$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: /LPOpPc8tbeDt58iT3FGnKz+tH/RqDDGBRT+EM0ks7E= Subject key identifier: E9:07:C3:44:EB:A2:E6:2D:F4:13:6D:1A:D3:C3:F6:0C:2B:69:3E:AD Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 0994 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 098D Signing time: Thu 18 Sep 2025 20:19:28 +0000 Manifest this update: Thu 18 Sep 2025 20:19:28 +0000 Manifest next update: Thu 25 Sep 2025 20:19:28 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: hhe5rEstjttw/PaFuhqGWp+fJ7YYO4ddqrlRLv8OTHs=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: Y4bw++TnnqHhnQXoIqONS+4c30WzzpJSk4du/GajLxg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:19:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2452 (0x994) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Sep 18 20:19:28 2025 GMT Not After : Sep 25 20:19:28 2025 GMT Subject: CN=68cc6950-96c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c4:fa:25:a3:bc:b2:b4:1a:39:4d:e3:71:76: d3:df:18:1e:db:6d:c5:ce:f3:0b:87:7f:ca:8e:3d: 6f:74:83:c4:ff:1b:f0:c5:1c:88:a4:d7:2d:a0:30: d2:01:39:d3:c3:d4:2d:e1:ec:f1:61:e9:31:71:29: fc:ac:5b:f9:9c:82:8c:86:be:94:1e:39:bf:6e:d9: d3:09:86:74:fe:86:60:0d:4b:2c:75:7b:01:2b:3b: c8:14:2c:95:7c:6f:5d:c0:e1:90:51:fb:ca:ea:95: ac:64:36:90:84:97:d5:1a:ed:ac:4a:67:3b:04:ad: 61:f4:ad:ce:4b:8a:55:90:ac:9a:1a:dd:03:04:d4: 0f:1d:4f:e2:f1:a6:30:e8:c3:57:aa:5e:42:76:4d: f9:33:e5:95:5b:ee:c4:89:28:4b:e7:ab:92:96:8a: 24:de:ea:6f:b1:91:27:90:6e:60:8f:82:dc:89:e3: 53:52:ba:16:f6:d8:f6:17:b4:28:8a:c4:50:c4:7a: 22:6b:ab:49:56:88:a0:4c:3c:20:92:de:2a:53:a7: eb:8f:c5:2e:53:79:82:df:7a:03:2a:31:c3:69:18: d1:bf:05:ad:d8:64:4a:ab:6e:cb:b3:b4:6b:c9:46: a9:87:03:e3:f9:53:40:f8:40:35:ee:42:b2:c8:0d: 47:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:07:C3:44:EB:A2:E6:2D:F4:13:6D:1A:D3:C3:F6:0C:2B:69:3E:AD X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:55:d5:00:79:c9:af:c7:8a:3c:c5:7f:62:42:04:61:98:65: fe:d1:b8:08:a0:aa:65:da:fa:73:6b:c6:57:72:db:68:6b:72: f4:80:3c:13:ce:f6:15:dc:a1:26:79:0f:0b:7e:e7:b9:86:12: 1d:51:6c:55:ab:84:52:f7:ff:af:4b:ad:b6:ad:6a:2d:e8:17: b0:45:0a:0f:b2:f2:32:72:91:53:a0:a9:22:10:ad:04:26:f9: 6d:10:35:d6:fb:27:4a:49:ab:18:05:f7:57:51:f4:44:f9:a5: 50:e1:e9:23:02:bc:b9:b7:40:1d:dc:5b:1f:cd:9d:fb:dd:ea: 73:91:28:cf:71:b9:6f:0c:18:9c:40:43:9a:b5:ec:ee:33:78: 31:e2:4c:85:65:bd:31:69:c5:76:29:cf:02:79:e8:71:21:53: 61:94:33:a1:f0:3d:21:ea:8f:7b:4f:7e:84:28:2f:3c:e3:4e: 8f:21:cd:d2:11:1a:6d:55:6c:6a:ab:f1:ab:89:fb:10:bd:85: 4e:b9:4b:2b:64:16:42:09:f2:58:e7:83:1a:72:af:d0:e8:a0: 39:c8:5d:75:54:9f:55:ac:d7:a8:b7:5f:e9:45:b3:cb:5a:09: 4b:39:00:fa:a2:72:9b:28:4e:30:cb:56:f0:c5:84:77:47:8e: bb:03:ae:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwOTE4MjAxOTI4WhcNMjUwOTI1MjAxOTI4WjAYMRYwFAYD VQQDEw02OGNjNjk1MC05NmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs8T6JaO8srQaOU3jcXbT3xge223FzvMLh3/Kjj1vdIPE/xvwxRyIpNctoDDS ATnTw9Qt4ezxYekxcSn8rFv5nIKMhr6UHjm/btnTCYZ0/oZgDUssdXsBKzvIFCyV fG9dwOGQUfvK6pWsZDaQhJfVGu2sSmc7BK1h9K3OS4pVkKyaGt0DBNQPHU/i8aYw 6MNXql5Cdk35M+WVW+7EiShL56uSlook3upvsZEnkG5gj4LcieNTUroW9tj2F7Qo isRQxHoia6tJVoigTDwgkt4qU6frj8UuU3mC33oDKjHDaRjRvwWt2GRKq27Ls7Rr yUaphwPj+VNA+EA17kKyyA1HjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkHw0Tr ouYt9BNtGtPD9gwraT6tMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSVdUAecmvx4o8xX9iQgRhmGX+0bgIoKpl2vpza8ZXcttoa3L0gDwT zvYV3KEmeQ8Lfue5hhIdUWxVq4RS9/+vS622rWot6BewRQoPsvIycpFToKkiEK0E JvltEDXW+ydKSasYBfdXUfRE+aVQ4ekjAry5t0Ad3FsfzZ373epzkSjPcblvDBic QEOatezuM3gx4kyFZb0xacV2Kc8CeehxIVNhlDOh8D0h6o97T36EKC88406PIc3S ERptVWxqq/GrifsQvYVOuUsrZBZCCfJY54Macq/Q6KA5yF11VJ9VrNeot1/pRbPL WglLOQD6onKbKE4wy1bwxYR3R467A655 -----END CERTIFICATE-----Generated at Fri Sep 19 05:26:00 2025 by rpki-client