$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft File: 09eD7kxpu1Bj-1z1smKLx77DdIo.mft (raw, json) Hash identifier: ATc86GCLAwARMjDcjMf9BH5oT5RELYoo6gq9KkPFslA= Subject key identifier: 27:B0:90:60:0D:A6:81:FB:47:68:1A:20:44:90:30:BC:71:BB:37:3F Authority key identifier: D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A Certificate issuer: /CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Certificate serial: B3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft Manifest number: B3 Signing time: Fri 05 Sep 2025 01:49:17 +0000 Manifest this update: Fri 05 Sep 2025 01:49:16 +0000 Manifest next update: Fri 12 Sep 2025 01:49:16 +0000 Files and hashes: 1: 09eD7kxpu1Bj-1z1smKLx77DdIo.crl (hash: ukns32P2fcYy1Gj7Y4htL1WCU3A17PAvkntUR+YUrrI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 01:49:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 179 (0xb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Validity Not Before: Sep 5 01:49:16 2025 GMT Not After : Sep 12 01:49:16 2025 GMT Subject: CN=68ba419c-2d46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:f0:94:aa:fe:e7:8b:a0:79:a0:1b:59:db:05: 18:48:53:9f:8c:66:68:a7:42:20:7c:6f:19:dc:75: 26:71:27:09:13:d6:f5:41:dd:cb:e8:94:f3:84:71: f9:b0:c6:bc:d0:8d:e1:dd:83:ac:07:ca:7e:6b:9f: ce:a3:a0:41:8a:6e:81:b1:19:49:c9:6b:03:ea:bb: ff:99:9c:b7:d5:6f:06:6d:7f:80:95:a1:48:92:55: 1e:f2:f3:be:dc:f8:91:cf:91:26:9d:d0:9f:40:65: 92:ab:2a:c4:6e:ee:7f:a8:49:b7:cb:ab:fa:94:34: ce:4e:a4:61:b0:a7:4c:9a:cf:01:95:e2:ae:50:72: a0:bf:d9:97:87:c8:96:8d:ff:5c:60:f3:1d:75:94: 58:4f:be:8e:4f:5f:7b:28:f2:f4:1e:11:e2:32:f5: 6c:22:1b:49:97:fd:95:df:4b:4e:3c:2a:e6:d6:ee: c9:28:df:bf:ba:fc:ff:7f:50:5e:51:f4:00:d3:6d: 3b:ad:71:3e:26:66:c7:7e:da:f5:77:c3:13:8b:d3: f0:18:e1:c5:da:c9:24:5c:99:79:85:01:c0:02:5c: c2:23:27:37:8f:d6:d8:34:49:5c:da:21:5f:3c:ed: 73:4b:95:bc:c8:4b:32:9c:56:60:1c:e8:21:0a:99: ab:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:B0:90:60:0D:A6:81:FB:47:68:1A:20:44:90:30:BC:71:BB:37:3F X509v3 Authority Key Identifier: keyid:D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:64:0b:97:bc:95:52:77:26:7e:65:f1:d3:8a:d6:aa:91:c4: e4:55:b3:8a:81:34:68:9f:d3:09:75:52:50:b4:86:0e:aa:aa: 6e:9f:39:e5:32:35:ef:6b:c1:6e:45:e4:13:20:a7:26:ac:7d: c3:91:87:3c:b7:e0:00:8c:58:7c:89:54:67:5d:35:a7:d9:db: c6:46:4f:4a:55:86:54:42:28:91:df:38:5a:50:a6:b4:16:2c: 63:e8:57:cc:e7:31:a1:06:14:b7:78:e1:05:c5:04:39:48:4a: d7:d3:c0:9c:29:ee:96:60:be:2e:65:2c:fd:3c:a6:ac:32:a6: b4:b6:68:ad:e5:58:f2:15:96:22:b1:ec:5c:76:0e:96:e1:ee: 1d:71:89:86:f0:f6:6d:3b:7e:e3:de:f4:a7:07:8b:92:f5:05: 86:6a:25:b4:fa:1e:50:9a:e0:c2:56:52:eb:1a:65:bb:da:5f: 2d:58:aa:35:a9:15:2a:8f:a3:5d:f1:53:a3:0c:42:47:c5:39: 89:4d:0e:40:08:1d:b3:6e:22:83:d0:ca:ea:63:f3:5e:4f:77: 2b:37:95:d4:be:19:f0:7b:b8:63:99:57:a0:ba:52:64:c1:3c: 0c:6e:95:01:10:6d:76:38:d2:06:c3:37:a7:db:3d:6f:3a:ed: 71:59:e8:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBNzcxMTAvBgNVBAUTKEQzRDc4M0VFNEM2OUJCNTA2M0ZCNUNGNUIyNjI4QkM3 QkVDMzc0OEEwHhcNMjUwOTA1MDE0OTE2WhcNMjUwOTEyMDE0OTE2WjAYMRYwFAYD VQQDEw02OGJhNDE5Yy0yZDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApvCUqv7ni6B5oBtZ2wUYSFOfjGZop0IgfG8Z3HUmcScJE9b1Qd3L6JTzhHH5 sMa80I3h3YOsB8p+a5/Oo6BBim6BsRlJyWsD6rv/mZy31W8GbX+AlaFIklUe8vO+ 3PiRz5EmndCfQGWSqyrEbu5/qEm3y6v6lDTOTqRhsKdMms8BleKuUHKgv9mXh8iW jf9cYPMddZRYT76OT197KPL0HhHiMvVsIhtJl/2V30tOPCrm1u7JKN+/uvz/f1Be UfQA0207rXE+JmbHftr1d8MTi9PwGOHF2skkXJl5hQHAAlzCIyc3j9bYNElc2iFf PO1zS5W8yEsynFZgHOghCpmrfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCewkGAN poH7R2gaIESQMLxxuzc/MB8GA1UdIwQYMBaAFNPXg+5MabtQY/tc9bJii8e+w3SK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUE3Ny9BQjg1MzQ0MDdB M0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUxQmotMXoxc21LTHg3N0Rk SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzA5ZUQ3a3hwdTFCai0xejFzbUtMeDc3RGRJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUE3Ny9BQjg1MzQ0MDdBM0YxMUVGQTFDMEUwMTZDNEY5QUUwMi8wOWVEN2t4cHUx QmotMXoxc21LTHg3N0RkSW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzZAuXvJVSdyZ+ZfHTitaqkcTkVbOKgTRon9MJdVJQtIYOqqpunznl MjXva8FuReQTIKcmrH3DkYc8t+AAjFh8iVRnXTWn2dvGRk9KVYZUQiiR3zhaUKa0 Fixj6FfM5zGhBhS3eOEFxQQ5SErX08CcKe6WYL4uZSz9PKasMqa0tmit5VjyFZYi sexcdg6W4e4dcYmG8PZtO37j3vSnB4uS9QWGaiW0+h5QmuDCVlLrGmW72l8tWKo1 qRUqj6Nd8VOjDEJHxTmJTQ5ACB2zbiKD0MrqY/NeT3crN5XUvhnwe7hjmVegulJk wTwMbpUBEG12ONIGwzen2z1vOu1xWegM -----END CERTIFICATE-----Generated at Sat Sep 6 21:30:33 2025 by rpki-client