnKq90anqbg5P1PjClp4wU0Uj xaRaJGYRN2Q8bZ5ZjdQxjvuSzVn0RhVbc346maPD56A7pJlKHi1j9r3DY3YrnWXA whLBORr3KbtwSLAXMGHGhuu0THHhluWt2gyzILmCOj2hvxYip9oEC6XH4BCOx1CN I32BiNQAMIbckXRJL+kL3v7sw5h9dfvT9GvPRQgXp4hLWxtyg+YdMnW33nJGXh7H kJmOQ0fSEMu8KlL+o+KDfrwGaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC7DAUSH YfPbpfiPmJ3aM89b6bzfMB8GA1UdIwQYMBaAFNoDVPs4H0UhwQsWPsvSKgg/t6Js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkNEQS9GNEUyQkFCODI1 QzMxMUU4QTA3MTRBMzRDNEY5QUUwMi8yZ05VLXpnZlJTSEJDeFkteTlJcUNELTNv bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJnTlUtemdmUlNIQkN4WS15OUlxQ0QtM29tdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkNEQS9GNEUyQkFCODI1QzMxMUU4QTA3MTRBMzRDNEY5QUUwMi8yZ05VLXpnZlJT SEJDeFkteTlJcUNELTNvbXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7CdInETGYceF3wf3ZgwCtjLmUFCwY9ehvWvQfKOKJJXBpU2nl1EX3 kb90UlV7Y9VPIlS2LGIu7NLVm3a6Qciw9NzB93xSGJBGFpdS8M3k8pvdhX6hTAhO MyQcBcyRESjMy8yhFjyQD/ThZxH7vIV3uKkc7p3iPIps9QshDOZ5NbWus93X8N44 QqFfchyK5nTZl8PvCxjKyn0rHK+HsB49l2IZF8y2jMH8wcCnQ3X0AaEWxF53mlJA YoCKLf9uDkCVrsuime+fr1DEldb8zIWmNvvFXyq4aAR4BbRyZoAl+Yxr6d8PVErU FCr1LxrGDbfTIyBrDyO2vU2R5NiE/luo -----END CERTIFICATE-----Generated at Fri Sep 19 04:01:54 2025 by rpki-client