$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft File: 1icW92HxiNVvoRf53JS-QUEEpoE.mft (raw, json) Hash identifier: H/tvuKH6PineyMxgslQApk6sTyUvcYSrHhd+2Myag/k= Subject key identifier: BF:AA:EA:E4:AC:E0:6C:09:58:9A:6A:09:A5:55:26:9C:8A:CC:94:AF Authority key identifier: D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 Certificate issuer: /CN=A91C5D53/serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Certificate serial: 9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft Manifest number: 9A Signing time: Wed 17 Sep 2025 07:06:23 +0000 Manifest this update: Wed 17 Sep 2025 07:06:22 +0000 Manifest next update: Wed 24 Sep 2025 07:06:22 +0000 Files and hashes: 1: 1icW92HxiNVvoRf53JS-QUEEpoE.crl (hash: 1+6T3lHulGr04YCrRaAzkgQ68q1d8heu0b5pasiuepo=) 2: BB5954CE241111F094390A32C4F9AE02.roa (hash: 6qd8Idl86oSAnUE2UErM8ktGLeOpsspXAgidR5hkRlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 07:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 156 (0x9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5D53, serialNumber=D62716F761F188D56FA117F9DC94BE414104A681 Validity Not Before: Sep 17 07:06:22 2025 GMT Not After : Sep 24 07:06:22 2025 GMT Subject: CN=68ca5def-0135 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:4f:3d:3f:1b:f4:bd:34:1f:9f:e0:c6:8f:cf: 66:09:99:10:7c:a7:12:91:8a:f3:86:fc:0c:3d:d4: 06:67:1e:f7:4b:4b:84:58:37:1d:0a:7a:d3:93:27: 2a:9a:50:bf:7b:fd:b1:bc:41:91:9c:13:4a:09:d3: 3b:43:f1:ec:44:e5:15:a8:ac:9f:9f:82:8b:56:3d: d2:fc:46:ed:00:b6:f7:a7:e1:54:c4:c8:3c:ff:71: 3e:58:50:a2:7f:2a:c9:cd:79:78:e5:cd:1b:0d:37: af:9c:7e:a3:75:58:ed:b4:18:f1:aa:c4:4c:8a:4a: 22:d5:ad:19:3e:6e:8b:f2:cd:fd:09:2c:28:07:04: 01:3a:ff:9f:d3:bb:b1:b4:3d:7c:b4:0a:f6:f7:4b: 77:a2:70:1d:67:f0:0f:05:0e:3c:16:f6:d3:f0:cf: b4:c6:15:8e:49:31:85:16:6a:ee:25:1c:21:1f:6f: 54:53:c0:34:d0:e1:d4:26:84:4e:54:8c:0c:96:18: 24:54:99:86:de:23:ba:15:3e:56:e2:be:5d:25:d8: 6e:4e:92:ee:85:5e:a4:a5:a5:12:e4:e2:04:e2:cb: ac:54:09:6a:a6:1f:29:d8:73:1e:86:f9:fc:a1:2f: 31:ea:a6:16:3f:73:13:78:d3:09:e8:98:d9:b9:5c: ae:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:AA:EA:E4:AC:E0:6C:09:58:9A:6A:09:A5:55:26:9C:8A:CC:94:AF X509v3 Authority Key Identifier: keyid:D6:27:16:F7:61:F1:88:D5:6F:A1:17:F9:DC:94:BE:41:41:04:A6:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1icW92HxiNVvoRf53JS-QUEEpoE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5D53/05FFC00EAC8411EF8214972BC4F9AE02/1icW92HxiNVvoRf53JS-QUEEpoE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:73:f7:b8:02:eb:0c:78:63:35:db:6c:01:61:fb:d1:fd:bc: 28:92:4f:a7:b6:97:ec:06:47:3b:c6:68:24:8e:b5:35:e1:90: 36:95:3c:43:3b:43:61:8f:91:00:08:92:42:9f:e3:f3:0b:fc: 5e:27:ae:bb:cc:c9:ce:8e:30:62:ec:c3:78:2d:9c:47:50:bf: d9:23:48:30:81:cc:d3:27:7c:73:21:cf:85:0a:6b:0b:36:6f: 49:da:b5:c8:ef:2b:27:2a:d0:dd:b4:46:fa:f8:61:e8:a1:1e: 2a:69:d8:9f:33:35:8f:bd:ff:47:74:c9:76:5b:eb:72:82:72: 9b:ea:a7:2b:09:e8:96:a7:ed:ac:70:f4:b7:db:5e:11:ee:05: 1a:74:e3:1c:ec:9d:fe:34:cc:f5:84:79:7b:f8:6e:02:5c:c9: b7:34:30:4c:3b:07:cd:e4:52:52:f3:dd:4d:bf:a5:b4:03:b8: 46:dd:11:2c:e5:0d:5a:fb:c6:ed:33:c5:92:0e:f8:43:2a:ab: 7a:df:6e:54:a7:40:ee:8b:c8:37:34:3f:4d:23:93:d9:bd:14: d5:7e:ea:b3:81:e7:57:43:87:72:88:22:b7:a2:a2:8d:1e:0c: 8e:f8:bd:cb:1c:10:50:a2:f0:2f:04:a4:af:fa:a5:f8:48:24: f5:ad:de:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzVENTMxMTAvBgNVBAUTKEQ2MjcxNkY3NjFGMTg4RDU2RkExMTdGOURDOTRCRTQx NDEwNEE2ODEwHhcNMjUwOTE3MDcwNjIyWhcNMjUwOTI0MDcwNjIyWjAYMRYwFAYD VQQDEw02OGNhNWRlZi0wMTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9U89Pxv0vTQfn+DGj89mCZkQfKcSkYrzhvwMPdQGZx73S0uEWDcdCnrTkycq mlC/e/2xvEGRnBNKCdM7Q/HsROUVqKyfn4KLVj3S/EbtALb3p+FUxMg8/3E+WFCi fyrJzXl45c0bDTevnH6jdVjttBjxqsRMikoi1a0ZPm6L8s39CSwoBwQBOv+f07ux tD18tAr290t3onAdZ/APBQ48FvbT8M+0xhWOSTGFFmruJRwhH29UU8A00OHUJoRO VIwMlhgkVJmG3iO6FT5W4r5dJdhuTpLuhV6kpaUS5OIE4susVAlqph8p2HMehvn8 oS8x6qYWP3MTeNMJ6JjZuVyuhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL+q6uSs 4GwJWJpqCaVVJpyKzJSvMB8GA1UdIwQYMBaAFNYnFvdh8YjVb6EX+dyUvkFBBKaB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUQ1My8wNUZGQzAwRUFD ODQxMUVGODIxNDk3MkJDNEY5QUUwMi8xaWNXOTJIeGlOVnZvUmY1M0pTLVFVRUVw b0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFpY1c5Mkh4aU5Wdm9SZjUzSlMtUVVFRXBvRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NUQ1My8wNUZGQzAwRUFDODQxMUVGODIxNDk3MkJDNEY5QUUwMi8xaWNXOTJIeGlO VnZvUmY1M0pTLVFVRUVwb0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKc/e4AusMeGM122wBYfvR/bwokk+ntpfsBkc7xmgkjrU14ZA2lTxD O0Nhj5EACJJCn+PzC/xeJ667zMnOjjBi7MN4LZxHUL/ZI0gwgczTJ3xzIc+FCmsL Nm9J2rXI7ysnKtDdtEb6+GHooR4qadifMzWPvf9HdMl2W+tygnKb6qcrCeiWp+2s cPS3214R7gUadOMc7J3+NMz1hHl7+G4CXMm3NDBMOwfN5FJS891Nv6W0A7hG3REs 5Q1a+8btM8WSDvhDKqt6325Up0Dui8g3ND9NI5PZvRTVfuqzgedXQ4dyiCK3oqKN HgyO+L3LHBBQovAvBKSv+qX4SCT1rd7e -----END CERTIFICATE-----Generated at Thu Sep 18 23:28:07 2025 by rpki-client