$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: PwaViPrhTUWDWn59vjs9GS0ZagCK04pStPU0CLlXHA0= Subject key identifier: 0F:6C:15:B9:C9:6A:4D:D4:1E:C9:CA:E4:A4:7A:59:DE:08:9E:F7:02 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2BB8 Signing time: Thu 18 Sep 2025 16:02:22 +0000 Manifest this update: Thu 18 Sep 2025 16:02:22 +0000 Manifest next update: Thu 25 Sep 2025 16:02:22 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: 6DFA1hWa76luYFnX51Tmt6h8fiXs3b0zUjxvu0QeoSk=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 16:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2761 (0xac9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Sep 18 16:02:22 2025 GMT Not After : Sep 25 16:02:22 2025 GMT Subject: CN=68cc2d0e-f77c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:68:a3:07:61:7a:bf:99:d0:a6:ac:d2:c5:61: a7:e6:cb:1b:2c:52:0b:58:ab:03:08:a6:37:4b:40: 68:ea:51:88:08:e5:58:7a:b1:33:ef:e0:2d:b7:8d: e8:2e:0c:78:6b:66:81:90:e0:1d:f2:2c:83:5f:c0: b6:e2:8d:dd:0f:a3:de:6f:97:08:cc:60:9e:46:ee: 49:e9:2b:04:48:f8:d8:f2:f0:5f:d4:25:a7:91:25: 9f:98:65:36:2e:c0:52:89:5a:a6:40:50:5e:10:69: eb:26:38:a8:62:41:71:6c:5b:19:8b:be:40:0c:ba: b6:d4:29:41:cc:52:7b:52:1e:fc:9d:f9:2d:41:f1: d7:0b:33:e0:77:65:9d:5c:77:55:75:fe:8d:19:ff: 3c:6c:3f:3e:f2:3c:10:45:fe:ac:dd:44:4e:7e:6a: 68:e6:c9:75:fe:98:df:08:3b:4f:3d:f8:e7:1e:76: ba:8c:a9:70:c1:48:c0:24:fc:4a:7a:7a:16:4c:66: 60:79:29:59:f3:33:dd:9b:c4:ad:6e:a4:cc:b8:f8: 34:4b:02:a6:80:ee:1d:75:b0:ad:9b:0b:e9:9e:7d: 50:8d:b4:17:a8:14:55:13:4b:4d:d0:6f:3f:c8:7b: d3:23:00:b9:0e:ad:6c:53:c5:9d:01:3a:ae:af:70: 76:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:6C:15:B9:C9:6A:4D:D4:1E:C9:CA:E4:A4:7A:59:DE:08:9E:F7:02 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:05:ab:4a:b8:ab:8c:49:e1:de:94:10:94:d6:4e:45:52:fd: ba:f7:a7:02:db:95:b7:71:06:25:27:a5:ac:a0:9f:73:7d:52: 6a:c8:5e:a2:64:0d:a9:34:49:e8:2a:1d:10:b8:29:24:fd:20: f0:f8:8c:bc:f5:1b:71:7a:e7:e4:b5:19:5a:43:6e:9a:a4:82: f6:36:4c:0d:a1:2e:d6:ce:83:dc:c8:fa:91:40:1d:c5:51:4a: 48:ab:72:a1:a4:13:e6:97:42:06:f0:76:c2:1c:81:68:f5:0c: c8:1d:16:a6:1b:df:01:4a:b6:01:69:2a:2e:74:f2:ea:c3:84: 05:34:08:fd:4f:1f:43:c6:3e:14:7f:80:2a:b6:e5:76:0a:bc: 5a:44:68:7c:70:c2:5f:49:7c:51:68:41:4d:21:56:9f:bc:12: 87:f3:07:72:6b:4c:21:3d:b0:70:88:98:eb:6c:36:d0:f2:e3: 72:73:8a:24:ec:32:f3:9a:d1:b1:97:51:49:66:18:fd:90:ef: 39:f8:dd:7c:df:c9:24:e8:66:52:3e:44:9f:ec:77:ad:23:d9: af:59:47:ea:f0:e6:c2:90:98:7f:ec:de:94:d3:1d:c4:94:dd: 6a:b9:99:80:bd:99:42:6a:c0:2e:ba:9e:86:f0:34:10:92:81: 6d:4c:2f:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUwOTE4MTYwMjIyWhcNMjUwOTI1MTYwMjIyWjAYMRYwFAYD VQQDEw02OGNjMmQwZS1mNzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GijB2F6v5nQpqzSxWGn5ssbLFILWKsDCKY3S0Bo6lGICOVYerEz7+Att43o Lgx4a2aBkOAd8iyDX8C24o3dD6Peb5cIzGCeRu5J6SsESPjY8vBf1CWnkSWfmGU2 LsBSiVqmQFBeEGnrJjioYkFxbFsZi75ADLq21ClBzFJ7Uh78nfktQfHXCzPgd2Wd XHdVdf6NGf88bD8+8jwQRf6s3UROfmpo5sl1/pjfCDtPPfjnHna6jKlwwUjAJPxK enoWTGZgeSlZ8zPdm8StbqTMuPg0SwKmgO4ddbCtmwvpnn1QjbQXqBRVE0tN0G8/ yHvTIwC5Dq1sU8WdATqur3B2zwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA9sFbnJ ak3UHsnK5KR6Wd4InvcCMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWBatKuKuMSeHelBCU1k5FUv2696cC25W3cQYlJ6WsoJ9zfVJqyF6i ZA2pNEnoKh0QuCkk/SDw+Iy89RtxeufktRlaQ26apIL2NkwNoS7WzoPcyPqRQB3F UUpIq3KhpBPml0IG8HbCHIFo9QzIHRamG98BSrYBaSoudPLqw4QFNAj9Tx9Dxj4U f4AqtuV2CrxaRGh8cMJfSXxRaEFNIVafvBKH8wdya0whPbBwiJjrbDbQ8uNyc4ok 7DLzmtGxl1FJZhj9kO85+N1838kk6GZSPkSf7HetI9mvWUfq8ObCkJh/7N6U0x3E lN1quZmAvZlCasAuup6G8DQQkoFtTC81 -----END CERTIFICATE-----Generated at Fri Sep 19 05:29:27 2025 by rpki-client