$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft File: tkuBBCq0EWB9hgdv78nllia7iBY.mft (raw, json) Hash identifier: z9K5GYy3H/9xstoAb/vJn7yLtrPNreDe2IkCMVItR1Q= Subject key identifier: 45:21:67:D0:DC:A3:22:F5:22:D1:B6:3D:6E:0B:48:1F:22:57:9D:97 Authority key identifier: B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 Certificate issuer: /CN=A91D3037/serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft Manifest number: 0B Signing time: Wed 17 Sep 2025 08:55:08 +0000 Manifest this update: Wed 17 Sep 2025 08:55:08 +0000 Manifest next update: Wed 24 Sep 2025 08:55:08 +0000 Files and hashes: 1: tkuBBCq0EWB9hgdv78nllia7iBY.crl (hash: p2v/kpMaboX0NU6LlY23426rqKpMqJB1yayL3TdXDus=) 2: 0A16B10E8EE011F09A1AE72BC4F9AE02.roa (hash: 49rBi75NWLedbZFV/zCs/LhYwYBaC9SkJOjaSAzVrHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:55:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3037, serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Validity Not Before: Sep 17 08:55:08 2025 GMT Not After : Sep 24 08:55:08 2025 GMT Subject: CN=68ca776c-cf83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d8:3f:68:1a:07:a3:19:a7:9f:07:48:52:99: af:12:de:12:c6:64:61:e5:8b:2a:51:42:89:8f:62: fa:b4:66:cc:0a:5d:44:30:a8:85:3a:7b:32:90:cf: 85:41:24:da:44:62:97:54:d4:98:c8:19:da:7a:e9: c7:79:65:bf:45:24:5d:c6:45:92:9e:ef:17:e1:4d: 56:cc:f0:d9:b9:b4:61:3f:83:38:e0:6a:82:dd:21: 76:f6:c9:4f:fa:69:43:1c:d8:c0:aa:9e:2e:8e:07: 53:77:27:d9:41:8a:ed:cb:96:46:ef:f7:b3:d1:a5: 10:c4:83:57:44:2c:72:eb:4b:85:58:98:3d:ed:95: 22:5c:23:98:27:60:38:9f:5e:f8:22:86:9c:20:f6: ea:e8:46:bb:3d:e3:bf:9f:b5:e1:a4:0e:af:2e:58: b6:39:10:70:5f:43:c5:d2:7f:4e:66:64:d7:08:c5: a0:4d:8a:be:48:b7:ac:58:0a:2b:ef:53:4f:3e:ec: 38:39:9e:58:b5:8f:67:9f:f8:fc:d7:38:ab:e2:19: 1d:bd:71:52:e2:53:d3:54:33:5c:07:86:0c:db:6a: 04:67:5c:14:e8:11:4e:08:6d:26:45:6d:f9:08:eb: a6:cd:31:e6:c4:c1:10:44:c0:f6:73:84:5f:e9:ff: 0f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:21:67:D0:DC:A3:22:F5:22:D1:B6:3D:6E:0B:48:1F:22:57:9D:97 X509v3 Authority Key Identifier: keyid:B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:d5:c0:6f:53:58:75:1d:a4:c8:55:26:8f:d3:ac:d0:e5:84: 8a:bb:f1:78:37:3a:26:7e:4b:0b:0a:87:bf:02:9f:34:ce:64: 87:42:b1:49:3e:4b:1a:a7:e8:6f:f5:83:9f:cb:78:5b:aa:03: 5f:c9:0a:34:b7:1b:38:ca:a4:d4:2b:53:d6:29:83:a9:38:b3: 12:88:6a:bb:8c:36:02:7a:47:cb:41:a2:d2:f1:4f:80:42:92: 2c:d6:d0:98:49:b0:39:83:83:2c:64:f1:69:5a:ff:fe:94:6c: 8b:32:1e:21:c8:f6:cf:8b:47:60:5f:42:cb:f4:55:80:01:03: f1:96:cc:23:be:7d:75:e1:72:43:cf:43:53:81:7c:21:2a:d1: b4:31:d9:33:22:72:eb:0d:7b:1b:b5:8f:b8:92:bf:a7:99:a3: b1:ee:7c:ca:c2:ce:2b:ed:b3:7a:3c:17:78:2a:d2:d9:9d:fa: c9:43:5d:fa:d6:eb:7f:bd:8d:5a:fd:da:4d:a3:5d:46:fd:f3: 56:c9:44:4c:46:9f:1b:fa:60:51:dd:64:4e:ed:ec:b4:bf:e9: f4:43:4e:ee:df:cb:95:0f:77:2c:e8:3c:cb:a9:14:2e:5a:5b: 65:dc:2c:7d:83:00:e0:a8:9e:8d:27:0d:e6:45:f1:8f:03:83: d4:24:68:5d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MzAzNzExMC8GA1UEBRMoQjY0QjgxMDQyQUI0MTE2MDdEODYwNzZGRUZDOUU1OTYy NkJCODgxNjAeFw0yNTA5MTcwODU1MDhaFw0yNTA5MjQwODU1MDhaMBgxFjAUBgNV BAMTDTY4Y2E3NzZjLWNmODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC52D9oGgejGaefB0hSma8S3hLGZGHliypRQomPYvq0ZswKXUQwqIU6ezKQz4VB JNpEYpdU1JjIGdp66cd5Zb9FJF3GRZKe7xfhTVbM8Nm5tGE/gzjgaoLdIXb2yU/6 aUMc2MCqni6OB1N3J9lBiu3Llkbv97PRpRDEg1dELHLrS4VYmD3tlSJcI5gnYDif Xvgihpwg9uroRrs947+fteGkDq8uWLY5EHBfQ8XSf05mZNcIxaBNir5It6xYCivv U08+7Dg5nli1j2ef+PzXOKviGR29cVLiU9NUM1wHhgzbagRnXBToEU4IbSZFbfkI 66bNMebEwRBEwPZzhF/p/w+RAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURSFn0Nyj IvUi0bY9bgtIHyJXnZcwHwYDVR0jBBgwFoAUtkuBBCq0EWB9hgdv78nllia7iBYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzMDM3LzhCOERFMjdFOEVE QzExRjA5ODgwQzQ3OEM0RjlBRTAyL3RrdUJCQ3EwRVdCOWhnZHY3OG5sbGlhN2lC WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdGt1QkJDcTBFV0I5aGdkdjc4bmxsaWE3aUJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQz MDM3LzhCOERFMjdFOEVEQzExRjA5ODgwQzQ3OEM0RjlBRTAyL3RrdUJCQ3EwRVdC OWhnZHY3OG5sbGlhN2lCWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALvVwG9TWHUdpMhVJo/TrNDlhIq78Xg3OiZ+SwsKh78CnzTOZIdCsUk+ Sxqn6G/1g5/LeFuqA1/JCjS3GzjKpNQrU9Ypg6k4sxKIaruMNgJ6R8tBotLxT4BC kizW0JhJsDmDgyxk8Wla//6UbIsyHiHI9s+LR2BfQsv0VYABA/GWzCO+fXXhckPP Q1OBfCEq0bQx2TMicusNexu1j7iSv6eZo7HufMrCzivts3o8F3gq0tmd+slDXfrW 63+9jVr92k2jXUb981bJRExGnxv6YFHdZE7t7LS/6fRDTu7fy5UPdyzoPMupFC5a W2XcLH2DAOCono0nDeZF8Y8Dg9QkaF0= -----END CERTIFICATE-----Generated at Fri Sep 19 02:14:31 2025 by rpki-client