$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft File: 2cZrDkILkTQXPVU9FqoLFGt3R3M.mft (raw, json) Hash identifier: fFJXFE3xpL0HB//wg5fndZi9Thky6OTVETmFj/iZvVs= Subject key identifier: 08:CF:A4:C8:9A:DE:87:66:89:D0:D0:E7:35:4F:51:34:9F:EE:43:6B Authority key identifier: D9:C6:6B:0E:42:0B:91:34:17:3D:55:3D:16:AA:0B:14:6B:77:47:73 Certificate issuer: /CN=A91B9B0D/serialNumber=D9C66B0E420B9134173D553D16AA0B146B774773 Certificate serial: 0690 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft Manifest number: 0689 Signing time: Thu 18 Sep 2025 22:40:15 +0000 Manifest this update: Thu 18 Sep 2025 22:40:14 +0000 Manifest next update: Thu 25 Sep 2025 22:40:14 +0000 Files and hashes: 1: 2cZrDkILkTQXPVU9FqoLFGt3R3M.crl (hash: VBslLFQPKmmrISULAHjL67UyxpQJ+zB1IaQBWIYGXrk=) 2: E0147FC48AB811EB92252D18C4F9AE02.roa (hash: 7XRpzi2cKsozsds402vZG1Qa9TevGqVQRP3rG1+mDlM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.crl rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 22:40:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1680 (0x690) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9B0D, serialNumber=D9C66B0E420B9134173D553D16AA0B146B774773 Validity Not Before: Sep 18 22:40:14 2025 GMT Not After : Sep 25 22:40:14 2025 GMT Subject: CN=68cc8a4e-7e37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:1f:8a:77:6f:11:4f:94:a6:f8:83:2b:6b:d6: 81:fc:87:6f:b1:9e:1c:5c:a2:0e:bd:91:48:19:04: 32:49:c6:56:cb:f2:a9:a2:5e:10:49:16:4d:18:9f: 54:d6:e4:9e:b9:76:4b:70:49:e9:fa:b2:5a:6c:0c: 13:cb:34:52:ad:4e:6f:8f:b3:cb:10:b2:88:fb:6d: bb:18:e2:cc:99:70:de:37:4c:d4:40:39:9a:61:0e: c4:45:eb:a3:71:87:30:2c:1d:b6:c0:34:04:94:02: c0:b6:3f:4b:73:fd:94:1d:3b:f4:b5:ef:f7:ff:c0: 3a:df:4c:37:bf:42:6d:63:5b:b8:e8:9d:37:17:55: f9:38:1a:31:89:04:8e:7b:c1:bf:94:33:7e:f0:08: 93:10:03:06:27:a6:b0:a0:12:a8:49:32:cd:5f:7c: 56:df:97:6b:bc:68:d5:64:8e:d6:c7:e8:61:b9:8a: 82:fe:75:f1:94:d2:32:71:d4:bf:25:9b:fa:3b:2a: be:20:bd:2d:3b:7d:97:b3:56:23:c5:91:28:94:c0: ba:d9:91:59:7a:3a:35:43:47:a6:92:99:63:13:c2: 1d:32:82:41:bc:c7:11:85:8f:00:42:d2:64:4c:e4: 94:de:b6:33:f5:77:63:c2:b6:d8:91:cc:67:01:2b: ef:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:CF:A4:C8:9A:DE:87:66:89:D0:D0:E7:35:4F:51:34:9F:EE:43:6B X509v3 Authority Key Identifier: keyid:D9:C6:6B:0E:42:0B:91:34:17:3D:55:3D:16:AA:0B:14:6B:77:47:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:09:34:14:d8:12:e3:18:38:26:57:f3:6a:02:a9:75:ef:73: c0:03:08:1b:3b:32:e1:12:0f:da:d6:4b:56:5c:fe:7e:24:b4: fe:1b:17:91:eb:e3:d8:9c:95:36:b1:a6:8c:26:a2:99:4c:31: a9:4f:7d:f1:7c:7e:5d:8b:4c:71:68:3b:40:b0:8f:60:e1:2a: 7b:0c:98:62:f9:eb:37:48:eb:0c:16:48:61:58:f2:39:d8:f0: 35:4b:eb:57:24:58:90:0d:8c:76:fb:e0:47:7f:89:96:92:73: 54:ff:75:77:b3:2a:92:a6:60:f2:2d:c8:9f:04:07:c4:99:65: e8:ec:42:e7:7f:23:02:7f:07:22:18:d5:2b:7f:c6:eb:9b:5c: 39:20:78:8b:57:d9:d0:71:0f:4b:0d:f0:57:d0:c4:41:be:f9: bf:e9:a3:8f:27:e4:0b:72:82:9d:70:76:fd:d1:e2:34:4a:01: c1:c7:68:5d:d0:0c:be:32:95:ae:67:ab:be:09:24:f2:84:b7: 0d:7f:6b:ef:66:ab:ac:c6:d3:b9:30:e3:70:19:c4:ea:67:74: 66:64:23:ad:b3:5c:2d:df:82:fd:61:c3:0c:fe:39:32:cc:6c: f0:2a:4f:26:d6:e2:d7:72:8c:d5:b7:be:9e:b0:a4:7f:be:56: 31:86:7f:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlCMEQxMTAvBgNVBAUTKEQ5QzY2QjBFNDIwQjkxMzQxNzNENTUzRDE2QUEwQjE0 NkI3NzQ3NzMwHhcNMjUwOTE4MjI0MDE0WhcNMjUwOTI1MjI0MDE0WjAYMRYwFAYD VQQDEw02OGNjOGE0ZS03ZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxx+Kd28RT5Sm+IMra9aB/IdvsZ4cXKIOvZFIGQQyScZWy/Kpol4QSRZNGJ9U 1uSeuXZLcEnp+rJabAwTyzRSrU5vj7PLELKI+227GOLMmXDeN0zUQDmaYQ7EReuj cYcwLB22wDQElALAtj9Lc/2UHTv0te/3/8A630w3v0JtY1u46J03F1X5OBoxiQSO e8G/lDN+8AiTEAMGJ6awoBKoSTLNX3xW35drvGjVZI7Wx+hhuYqC/nXxlNIycdS/ JZv6Oyq+IL0tO32Xs1YjxZEolMC62ZFZejo1Q0emkpljE8IdMoJBvMcRhY8AQtJk TOSU3rYz9XdjwrbYkcxnASvvRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAjPpMia 3odmidDQ5zVPUTSf7kNrMB8GA1UdIwQYMBaAFNnGaw5CC5E0Fz1VPRaqCxRrd0dz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUIwRC85OEI3MjgwRThB QjYxMUVCODIzN0Q0MTRDNEY5QUUwMi8yY1pyRGtJTGtUUVhQVlU5RnFvTEZHdDNS M00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJjWnJEa0lMa1RRWFBWVTlGcW9MRkd0M1IzTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUIwRC85OEI3MjgwRThBQjYxMUVCODIzN0Q0MTRDNEY5QUUwMi8yY1pyRGtJTGtU UVhQVlU5RnFvTEZHdDNSM00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1CTQU2BLjGDgmV/NqAql173PAAwgbOzLhEg/a1ktWXP5+JLT+GxeR 6+PYnJU2saaMJqKZTDGpT33xfH5di0xxaDtAsI9g4Sp7DJhi+es3SOsMFkhhWPI5 2PA1S+tXJFiQDYx2++BHf4mWknNU/3V3syqSpmDyLcifBAfEmWXo7ELnfyMCfwci GNUrf8brm1w5IHiLV9nQcQ9LDfBX0MRBvvm/6aOPJ+QLcoKdcHb90eI0SgHBx2hd 0Ay+MpWuZ6u+CSTyhLcNf2vvZqusxtO5MONwGcTqZ3RmZCOts1wt34L9YcMM/jky zGzwKk8m1uLXcozVt76esKR/vlYxhn+H -----END CERTIFICATE-----Generated at Sat Sep 20 04:11:38 2025 by rpki-client