$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.mft File: OBfP4ApfGsw2O0cvT2nag761ZhM.mft (raw, json) Hash identifier: LrTJsvwaYzDRG7c1yfPoX0bBVcKNedif4R4ysPx3qCE= Subject key identifier: C9:91:CD:8C:1C:B1:B5:19:B2:82:45:02:D9:3A:31:80:3F:8A:4C:41 Authority key identifier: 38:17:CF:E0:0A:5F:1A:CC:36:3B:47:2F:4F:69:DA:83:BE:B5:66:13 Certificate issuer: /CN=A91B9AB9/serialNumber=3817CFE00A5F1ACC363B472F4F69DA83BEB56613 Certificate serial: BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBfP4ApfGsw2O0cvT2nag761ZhM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.mft Manifest number: BB Signing time: Tue 09 Sep 2025 06:01:55 +0000 Manifest this update: Tue 09 Sep 2025 06:01:55 +0000 Manifest next update: Tue 16 Sep 2025 06:01:55 +0000 Files and hashes: 1: OBfP4ApfGsw2O0cvT2nag761ZhM.crl (hash: 9SSu3LJzuQse4uNjbH1yIo1zvvLr7RQNt13mL+MTFGA=) 2: A06AB21E6E8811EF95434073C4F9AE02.roa (hash: vppFtWXOaW/ZHVpNFmtwJ9lUk75Frb5HKq6ZQsHZOpc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.crl rsync://rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBfP4ApfGsw2O0cvT2nag761ZhM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 06:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 188 (0xbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9AB9, serialNumber=3817CFE00A5F1ACC363B472F4F69DA83BEB56613 Validity Not Before: Sep 9 06:01:55 2025 GMT Not After : Sep 16 06:01:55 2025 GMT Subject: CN=68bfc2d3-971b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4b:26:c3:e3:d9:8e:f9:96:69:e6:46:89:bf: 51:96:76:b2:f4:dc:d2:4c:64:97:66:d3:1d:7b:0c: 7c:2d:99:ad:b7:0c:64:ca:11:44:43:74:c4:a0:5b: 3a:02:82:96:31:18:1d:a7:25:08:42:e6:3b:7f:00: 97:f9:11:5b:41:21:76:d4:5f:bb:80:c8:5a:f6:44: c4:73:b5:9f:7e:f2:6d:f6:5a:82:c5:5d:ec:f5:dd: 83:5f:41:55:d0:73:57:3a:bf:21:7b:a9:dd:c4:72: 5b:e9:76:fe:46:de:98:b9:93:fa:06:fa:73:c4:3e: 20:8c:f4:bc:c8:1b:85:9d:fa:aa:43:57:bf:b5:35: 87:47:6e:cc:58:4d:c1:62:1c:7f:64:84:9b:5c:c3: d7:10:bb:24:a8:d2:2f:1a:11:e0:62:66:47:ec:15: 9a:58:39:b6:7d:86:dc:7a:f9:67:3a:07:9d:a4:92: fd:77:55:d0:e0:14:ab:b0:42:0e:10:f2:be:b7:91: 91:34:ad:93:e0:3b:75:46:da:63:40:9e:48:1a:1f: 85:ef:1a:f4:78:c5:f0:3e:d3:43:ff:d5:e8:90:1b: 0f:59:76:60:d1:49:87:87:e2:b1:b3:05:50:e5:36: 05:86:60:d9:35:c0:70:ce:02:36:0f:4e:e0:32:dc: 64:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:91:CD:8C:1C:B1:B5:19:B2:82:45:02:D9:3A:31:80:3F:8A:4C:41 X509v3 Authority Key Identifier: keyid:38:17:CF:E0:0A:5F:1A:CC:36:3B:47:2F:4F:69:DA:83:BE:B5:66:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBfP4ApfGsw2O0cvT2nag761ZhM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9AB9/D118C0BC6E8411EFA3CD983FC4F9AE02/OBfP4ApfGsw2O0cvT2nag761ZhM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:ae:45:a7:4d:0c:9e:78:70:6a:91:ef:4a:02:19:6e:7a:43: 1f:8e:72:a0:cd:cd:7e:b8:65:b4:81:e5:4c:8b:96:0e:b9:aa: 02:fc:30:67:53:6c:5a:6b:52:78:a7:fe:b4:64:98:cc:32:dd: 7a:f5:1d:88:1f:63:b2:f1:7f:57:06:e3:76:f2:da:17:b7:b1: f1:96:28:d7:91:16:61:c3:a7:4b:3a:9e:e4:2d:65:52:83:b8: 9a:31:e7:48:e1:5c:da:e4:78:7d:fa:42:0c:f0:11:76:9e:98: a3:f1:4d:b1:ac:6d:c4:ae:e7:7d:d2:e0:39:c4:ae:49:11:32: a0:09:ff:3a:68:f3:73:d1:27:8d:b5:35:18:71:18:88:99:b4: 86:c8:64:24:80:bf:09:e9:dd:9f:f6:f4:be:50:3a:3f:c6:51: 26:cd:61:14:39:b9:e8:f9:9c:c3:7f:13:29:47:cd:26:58:fe: 6b:d4:fb:1b:12:e1:ec:10:c0:6d:2c:db:0c:12:86:cf:42:1c: 73:89:d8:28:47:73:4f:b2:c5:b4:a6:02:25:08:d2:bd:c2:bf: bc:a6:9c:03:e9:15:bf:64:7d:2d:09:90:f1:83:28:8f:52:ed: 30:bf:ce:7c:d9:71:11:67:cc:a0:26:8b:3f:28:a2:91:3e:cf: 5d:77:1f:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBQjkxMTAvBgNVBAUTKDM4MTdDRkUwMEE1RjFBQ0MzNjNCNDcyRjRGNjlEQTgz QkVCNTY2MTMwHhcNMjUwOTA5MDYwMTU1WhcNMjUwOTE2MDYwMTU1WjAYMRYwFAYD VQQDEw02OGJmYzJkMy05NzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA00smw+PZjvmWaeZGib9Rlnay9NzSTGSXZtMdewx8LZmttwxkyhFEQ3TEoFs6 AoKWMRgdpyUIQuY7fwCX+RFbQSF21F+7gMha9kTEc7WffvJt9lqCxV3s9d2DX0FV 0HNXOr8he6ndxHJb6Xb+Rt6YuZP6BvpzxD4gjPS8yBuFnfqqQ1e/tTWHR27MWE3B Yhx/ZISbXMPXELskqNIvGhHgYmZH7BWaWDm2fYbcevlnOgedpJL9d1XQ4BSrsEIO EPK+t5GRNK2T4Dt1RtpjQJ5IGh+F7xr0eMXwPtND/9XokBsPWXZg0UmHh+KxswVQ 5TYFhmDZNcBwzgI2D07gMtxkKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMmRzYwc sbUZsoJFAtk6MYA/ikxBMB8GA1UdIwQYMBaAFDgXz+AKXxrMNjtHL09p2oO+tWYT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUFCOS9EMTE4QzBCQzZF ODQxMUVGQTNDRDk4M0ZDNEY5QUUwMi9PQmZQNEFwZkdzdzJPMGN2VDJuYWc3NjFa aE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09CZlA0QXBmR3N3Mk8wY3ZUMm5hZzc2MVpoTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUFCOS9EMTE4QzBCQzZFODQxMUVGQTNDRDk4M0ZDNEY5QUUwMi9PQmZQNEFwZkdz dzJPMGN2VDJuYWc3NjFaaE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAarkWnTQyeeHBqke9KAhluekMfjnKgzc1+uGW0geVMi5YOuaoC/DBn U2xaa1J4p/60ZJjMMt169R2IH2Oy8X9XBuN28toXt7HxlijXkRZhw6dLOp7kLWVS g7iaMedI4Vza5Hh9+kIM8BF2npij8U2xrG3Erud90uA5xK5JETKgCf86aPNz0SeN tTUYcRiImbSGyGQkgL8J6d2f9vS+UDo/xlEmzWEUObno+ZzDfxMpR80mWP5r1Psb EuHsEMBtLNsMEobPQhxzidgoR3NPssW0pgIlCNK9wr+8ppwD6RW/ZH0tCZDxgyiP Uu0wv8582XERZ8ygJos/KKKRPs9ddx9+ -----END CERTIFICATE-----Generated at Tue Sep 9 13:31:28 2025 by rpki-client