$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: /eQhS/sCgtvabN3tTpKLBGY6ZgxVj8YLCzCM8zJspQI= Subject key identifier: 36:90:DA:A8:1F:93:E8:1D:BD:94:26:9C:59:97:88:EF:D6:60:01:8C Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 059D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 0595 Signing time: Thu 18 Sep 2025 23:32:36 +0000 Manifest this update: Thu 18 Sep 2025 23:32:36 +0000 Manifest next update: Thu 25 Sep 2025 23:32:36 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: ZtDQpuvCLPbK2GZlLqx0JAhQtA4uST8NbaD+G6J9ONE=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: WoeJPfBlNid7RydzbYK1jVf1zbozvuQMQ+6wRuDKrQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 23:32:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1437 (0x59d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB, serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: Sep 18 23:32:36 2025 GMT Not After : Sep 25 23:32:36 2025 GMT Subject: CN=68cc9694-07ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:eb:14:6a:8a:c0:94:e1:ef:34:25:b3:80:c3: ba:4e:00:fb:1f:a8:45:f8:81:8b:f5:33:a6:f8:72: 3c:2c:ba:ce:18:04:87:7a:47:c5:64:d3:56:15:2b: f4:75:19:6e:8d:14:ed:3b:33:3a:d0:ae:59:46:fa: 80:7c:8f:a8:ff:f0:70:98:5b:ea:b5:e9:50:0b:15: 2c:30:81:30:09:34:53:d2:8e:4f:46:82:fc:57:ff: 28:87:72:34:c9:c5:0f:f4:74:c2:e5:4f:b8:38:4f: f7:79:21:a4:c6:3b:8b:62:66:72:6e:1b:ff:47:45: e7:b4:67:c8:12:48:7b:13:60:8e:9e:d3:34:ed:e1: c0:62:74:b6:1d:4f:6f:10:e0:c7:11:b5:a3:cb:1e: b9:8a:05:03:dd:d8:ed:cb:93:de:eb:fc:48:de:5b: 98:d7:94:b7:11:7e:4a:b8:a5:11:94:7f:1b:8f:3c: 87:d6:6a:04:bf:8f:74:3a:85:3f:91:17:8c:b5:ac: 53:94:4e:8f:fc:bf:1c:b3:51:e1:19:fe:bb:b4:24: e6:3c:8a:c2:19:a5:d8:00:c1:1a:e3:1a:a9:c2:8e: 4d:d6:b8:23:12:2b:d2:5e:44:85:c8:e8:5e:a3:1b: dc:53:2b:1f:ca:b3:11:8c:96:bb:bc:81:a5:d8:bb: 26:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:90:DA:A8:1F:93:E8:1D:BD:94:26:9C:59:97:88:EF:D6:60:01:8C X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:71:2e:63:45:66:0a:3e:43:f4:f9:e9:b6:fc:bf:99:3a:25: 20:d9:f9:d2:14:7b:6a:6f:2b:1a:e3:ed:d4:97:ba:ae:5c:ce: 97:ae:0d:cd:b4:26:4c:32:51:d0:ae:dd:cc:1d:5e:c9:34:ef: 51:f2:73:88:a6:37:af:99:6e:71:40:fe:a3:27:b8:bd:96:b6: b1:29:aa:69:12:c6:f6:68:09:32:1e:91:2f:4f:9f:81:80:da: a7:34:ea:51:f8:ac:16:e9:16:7b:56:28:0f:87:f3:59:96:6f: 57:62:89:9c:9b:a9:ba:f4:db:8b:25:f3:a9:15:33:62:23:c5: ce:ad:35:0b:57:c3:ed:b8:72:e2:dc:40:07:57:2d:00:a7:5c: 4c:8a:04:76:79:d2:89:b3:76:a0:64:e8:1d:ac:be:fb:bc:a8: f5:21:ce:f0:7c:03:4a:bf:1a:1c:e7:a2:2a:1a:d2:de:d6:57: 4e:4b:db:e1:44:fa:43:36:86:6d:f1:b2:3b:8d:95:e6:5c:d1: d9:cb:46:0c:a5:e8:ca:3c:56:70:c2:57:b8:35:f1:1f:d2:af: 45:43:7b:23:4b:62:3a:24:a8:74:c3:8c:64:ce:57:75:ab:50: 4c:39:1c:aa:35:7c:0b:e6:60:aa:ad:70:74:cc:37:27:88:50: 53:e7:eb:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjUwOTE4MjMzMjM2WhcNMjUwOTI1MjMzMjM2WjAYMRYwFAYD VQQDEw02OGNjOTY5NC0wN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsusUaorAlOHvNCWzgMO6TgD7H6hF+IGL9TOm+HI8LLrOGASHekfFZNNWFSv0 dRlujRTtOzM60K5ZRvqAfI+o//BwmFvqtelQCxUsMIEwCTRT0o5PRoL8V/8oh3I0 ycUP9HTC5U+4OE/3eSGkxjuLYmZybhv/R0XntGfIEkh7E2COntM07eHAYnS2HU9v EODHEbWjyx65igUD3djty5Pe6/xI3luY15S3EX5KuKURlH8bjzyH1moEv490OoU/ kReMtaxTlE6P/L8cs1HhGf67tCTmPIrCGaXYAMEa4xqpwo5N1rgjEivSXkSFyOhe oxvcUysfyrMRjJa7vIGl2LsmwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDaQ2qgf k+gdvZQmnFmXiO/WYAGMMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCcS5jRWYKPkP0+em2/L+ZOiUg2fnSFHtqbysa4+3Ul7quXM6Xrg3N tCZMMlHQrt3MHV7JNO9R8nOIpjevmW5xQP6jJ7i9lraxKappEsb2aAkyHpEvT5+B gNqnNOpR+KwW6RZ7VigPh/NZlm9XYomcm6m69NuLJfOpFTNiI8XOrTULV8PtuHLi 3EAHVy0Ap1xMigR2edKJs3agZOgdrL77vKj1Ic7wfANKvxoc56IqGtLe1ldOS9vh RPpDNoZt8bI7jZXmXNHZy0YMpejKPFZwwle4NfEf0q9FQ3sjS2I6JKh0w4xkzld1 q1BMORyqNXwL5mCqrXB0zDcniFBT5+t2 -----END CERTIFICATE-----Generated at Fri Sep 19 12:52:51 2025 by rpki-client