$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: WGPFpt1a0nes7Wnfl5063hUw/Mr2ydNpem7ySpmO4pc= Subject key identifier: ED:E9:7A:1A:97:03:90:AF:17:3E:4A:0C:F0:C7:57:D2:7A:6C:22:C6 Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 09F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 09EE Signing time: Thu 18 Sep 2025 20:08:32 +0000 Manifest this update: Thu 18 Sep 2025 20:08:31 +0000 Manifest next update: Thu 25 Sep 2025 20:08:31 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: 36EeF7jIIu5MuyuWa34S6GXm2P3zsvbCjRWOWBwn1CE=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:08:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2549 (0x9f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Sep 18 20:08:31 2025 GMT Not After : Sep 25 20:08:31 2025 GMT Subject: CN=68cc66bf-7295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:6c:a1:31:4b:63:f8:85:72:dc:65:fe:d3:8a: 10:82:78:3f:c5:0c:6e:2a:e0:77:ca:32:bb:af:71: ae:53:1e:94:91:1c:26:0b:1a:b0:0a:18:23:d7:29: 37:86:d2:b5:96:dd:39:d8:19:f8:3e:47:4c:0f:5b: 9c:09:5a:63:3a:36:1a:78:fc:4c:38:f4:d8:d9:64: 41:3f:50:7f:dc:84:cc:8c:f1:bb:e9:6f:34:66:3c: f2:6a:ab:69:b3:5d:6c:69:d9:28:1b:e4:c4:4d:14: b8:23:52:49:82:e8:2d:44:a1:9a:c3:7f:b7:b6:13: fe:96:d2:4b:ab:eb:0d:47:74:0c:b3:20:0d:ae:4d: 77:50:4a:3f:a4:0a:dd:50:f8:2d:de:df:dc:d8:65: 5b:95:15:3c:a2:d3:90:20:dd:3c:fe:48:18:4c:e1: e1:89:fd:f9:ca:c8:f2:01:21:56:03:a3:9e:ec:60: 31:87:fc:1b:00:f1:87:c3:d9:80:e9:6f:d5:1a:c8: ba:2b:0a:32:8b:70:d6:c9:42:fd:f2:a5:7a:67:f3: 38:1c:44:77:29:78:2d:b3:ed:46:6a:0a:e6:a0:59: 79:ce:03:83:c1:36:e5:c4:b0:9a:0e:ae:d9:b5:a2: 84:44:33:1b:56:8b:ec:92:5d:ac:aa:cb:bc:a1:bc: eb:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E9:7A:1A:97:03:90:AF:17:3E:4A:0C:F0:C7:57:D2:7A:6C:22:C6 X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:d2:82:5e:d5:f4:27:3a:02:5d:ba:f6:06:0a:0b:3f:0a:23: ff:79:0f:8c:a9:3a:e8:05:8e:84:c8:43:6c:28:19:fd:2a:cd: 7f:21:77:96:fe:57:e0:81:1c:9c:05:4d:53:81:e9:3b:91:37: 1a:16:47:a2:2f:a2:b3:13:4e:b4:4c:40:bf:67:bb:22:64:13: cc:67:db:bc:89:a5:46:a1:08:84:81:8e:77:e7:84:65:cb:23: 0f:00:0f:61:45:c1:25:db:e8:a4:e0:d0:a9:30:fe:2a:6e:01: 03:60:de:c0:f5:22:40:2f:04:c1:c3:75:75:65:35:17:9b:71: 04:26:e3:02:2a:db:97:cf:1a:06:16:ed:bf:4e:a1:9f:f7:a9: 6e:d9:2d:7a:42:50:a7:4e:90:0d:b6:41:15:8f:3c:20:ee:3e: 3a:c6:41:c1:39:73:c5:65:db:42:c6:8f:ff:83:8d:88:e3:53: 40:4e:e9:2b:52:ef:bd:03:fd:d2:f5:4a:e1:41:d8:17:30:05: 0a:a7:91:fe:1c:67:f9:67:b3:5b:8f:ba:bc:cc:12:9a:ee:c9: 92:26:58:84:a8:ee:ff:29:9f:98:4e:d9:7b:46:50:de:bb:ba: 05:c5:94:e8:aa:21:c3:cd:6e:e2:ce:68:cc:78:c4:55:14:af: b7:dd:fb:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUwOTE4MjAwODMxWhcNMjUwOTI1MjAwODMxWjAYMRYwFAYD VQQDEw02OGNjNjZiZi03Mjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz2yhMUtj+IVy3GX+04oQgng/xQxuKuB3yjK7r3GuUx6UkRwmCxqwChgj1yk3 htK1lt052Bn4PkdMD1ucCVpjOjYaePxMOPTY2WRBP1B/3ITMjPG76W80Zjzyaqtp s11sadkoG+TETRS4I1JJgugtRKGaw3+3thP+ltJLq+sNR3QMsyANrk13UEo/pArd UPgt3t/c2GVblRU8otOQIN08/kgYTOHhif35ysjyASFWA6Oe7GAxh/wbAPGHw9mA 6W/VGsi6Kwoyi3DWyUL98qV6Z/M4HER3KXgts+1GagrmoFl5zgODwTblxLCaDq7Z taKERDMbVovskl2sqsu8obzrBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO3pehqX A5CvFz5KDPDHV9J6bCLGMB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBI0oJe1fQnOgJduvYGCgs/CiP/eQ+MqTroBY6EyENsKBn9Ks1/IXeW /lfggRycBU1Tgek7kTcaFkeiL6KzE060TEC/Z7siZBPMZ9u8iaVGoQiEgY5354Rl yyMPAA9hRcEl2+ik4NCpMP4qbgEDYN7A9SJALwTBw3V1ZTUXm3EEJuMCKtuXzxoG Fu2/TqGf96lu2S16QlCnTpANtkEVjzwg7j46xkHBOXPFZdtCxo//g42I41NATukr Uu+9A/3S9UrhQdgXMAUKp5H+HGf5Z7Nbj7q8zBKa7smSJliEqO7/KZ+YTtl7RlDe u7oFxZToqiHDzW7izmjMeMRVFK+33fuT -----END CERTIFICATE-----Generated at Fri Sep 19 12:22:28 2025 by rpki-client