$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: kTfNQqfOkMymCmsIB2cBIhg3movherlWFcuPx23Ih50= Subject key identifier: D4:07:1B:85:3C:98:35:1E:FB:D4:84:AB:B3:13:F3:EA:B4:0B:81:D3 Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 34CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 34C8 Signing time: Thu 18 Sep 2025 15:09:02 +0000 Manifest this update: Thu 18 Sep 2025 15:09:01 +0000 Manifest next update: Thu 25 Sep 2025 15:09:01 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: edDkGaAJ32UVTJInudLxe7JU3HNU8MJr/xGpajb565s=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 15:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13517 (0x34cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Sep 18 15:09:01 2025 GMT Not After : Sep 25 15:09:01 2025 GMT Subject: CN=68cc208d-e313 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d2:b7:09:83:45:7e:fb:ef:bc:62:a1:85:0a: b6:6e:c7:5c:7a:6d:e7:8c:a9:5c:c5:17:80:ce:0b: 96:32:17:bd:42:48:e6:2e:23:c9:31:8b:02:6b:72: d0:7c:04:32:64:5f:c9:e2:18:3e:24:23:35:f5:a3: ac:6b:5d:9f:97:25:79:a8:b3:d7:35:b6:a3:30:fe: 09:ff:a2:71:fd:24:34:ef:0c:51:ff:ed:e0:9c:ab: 0f:dd:92:cb:96:60:fe:3f:81:58:f1:5d:04:9c:04: b7:b8:8a:1c:65:d6:b1:d6:33:de:c6:bb:aa:31:bf: 8b:e6:d9:cf:ca:98:5b:c0:03:c4:c3:7a:6f:3d:18: fe:53:4d:31:ca:b1:0e:9c:98:05:4c:64:19:2c:a1: 5f:10:0a:3d:78:79:22:1f:b6:70:e3:0f:d9:8a:c5: c9:53:ba:af:c3:0b:7d:0b:83:d9:46:f2:84:85:ba: ec:fd:d9:cb:7b:fe:51:83:a1:c2:0a:95:4f:e2:3d: 3a:b3:f1:02:06:c2:5b:0c:c4:5b:e7:74:2a:0e:84: b4:17:27:43:62:8d:a1:27:7b:93:9c:b3:93:9e:c3: ec:33:93:0e:18:86:22:6e:9d:1f:1d:a5:bb:9a:59: 96:34:d9:47:9d:fe:4e:01:61:94:75:ef:9b:98:27: 46:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:07:1B:85:3C:98:35:1E:FB:D4:84:AB:B3:13:F3:EA:B4:0B:81:D3 X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:90:9c:c8:46:fa:4a:f3:db:41:e9:b6:6b:5e:74:8d:cc:01: f6:93:e2:c9:f4:f1:18:ce:f6:24:00:a0:11:81:da:14:dd:85: e6:85:32:e1:9c:a9:58:7f:08:66:47:e0:c3:5b:7d:23:36:e1: 85:4d:a8:91:1c:41:23:bd:23:fd:c9:ae:19:25:63:92:22:01: 0b:09:c5:21:c2:b7:33:20:13:6b:dd:6d:db:cb:47:12:77:06: 0b:af:65:5f:69:17:5a:77:e4:8b:4c:8f:eb:39:c9:c2:16:24: 52:4f:42:d5:57:a0:43:d8:2e:5d:c3:f6:ef:3b:7b:dc:9b:f6: ec:83:fc:e1:37:d2:ef:88:96:21:44:9a:3c:81:e7:fb:aa:24: 19:56:37:22:9d:81:f8:bd:81:ca:06:b8:98:11:81:70:60:9b: fe:29:03:6b:e7:a0:a8:94:07:50:bf:16:27:0f:ea:30:71:22: c2:29:01:ba:c7:15:c1:b2:79:ba:31:37:2f:c2:3f:25:06:e7: fb:78:27:36:31:da:fa:76:22:f3:db:a8:2b:7e:46:13:f2:97: 62:b5:c4:8d:e4:9d:5f:93:af:5f:20:0a:14:f6:f5:94:54:30: a8:0c:65:04:a9:00:47:82:fd:88:f2:7e:5d:fd:9a:67:ff:ac: ea:c1:cd:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwOTE4MTUwOTAxWhcNMjUwOTI1MTUwOTAxWjAYMRYwFAYD VQQDEw02OGNjMjA4ZC1lMzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAutK3CYNFfvvvvGKhhQq2bsdcem3njKlcxReAzguWMhe9QkjmLiPJMYsCa3LQ fAQyZF/J4hg+JCM19aOsa12flyV5qLPXNbajMP4J/6Jx/SQ07wxR/+3gnKsP3ZLL lmD+P4FY8V0EnAS3uIocZdax1jPexruqMb+L5tnPyphbwAPEw3pvPRj+U00xyrEO nJgFTGQZLKFfEAo9eHkiH7Zw4w/ZisXJU7qvwwt9C4PZRvKEhbrs/dnLe/5Rg6HC CpVP4j06s/ECBsJbDMRb53QqDoS0FydDYo2hJ3uTnLOTnsPsM5MOGIYibp0fHaW7 mlmWNNlHnf5OAWGUde+bmCdGTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQHG4U8 mDUe+9SEq7MT8+q0C4HTMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCykJzIRvpK89tB6bZrXnSNzAH2k+LJ9PEYzvYkAKARgdoU3YXmhTLh nKlYfwhmR+DDW30jNuGFTaiRHEEjvSP9ya4ZJWOSIgELCcUhwrczIBNr3W3by0cS dwYLr2VfaRdad+SLTI/rOcnCFiRST0LVV6BD2C5dw/bvO3vcm/bsg/zhN9LviJYh RJo8gef7qiQZVjcinYH4vYHKBriYEYFwYJv+KQNr56ColAdQvxYnD+owcSLCKQG6 xxXBsnm6MTcvwj8lBuf7eCc2Mdr6diLz26grfkYT8pditcSN5J1fk69fIAoU9vWU VDCoDGUEqQBHgv2I8n5d/Zpn/6zqwc3L -----END CERTIFICATE-----Generated at Fri Sep 19 15:10:58 2025 by rpki-client