$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft File: SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft (raw, json) Hash identifier: kv+s46t3F1nnTfvlD3DnplljUMjsRN3yVNClMGe0PEY= Subject key identifier: 86:CF:34:69:E7:55:DC:A3:1B:C9:CC:98:7E:92:80:D8:3E:74:05:9E Authority key identifier: 48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29 Certificate issuer: /CN=A91DA389/serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29 Certificate serial: 01CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft Manifest number: 01CA Signing time: Tue 09 Sep 2025 02:59:13 +0000 Manifest this update: Tue 09 Sep 2025 02:59:12 +0000 Manifest next update: Tue 16 Sep 2025 02:59:12 +0000 Files and hashes: 1: SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl (hash: Ds1QawabIuQ+DN9Ivo654v9YCYKM1LUfD7nyMT+Q3Mo=) 2: 4F467C58D3AA11ED91B0C532C4F9AE02.roa (hash: tmK0iDwld+e+aTJhpXj4A3zlzhe3/irDCWSZWb2ca9Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:59:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 463 (0x1cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA389, serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29 Validity Not Before: Sep 9 02:59:12 2025 GMT Not After : Sep 16 02:59:12 2025 GMT Subject: CN=68bf9800-f22d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:be:2a:47:95:68:cd:7f:11:68:a9:36:73:24: 90:c5:36:da:eb:0f:fc:6d:b2:39:cc:cf:55:74:da: a2:a8:9e:cd:02:9d:5e:4b:2b:ff:83:2b:a1:eb:0c: 71:bb:31:27:a3:ed:f9:26:f6:56:70:61:a0:89:74: 1d:fe:4b:7a:3c:e9:91:5f:73:60:c8:11:97:ff:06: cd:04:d5:16:39:12:51:2c:51:5c:50:ee:28:01:e4: 3c:4d:f5:d9:71:bc:9a:7d:14:37:e6:e3:99:55:d1: 15:0f:d5:c5:1e:7f:2a:00:9c:95:6d:8b:9b:df:cb: df:f8:80:7d:31:79:9a:48:63:19:a9:6b:e4:67:97: b0:15:cb:28:57:87:c2:38:26:a4:06:6d:49:e8:9b: 48:db:67:04:6c:3f:ed:1a:4b:95:40:95:0e:33:b5: c2:d0:3c:45:3f:51:99:3e:78:ca:d1:50:f5:59:19: 7c:56:1b:33:3d:cd:87:0b:05:11:1a:6d:9d:24:cb: 21:4e:0a:dc:3f:b3:db:57:63:6a:a5:90:08:17:e0: dd:01:f5:75:40:4d:50:88:61:24:03:3c:91:0d:cb: f3:31:79:39:7d:2b:ac:fa:f0:d5:55:d5:53:87:12: 22:17:35:da:49:6b:ab:3b:d7:80:f0:14:8a:12:9d: 61:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:CF:34:69:E7:55:DC:A3:1B:C9:CC:98:7E:92:80:D8:3E:74:05:9E X509v3 Authority Key Identifier: keyid:48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:87:60:48:f2:a9:f4:0c:95:0a:4c:5c:96:36:9e:4e:14:d1: 66:b9:46:f0:d4:70:e0:85:d0:74:c1:3d:ca:cc:68:e0:75:e9: 8e:3e:cb:0f:82:64:4b:10:ce:18:ee:11:cf:4e:fa:96:cb:52: d1:ab:af:0b:56:43:50:8a:db:7a:e3:d5:e0:1c:62:2a:68:78: 5f:0f:d7:84:90:2d:a6:7f:23:2e:8f:f1:08:e3:3e:f8:f0:32: db:96:c8:ae:f6:2c:d4:94:12:aa:68:73:40:79:cc:71:72:f5: db:bd:75:e4:a3:84:a8:25:68:86:8c:73:7c:c4:cc:d0:09:8c: fe:df:6a:da:96:a4:a9:82:06:52:bc:59:ee:f5:99:a2:59:cc: a0:ac:47:7c:63:50:ba:32:d9:3f:9d:1e:bb:58:3b:f5:33:fc: 71:4c:de:14:bf:04:a0:fc:fd:a3:e1:0d:a8:28:11:99:2f:d8: 4a:36:77:ce:b8:a7:82:c6:af:55:57:8d:98:f3:ab:6f:5d:fe: f6:55:8b:a3:0e:3b:1d:ec:33:ea:29:51:ed:a5:ce:ca:e7:6d: 50:3b:05:5a:3c:13:ca:f8:a5:f0:b8:aa:ed:b7:ea:8e:e9:71: 9f:e6:74:38:ec:6d:d0:7e:a1:c5:13:96:87:ee:70:06:ad:a9: 89:50:da:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEzODkxMTAvBgNVBAUTKDQ4RjUwRTE2QjgzMDVBQTJDNzU2RDIxQzhGMEZENTA5 MzM4QTVDMjkwHhcNMjUwOTA5MDI1OTEyWhcNMjUwOTE2MDI1OTEyWjAYMRYwFAYD VQQDEw02OGJmOTgwMC1mMjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArb4qR5VozX8RaKk2cySQxTba6w/8bbI5zM9VdNqiqJ7NAp1eSyv/gyuh6wxx uzEno+35JvZWcGGgiXQd/kt6POmRX3NgyBGX/wbNBNUWORJRLFFcUO4oAeQ8TfXZ cbyafRQ35uOZVdEVD9XFHn8qAJyVbYub38vf+IB9MXmaSGMZqWvkZ5ewFcsoV4fC OCakBm1J6JtI22cEbD/tGkuVQJUOM7XC0DxFP1GZPnjK0VD1WRl8VhszPc2HCwUR Gm2dJMshTgrcP7PbV2NqpZAIF+DdAfV1QE1QiGEkAzyRDcvzMXk5fSus+vDVVdVT hxIiFzXaSWurO9eA8BSKEp1hswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIbPNGnn VdyjG8nMmH6SgNg+dAWeMB8GA1UdIwQYMBaAFEj1Dha4MFqix1bSHI8P1Qkzilwp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTM4OS9CMjE3MEI3NEQz QTMxMUVEODgwNkFDMTFDNEY5QUUwMi9TUFVPRnJnd1dxTEhWdEljandfVkNUT0tY Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NQVU9Gcmd3V3FMSFZ0SWNqd19WQ1RPS1hDay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTM4OS9CMjE3MEI3NEQzQTMxMUVEODgwNkFDMTFDNEY5QUUwMi9TUFVPRnJnd1dx TEhWdEljandfVkNUT0tYQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfh2BI8qn0DJUKTFyWNp5OFNFmuUbw1HDghdB0wT3KzGjgdemOPssP gmRLEM4Y7hHPTvqWy1LRq68LVkNQitt649XgHGIqaHhfD9eEkC2mfyMuj/EI4z74 8DLblsiu9izUlBKqaHNAecxxcvXbvXXko4SoJWiGjHN8xMzQCYz+32ralqSpggZS vFnu9ZmiWcygrEd8Y1C6Mtk/nR67WDv1M/xxTN4UvwSg/P2j4Q2oKBGZL9hKNnfO uKeCxq9VV42Y86tvXf72VYujDjsd7DPqKVHtpc7K521QOwVaPBPK+KXwuKrtt+qO 6XGf5nQ47G3QfqHFE5aH7nAGramJUNoL -----END CERTIFICATE-----Generated at Tue Sep 9 20:23:12 2025 by rpki-client