$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: HzKH+Lz05do/APqj2Z/0cPKmX0+PmHdAMN9Eh6xzPDE= Subject key identifier: 21:C3:0D:AA:33:D0:7B:BE:85:74:F2:06:B6:E3:4B:20:B3:1F:38:B0 Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 0936 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 091C Signing time: Mon 08 Sep 2025 20:19:15 +0000 Manifest this update: Mon 08 Sep 2025 20:19:14 +0000 Manifest next update: Mon 15 Sep 2025 20:19:14 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: oOFrtP/295W06qQD16m5+0d8vRU3BbdPSQ+gP2KzpwQ=) 2: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: Del+9YrkACA6yrhYJeSPVVuh01l/16gJ82iy69S9BRo=) 3: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: PnqDvM4vjQdsVy80UhznbWoKhp/dlqh33E+GG+RU+dk=) 4: 03706138786411EC8624EB12C4F9AE02.roa (hash: qKXv165pzdK/WBxXfxqKy/V+953i+G1rFbe37yvanHk=) 5: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: Ci305f1V47fRIRqmqjLy+EIi8DLnLoGCGpVVZ48v10E=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: lvX9qWs0U9FJpaiKhdFBFudNcs3mWD37dbOmEs33Njk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 20:19:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2358 (0x936) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Sep 8 20:19:14 2025 GMT Not After : Sep 15 20:19:14 2025 GMT Subject: CN=68bf3a43-4e95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:79:0c:8e:f9:db:bf:05:25:45:e3:78:ac:81: 4f:a2:d3:43:f7:54:65:dc:13:2e:4d:7e:f5:53:0f: 56:2b:65:74:f7:40:5d:31:a5:a1:54:aa:80:99:56: c2:53:66:f6:2e:dd:66:61:a4:9d:a7:6a:66:f4:51: ad:54:88:42:1f:54:4e:d5:46:d9:c3:35:3c:54:97: 5f:37:52:87:01:8f:0d:67:2c:4a:5b:df:cb:76:f9: 88:02:1e:18:f6:39:26:eb:00:01:93:2c:1f:08:ed: 26:e8:5d:d4:72:c2:ff:52:4f:ce:1e:86:c3:ef:ad: cc:d4:41:53:de:3c:b8:e5:f7:00:a3:70:63:a0:cb: ef:e1:3c:92:18:11:6a:86:39:d8:cb:18:dd:a6:b7: e4:ee:ad:55:2a:43:17:a4:38:2e:90:7c:4d:6d:a9: 64:25:5d:af:4d:04:25:ad:7f:76:3a:ac:a3:e2:0a: d6:a0:34:b3:70:1d:bc:b1:82:38:0c:8b:e4:4b:26: 47:1a:4d:3f:e1:ef:d9:bf:51:48:37:74:b3:40:bc: 20:f9:d0:40:ba:b7:3d:ff:6f:88:49:13:34:36:bd: dd:10:da:2c:9b:1f:e0:9b:f1:1b:20:82:84:25:b2: 44:84:e0:bd:6b:6b:11:00:28:01:e3:1e:4e:b3:18: 51:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:C3:0D:AA:33:D0:7B:BE:85:74:F2:06:B6:E3:4B:20:B3:1F:38:B0 X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:11:ee:17:67:fb:8b:83:46:a4:19:6d:99:72:94:4d:f4:b4: 9f:35:53:04:c1:38:0a:d4:12:fb:d5:3d:a4:9c:be:2c:03:69: 19:d9:37:1d:d5:75:9b:97:73:ab:39:20:30:46:2e:70:52:f0: bf:77:e0:f4:36:73:cf:71:bd:33:4a:c2:19:a8:04:96:20:a3: 50:ce:37:2a:c4:4f:c9:2b:8a:59:39:6f:da:56:f6:c7:6c:30: 7b:77:91:9c:6d:db:d0:1c:46:4b:e9:1f:f1:fa:f7:bf:5b:2d: 04:59:19:77:b0:95:50:f1:7a:28:33:a5:8b:4c:9f:61:a0:1f: 42:27:15:ca:31:a0:ad:e9:ad:27:28:a4:16:d9:e8:0b:f1:7f: 9c:04:ef:ed:d2:bd:23:99:d5:d1:6f:19:64:7c:d5:68:fb:50: 01:51:8d:67:10:26:6a:59:c9:be:35:a2:f7:e3:fa:08:9f:ed: 70:68:d6:4f:66:e3:06:55:0e:78:59:35:a1:d2:07:88:83:13: ae:7b:42:d1:af:82:93:41:41:15:b9:72:c9:7c:1b:5e:e6:0b: 8a:d9:06:01:9a:8f:9d:ff:eb:bf:83:6d:b8:85:7f:76:e8:f3: 91:8d:ef:eb:f4:15:8f:35:41:83:25:b5:fb:15:b4:e6:30:85: e8:e2:e9:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjUwOTA4MjAxOTE0WhcNMjUwOTE1MjAxOTE0WjAYMRYwFAYD VQQDEw02OGJmM2E0My00ZTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApHkMjvnbvwUlReN4rIFPotND91Rl3BMuTX71Uw9WK2V090BdMaWhVKqAmVbC U2b2Lt1mYaSdp2pm9FGtVIhCH1RO1UbZwzU8VJdfN1KHAY8NZyxKW9/LdvmIAh4Y 9jkm6wABkywfCO0m6F3UcsL/Uk/OHobD763M1EFT3jy45fcAo3BjoMvv4TySGBFq hjnYyxjdprfk7q1VKkMXpDgukHxNbalkJV2vTQQlrX92Oqyj4grWoDSzcB28sYI4 DIvkSyZHGk0/4e/Zv1FIN3SzQLwg+dBAurc9/2+ISRM0Nr3dENosmx/gm/EbIIKE JbJEhOC9a2sRACgB4x5OsxhR+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCHDDaoz 0Hu+hXTyBrbjSyCzHziwMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyEe4XZ/uLg0akGW2ZcpRN9LSfNVMEwTgK1BL71T2knL4sA2kZ2Tcd 1XWbl3OrOSAwRi5wUvC/d+D0NnPPcb0zSsIZqASWIKNQzjcqxE/JK4pZOW/aVvbH bDB7d5GcbdvQHEZL6R/x+ve/Wy0EWRl3sJVQ8XooM6WLTJ9hoB9CJxXKMaCt6a0n KKQW2egL8X+cBO/t0r0jmdXRbxlkfNVo+1ABUY1nECZqWcm+NaL34/oIn+1waNZP ZuMGVQ54WTWh0geIgxOue0LRr4KTQUEVuXLJfBte5guK2QYBmo+d/+u/g224hX92 6PORje/r9BWPNUGDJbX7FbTmMIXo4uk5 -----END CERTIFICATE-----Generated at Tue Sep 9 13:19:47 2025 by rpki-client