$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: pyIe+aO1qCffG/XpqfHCiml68gpEB0TA/9DjMcvQ8/4= Subject key identifier: 8D:5D:03:6B:57:FC:8E:8D:49:AA:B7:7B:25:AA:B5:F0:D4:AC:D8:AC Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0161 Signing time: Wed 17 Sep 2025 04:33:47 +0000 Manifest this update: Wed 17 Sep 2025 04:33:47 +0000 Manifest next update: Wed 24 Sep 2025 04:33:47 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: KPthX1U5LH4wdvLQPirtKr2Cyl6yzwjnKvhft7rXo9k=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 04:33:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Sep 17 04:33:47 2025 GMT Not After : Sep 24 04:33:47 2025 GMT Subject: CN=68ca3a2b-eae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c2:4d:08:0e:cf:d1:b3:e1:ce:e4:62:e4:bc: 02:ab:a6:01:ac:76:c9:dd:d9:af:4e:b4:e6:18:a2: ba:ef:48:4a:14:46:e7:9f:39:ad:df:1d:3c:89:a5: 9d:b5:e3:40:77:a4:af:39:f9:78:6a:8a:21:d6:f8: 43:cd:f7:c0:3c:ae:62:bd:41:d9:04:13:e4:65:c2: 9c:a1:13:ed:1d:6d:65:12:eb:07:9a:5d:63:9d:97: bb:91:03:6a:38:f6:a9:8d:75:31:05:f0:e4:1e:69: a0:48:30:62:b7:70:0f:ce:57:d1:b9:de:a4:c2:12: 7f:c8:af:77:b8:a9:10:39:2a:c6:c0:8f:d9:5e:cd: a8:5b:ec:f4:ca:46:26:f6:a4:7c:be:09:0c:4d:09: 14:53:b9:a7:af:fe:72:ed:ba:65:7a:ca:8a:1d:85: a1:32:47:bb:de:70:12:b9:79:e7:09:27:e8:ec:45: 30:00:3d:c5:98:65:40:85:10:d3:0c:65:85:9f:63: 7f:67:b7:3b:94:16:8e:ff:f2:31:e7:d5:d3:db:43: 35:91:14:26:3c:39:0a:fc:f5:3d:96:a6:11:87:de: f2:38:1d:be:59:4b:d6:14:1f:0c:ca:38:6f:8b:33: db:53:d7:be:a5:3c:aa:84:83:cd:c4:88:a9:b9:3a: 73:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:5D:03:6B:57:FC:8E:8D:49:AA:B7:7B:25:AA:B5:F0:D4:AC:D8:AC X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:3d:90:09:a5:a5:62:a5:f7:ac:d4:ce:d8:36:ef:ea:46:bb: 45:ee:3a:de:c7:b0:81:89:9d:52:47:ca:2a:5c:d0:cf:53:d2: 66:09:e9:87:1b:bf:60:67:ff:63:a9:33:47:65:a7:b1:45:da: 7f:03:d3:fe:60:e4:34:9b:32:a6:1c:5a:e3:f1:d4:23:97:c9: 47:8b:37:7f:cb:16:3e:36:04:aa:29:f3:93:f4:ae:99:83:39: 29:f9:33:fc:6f:b3:c5:3b:0b:d1:5a:ed:ac:5d:49:f7:6f:0c: d0:9e:ce:12:a0:17:47:ec:0b:81:01:29:e7:27:4f:ac:ca:7a: 31:8d:3e:fd:c0:90:99:62:24:ec:19:a4:57:93:57:68:b1:60: 59:9c:84:c1:79:0b:ff:8c:02:57:96:83:af:03:42:44:e9:c7: ff:44:99:7f:17:1b:f2:2a:22:d1:91:47:c4:57:ac:b8:cf:3c: 31:dd:29:b1:8b:59:0b:7f:5a:7f:8e:a9:e4:0e:e1:ec:79:6f: 0e:a3:ff:ef:d3:c1:3f:9a:14:5e:06:5f:5b:4f:24:8b:43:75: 68:d4:22:83:c5:4f:86:01:e0:eb:5a:76:6c:a9:c7:1e:c2:2a: 43:f8:f2:21:79:d2:11:bb:3b:d2:05:80:52:82:7b:e4:ac:7b: 65:cd:f0:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwOTE3MDQzMzQ3WhcNMjUwOTI0MDQzMzQ3WjAYMRYwFAYD VQQDEw02OGNhM2EyYi1lYWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAscJNCA7P0bPhzuRi5LwCq6YBrHbJ3dmvTrTmGKK670hKFEbnnzmt3x08iaWd teNAd6SvOfl4aooh1vhDzffAPK5ivUHZBBPkZcKcoRPtHW1lEusHml1jnZe7kQNq OPapjXUxBfDkHmmgSDBit3APzlfRud6kwhJ/yK93uKkQOSrGwI/ZXs2oW+z0ykYm 9qR8vgkMTQkUU7mnr/5y7bplesqKHYWhMke73nASuXnnCSfo7EUwAD3FmGVAhRDT DGWFn2N/Z7c7lBaO//Ix59XT20M1kRQmPDkK/PU9lqYRh97yOB2+WUvWFB8Myjhv izPbU9e+pTyqhIPNxIipuTpzJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1dA2tX /I6NSaq3eyWqtfDUrNisMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOPZAJpaVipfes1M7YNu/qRrtF7jrex7CBiZ1SR8oqXNDPU9JmCemH G79gZ/9jqTNHZaexRdp/A9P+YOQ0mzKmHFrj8dQjl8lHizd/yxY+NgSqKfOT9K6Z gzkp+TP8b7PFOwvRWu2sXUn3bwzQns4SoBdH7AuBASnnJ0+synoxjT79wJCZYiTs GaRXk1dosWBZnITBeQv/jAJXloOvA0JE6cf/RJl/FxvyKiLRkUfEV6y4zzwx3Smx i1kLf1p/jqnkDuHseW8Oo//v08E/mhReBl9bTySLQ3Vo1CKDxU+GAeDrWnZsqcce wipD+PIhedIRuzvSBYBSgnvkrHtlzfBu -----END CERTIFICATE-----Generated at Fri Sep 19 05:28:48 2025 by rpki-client