$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.mft File: kQglePceS4YFfcPrBwP-ZYnmaJE.mft (raw, json) Hash identifier: CXJXWAhmUZFfqnjPXjSJzRvd2UsDBskcNi5nLPA177g= Subject key identifier: EA:1C:47:13:CB:5F:50:71:91:14:48:FD:F5:FB:81:BB:52:1B:86:B3 Authority key identifier: 91:08:25:78:F7:1E:4B:86:05:7D:C3:EB:07:03:FE:65:89:E6:68:91 Certificate issuer: /CN=A91BC039/serialNumber=91082578F71E4B86057DC3EB0703FE6589E66891 Certificate serial: 9D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kQglePceS4YFfcPrBwP-ZYnmaJE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.mft Manifest number: 9B Signing time: Thu 04 Sep 2025 23:57:00 +0000 Manifest this update: Thu 04 Sep 2025 23:56:59 +0000 Manifest next update: Thu 11 Sep 2025 23:56:59 +0000 Files and hashes: 1: kQglePceS4YFfcPrBwP-ZYnmaJE.crl (hash: f0ikjdsqrN5ThLTgDhFrmlbfOYvFwBRzeMwUHSvDCIM=) 2: 1167F6B2A18211EFA7475221C4F9AE02.roa (hash: V0ubCLoQg1VTBDouQoudPE1DyZNQvqeyyMrWFtDfDUs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.crl rsync://rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kQglePceS4YFfcPrBwP-ZYnmaJE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 23:56:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 157 (0x9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC039, serialNumber=91082578F71E4B86057DC3EB0703FE6589E66891 Validity Not Before: Sep 4 23:56:59 2025 GMT Not After : Sep 11 23:56:59 2025 GMT Subject: CN=68ba274b-7a79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:85:60:d9:a1:a1:c8:b4:44:e6:51:81:1c:65: e0:7a:e2:fc:d8:a8:69:0b:31:d1:eb:b4:ed:d8:80: 4f:9f:9b:a2:f4:a7:d5:2b:a3:e7:06:80:0d:03:d9: 99:e0:fe:ed:a0:14:01:46:f9:26:7e:17:c7:66:a8: 55:d8:0c:05:26:4b:b0:7a:84:f1:38:83:dd:f6:42: c5:51:26:8b:f4:77:cb:dd:80:8f:e3:f6:8c:51:47: be:27:a4:57:32:d7:e6:10:6c:27:49:a3:a4:0c:e4: ce:e8:56:5d:47:81:9e:1f:63:94:40:ee:1d:e4:58: 9c:aa:6a:ad:57:c2:24:d3:e6:55:9f:1e:b6:15:e8: 5f:14:ad:65:aa:b3:2d:74:50:ea:b3:d7:d1:44:bf: 5b:c3:3a:dd:47:06:62:ab:44:fd:48:5a:aa:d6:85: b8:98:30:ce:60:af:19:d2:b0:a2:73:2e:8e:a3:7a: b6:04:dd:7b:8b:98:23:f4:43:3e:87:69:9c:75:a4: cd:b0:df:25:28:ec:ee:3e:b9:a8:12:dc:e9:a6:09: 57:9c:71:3f:21:ea:d0:b9:a2:7c:08:68:ba:0c:bd: 13:67:bf:ae:a1:1d:26:c9:07:3e:63:c2:bf:6c:dc: dc:b0:e1:3b:39:11:20:69:e7:14:fb:12:0c:93:c7: 19:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:1C:47:13:CB:5F:50:71:91:14:48:FD:F5:FB:81:BB:52:1B:86:B3 X509v3 Authority Key Identifier: keyid:91:08:25:78:F7:1E:4B:86:05:7D:C3:EB:07:03:FE:65:89:E6:68:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kQglePceS4YFfcPrBwP-ZYnmaJE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC039/1534A05AA17411EFBF616624C4F9AE02/kQglePceS4YFfcPrBwP-ZYnmaJE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:8d:91:43:76:33:36:2b:0a:db:c6:8b:2d:70:ac:0c:27:3f: 45:e9:d3:16:87:aa:0d:5d:2e:e6:31:c0:e3:13:1a:0a:c8:20: 2a:b9:30:93:4a:94:f2:06:72:22:a9:45:0d:55:46:fd:be:e8: 5b:d5:88:8e:33:0f:f6:db:59:27:94:ee:6e:7d:ed:cd:6d:e4: c6:d6:dc:5b:e3:85:12:7e:58:fe:96:91:41:05:eb:11:7a:48: 17:e9:22:81:e4:3e:1f:b5:d9:a0:66:12:90:94:ea:38:56:5b: d4:a8:60:e2:e5:d3:03:d9:5f:b2:0f:16:8b:ed:12:08:3b:ec: a8:0f:b5:38:8e:6c:96:bb:31:7a:12:81:42:00:b5:44:27:83: 1e:3a:03:47:f1:09:9c:8a:3c:e6:3e:b0:5b:5b:b8:23:2b:ae: 9b:16:b4:ad:10:9c:9b:3c:49:23:a3:8c:33:48:de:2d:f3:82: 6c:a5:ee:5f:02:f9:4a:f0:50:e4:2e:f7:f0:40:1b:2c:ac:17: 63:5b:22:31:dd:71:92:00:82:87:f0:70:16:f9:96:3e:6c:0b: 2d:54:d4:6b:39:ed:23:22:85:aa:24:1f:d6:a2:4f:6e:59:23: 2a:67:98:b8:06:a4:ad:8a:08:82:b9:b4:fe:97:88:e6:58:f4: ae:4c:88:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkMwMzkxMTAvBgNVBAUTKDkxMDgyNTc4RjcxRTRCODYwNTdEQzNFQjA3MDNGRTY1 ODlFNjY4OTEwHhcNMjUwOTA0MjM1NjU5WhcNMjUwOTExMjM1NjU5WjAYMRYwFAYD VQQDEw02OGJhMjc0Yi03YTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0IVg2aGhyLRE5lGBHGXgeuL82KhpCzHR67Tt2IBPn5ui9KfVK6PnBoANA9mZ 4P7toBQBRvkmfhfHZqhV2AwFJkuweoTxOIPd9kLFUSaL9HfL3YCP4/aMUUe+J6RX MtfmEGwnSaOkDOTO6FZdR4GeH2OUQO4d5FicqmqtV8Ik0+ZVnx62FehfFK1lqrMt dFDqs9fRRL9bwzrdRwZiq0T9SFqq1oW4mDDOYK8Z0rCicy6Oo3q2BN17i5gj9EM+ h2mcdaTNsN8lKOzuPrmoEtzppglXnHE/IerQuaJ8CGi6DL0TZ7+uoR0myQc+Y8K/ bNzcsOE7OREgaecU+xIMk8cZ0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOocRxPL X1BxkRRI/fX7gbtSG4azMB8GA1UdIwQYMBaAFJEIJXj3HkuGBX3D6wcD/mWJ5miR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzAzOS8xNTM0QTA1QUEx NzQxMUVGQkY2MTY2MjRDNEY5QUUwMi9rUWdsZVBjZVM0WUZmY1ByQndQLVpZbm1h SkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tRZ2xlUGNlUzRZRmZjUHJCd1AtWllubWFKRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QzAzOS8xNTM0QTA1QUExNzQxMUVGQkY2MTY2MjRDNEY5QUUwMi9rUWdsZVBjZVM0 WUZmY1ByQndQLVpZbm1hSkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCujZFDdjM2KwrbxostcKwMJz9F6dMWh6oNXS7mMcDjExoKyCAquTCT SpTyBnIiqUUNVUb9vuhb1YiOMw/221knlO5ufe3NbeTG1txb44USflj+lpFBBesR ekgX6SKB5D4ftdmgZhKQlOo4VlvUqGDi5dMD2V+yDxaL7RIIO+yoD7U4jmyWuzF6 EoFCALVEJ4MeOgNH8QmcijzmPrBbW7gjK66bFrStEJybPEkjo4wzSN4t84Jspe5f AvlK8FDkLvfwQBssrBdjWyIx3XGSAIKH8HAW+ZY+bAstVNRrOe0jIoWqJB/Wok9u WSMqZ5i4BqStigiCubT+l4jmWPSuTIjA -----END CERTIFICATE-----Generated at Sat Sep 6 21:06:08 2025 by rpki-client