$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: 6Sl6FJivuWLG9T+FksL9vMQcIusM8urae/flKenvSig= Subject key identifier: 6D:4A:16:17:A2:9A:85:E9:4E:01:32:E6:82:48:7C:E5:75:31:BF:5A Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0EA0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E85 Signing time: Thu 18 Sep 2025 17:54:13 +0000 Manifest this update: Thu 18 Sep 2025 17:54:13 +0000 Manifest next update: Thu 25 Sep 2025 17:54:13 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: 1+g4WNiQR3xAnLdeMIrFI21y+EYUT99KXo+6ZUw4Nug=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: k08HrzQA4orJaDMpNJ4cYiGD96bVzWAF2REZWm3ObQ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 17:54:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3744 (0xea0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: Sep 18 17:54:13 2025 GMT Not After : Sep 25 17:54:13 2025 GMT Subject: CN=68cc4745-c3a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:cd:ce:7f:39:f7:cf:d4:46:ae:6c:dd:df:24: a2:b4:00:88:36:e4:f8:0b:0b:13:27:1f:e5:7b:62: 91:71:a7:2d:9e:1e:63:3a:13:be:7d:d6:f9:70:4d: 1c:32:78:b2:92:e4:29:f4:f2:05:08:54:47:80:3c: 53:8a:9b:77:a0:85:73:78:51:36:58:0d:60:98:71: 17:cc:5c:e4:28:2d:30:bf:58:74:1c:0d:dc:5e:4f: 20:47:d3:fb:aa:cc:73:d7:29:e1:43:a9:fc:ce:80: ca:56:9f:75:6b:2f:ed:f8:7b:9d:0a:9d:d0:19:15: 27:a7:a7:b2:30:62:6d:6f:6b:25:bd:67:26:64:d0: a4:56:2a:d4:df:55:eb:14:0b:85:ca:a0:af:79:4d: 68:aa:2b:ba:73:27:c9:cd:d0:a6:8c:09:01:79:31: fa:a7:81:77:75:3e:70:f9:d5:97:e5:28:41:57:d9: 61:a4:7a:8b:84:de:64:e6:25:fd:fb:cf:5b:e8:9d: 2b:28:13:12:81:32:f3:ae:69:f3:c0:87:a3:cb:2e: 3f:fd:bb:a3:6b:22:3b:aa:e6:82:9b:85:9b:7c:fa: 3c:d5:aa:61:dc:c0:dd:1b:41:3c:ae:a0:f4:b5:89: 23:5c:c1:59:47:8a:4e:e5:9a:f8:91:96:67:88:db: 14:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:4A:16:17:A2:9A:85:E9:4E:01:32:E6:82:48:7C:E5:75:31:BF:5A X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:c8:33:75:cb:90:3e:7b:e2:31:a9:58:cd:ff:d1:b1:81:81: 65:ab:4d:df:4c:e7:f0:ba:60:b5:76:53:b2:f6:b7:c1:cd:97: a0:27:d4:0e:22:db:0f:f2:1a:11:24:4a:6e:9a:d2:7e:84:e2: cc:d4:67:32:b2:eb:cd:c6:76:7a:33:fd:28:39:7f:3e:7a:25: 10:ac:7d:c3:01:a8:b7:6f:c4:0b:47:77:53:b9:6e:ec:3e:13: ee:97:4c:0d:c6:bd:57:42:71:51:5d:e0:0a:b7:3b:c6:3b:e9: 16:b5:37:7d:72:0f:0f:36:58:ff:8e:4b:07:0a:72:4e:8f:66: 78:74:48:6e:78:0a:44:9d:cb:a0:db:88:2a:d9:0e:88:5f:9b: 66:cd:4b:04:16:f4:29:7d:38:44:73:42:0e:27:58:c4:b0:60: b7:eb:80:1b:8c:2a:7b:76:d0:35:1d:79:a8:d3:f5:a6:29:0c: a5:c2:72:51:b3:4f:ad:a9:9e:76:74:62:20:00:a9:93:04:e0: 7a:da:4f:7f:5c:ba:70:4d:77:69:ab:ae:42:08:e0:4f:5d:17: eb:34:ea:1a:03:d9:0d:8c:10:80:d1:be:28:ec:00:5b:84:a9: 29:5c:fa:0a:31:a1:8b:14:49:a5:75:95:ac:b8:83:93:40:eb: 71:23:c4:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUwOTE4MTc1NDEzWhcNMjUwOTI1MTc1NDEzWjAYMRYwFAYD VQQDEw02OGNjNDc0NS1jM2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl83Ofzn3z9RGrmzd3ySitACINuT4CwsTJx/le2KRcactnh5jOhO+fdb5cE0c MniykuQp9PIFCFRHgDxTipt3oIVzeFE2WA1gmHEXzFzkKC0wv1h0HA3cXk8gR9P7 qsxz1ynhQ6n8zoDKVp91ay/t+HudCp3QGRUnp6eyMGJtb2slvWcmZNCkVirU31Xr FAuFyqCveU1oqiu6cyfJzdCmjAkBeTH6p4F3dT5w+dWX5ShBV9lhpHqLhN5k5iX9 +89b6J0rKBMSgTLzrmnzwIejyy4//bujayI7quaCm4WbfPo81aph3MDdG0E8rqD0 tYkjXMFZR4pO5Zr4kZZniNsUfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG1KFhei moXpTgEy5oJIfOV1Mb9aMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhyDN1y5A+e+IxqVjN/9GxgYFlq03fTOfwumC1dlOy9rfBzZegJ9QO ItsP8hoRJEpumtJ+hOLM1GcysuvNxnZ6M/0oOX8+eiUQrH3DAai3b8QLR3dTuW7s PhPul0wNxr1XQnFRXeAKtzvGO+kWtTd9cg8PNlj/jksHCnJOj2Z4dEhueApEncug 24gq2Q6IX5tmzUsEFvQpfThEc0IOJ1jEsGC364AbjCp7dtA1HXmo0/WmKQylwnJR s0+tqZ52dGIgAKmTBOB62k9/XLpwTXdpq65CCOBPXRfrNOoaA9kNjBCA0b4o7ABb hKkpXPoKMaGLFEmldZWsuIOTQOtxI8T5 -----END CERTIFICATE-----Generated at Fri Sep 19 00:40:43 2025 by rpki-client