$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft File: tlTdX1sVILMlvAnEv0yt88r7NCk.mft (raw, json) Hash identifier: iF/8Hgu+XQDcamTJ9MOLOmkuc/qNyJK0vnDRQflEDpw= Subject key identifier: AD:CC:83:B6:72:69:70:40:2C:FD:3F:5E:04:4A:9F:DC:6A:A1:2E:EE Authority key identifier: B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 Certificate issuer: /CN=A91E3B25/serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Certificate serial: 0943 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft Manifest number: 2033 Signing time: Thu 18 Sep 2025 16:46:18 +0000 Manifest this update: Thu 18 Sep 2025 16:46:18 +0000 Manifest next update: Thu 25 Sep 2025 16:46:18 +0000 Files and hashes: 1: tlTdX1sVILMlvAnEv0yt88r7NCk.crl (hash: gb3gS8cVmXKzB4YDRedrDSRv2Aue8mJ6nZo3LSBoYrw=) 2: 3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa (hash: Lmn08n30AiKaOdta7GpDKIWNdyU/iej42lU+unei0xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 16:46:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2371 (0x943) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3B25, serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Validity Not Before: Sep 18 16:46:18 2025 GMT Not After : Sep 25 16:46:18 2025 GMT Subject: CN=68cc375a-6e0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:14:98:6f:5f:36:38:92:af:eb:69:84:9f:9b: 6e:98:ba:48:4f:c7:11:84:1e:d9:c0:71:c3:d1:d5: 32:ec:5d:ee:6e:bf:9c:09:19:16:54:f8:aa:43:d2: 83:3a:0f:0f:6f:66:8b:f5:6b:a2:10:7a:1d:bb:fd: 44:3d:bf:de:33:66:24:fb:82:f6:57:9b:15:75:21: 8c:73:9a:da:1b:3d:dc:05:45:c6:a9:fa:65:0d:7f: 81:63:86:b4:71:51:c8:b5:98:a2:52:4c:18:4a:8d: db:2e:2b:ac:d0:3d:02:fb:ce:02:e9:3a:59:4a:87: 04:26:31:c8:d3:81:34:f6:94:42:f0:b1:2d:20:d0: 88:cf:9f:8d:fa:a9:b8:16:fc:d7:aa:c5:82:ce:10: 50:6a:31:49:f4:7a:7a:19:6a:ee:11:bb:d6:50:d9: 44:fa:06:02:33:01:ed:d6:84:ed:b8:bb:3f:c9:96: 92:7d:53:18:eb:0d:40:1b:a6:f3:d2:85:bb:54:09: b2:dd:ec:c0:6c:27:dc:ee:b1:95:e2:d4:1b:ec:8b: 35:4b:bc:36:23:8b:9f:d8:92:a7:29:76:b2:3e:a9: c4:7e:ee:30:56:80:85:3f:c4:fa:6d:c5:f3:29:8f: 3c:ee:d4:01:7a:5c:6f:76:50:96:16:54:7a:2d:b6: 60:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:CC:83:B6:72:69:70:40:2C:FD:3F:5E:04:4A:9F:DC:6A:A1:2E:EE X509v3 Authority Key Identifier: keyid:B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:12:af:7d:93:3d:00:34:ff:bd:50:b3:9f:98:3b:8a:0e:8d: 09:1f:7b:9c:e7:82:ef:56:5a:f1:6e:40:5e:e1:4e:49:ee:fe: 77:98:33:c6:b5:c7:59:ab:64:92:92:85:6c:cc:c6:74:55:e2: e6:40:36:a8:06:e7:7a:16:65:dd:42:ec:cc:ab:6c:6b:c9:c5: 13:c8:3f:58:e3:35:aa:6b:83:67:61:cd:31:a7:89:f4:b2:f1: 20:3d:21:72:e6:90:2a:c3:58:0a:f0:da:4b:87:19:0b:19:ef: d4:22:37:d0:df:e2:5f:74:bb:8c:5a:07:c9:c6:b6:20:d6:d0: ab:e7:8d:a2:bd:2d:f5:2b:cd:86:76:a6:ad:a0:86:5b:c2:da: 37:91:64:7f:88:b6:ee:dd:a3:e0:63:ff:ea:72:ed:8a:40:54: 9b:14:da:23:d0:71:97:95:cb:41:a6:11:33:78:58:77:16:4c: ee:c2:3e:c2:0a:03:af:53:95:a8:08:88:ff:a2:fe:1b:bd:a4: 5f:ff:c8:a1:2e:5b:cb:e4:ff:b0:d1:9b:6c:92:fa:31:a0:57: 4c:b7:2b:34:df:76:41:fd:17:70:38:2e:d8:37:be:c6:6e:54: e2:c3:e8:7f:c6:52:f3:9c:48:3c:58:14:69:2b:ad:b4:42:c4: f0:fe:03:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCMjUxMTAvBgNVBAUTKEI2NTRERDVGNUIxNTIwQjMyNUJDMDlDNEJGNENBREYz Q0FGQjM0MjkwHhcNMjUwOTE4MTY0NjE4WhcNMjUwOTI1MTY0NjE4WjAYMRYwFAYD VQQDEw02OGNjMzc1YS02ZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAshSYb182OJKv62mEn5tumLpIT8cRhB7ZwHHD0dUy7F3ubr+cCRkWVPiqQ9KD Og8Pb2aL9WuiEHodu/1EPb/eM2Yk+4L2V5sVdSGMc5raGz3cBUXGqfplDX+BY4a0 cVHItZiiUkwYSo3bLius0D0C+84C6TpZSocEJjHI04E09pRC8LEtINCIz5+N+qm4 FvzXqsWCzhBQajFJ9Hp6GWruEbvWUNlE+gYCMwHt1oTtuLs/yZaSfVMY6w1AG6bz 0oW7VAmy3ezAbCfc7rGV4tQb7Is1S7w2I4uf2JKnKXayPqnEfu4wVoCFP8T6bcXz KY887tQBelxvdlCWFlR6LbZgcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK3Mg7Zy aXBALP0/XgRKn9xqoS7uMB8GA1UdIwQYMBaAFLZU3V9bFSCzJbwJxL9MrfPK+zQp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0IyNS83RTg5MkNDMkY2 MTUxMUU3QjgzMDA5NkRDNEY5QUUwMi90bFRkWDFzVklMTWx2QW5FdjB5dDg4cjdO Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RsVGRYMXNWSUxNbHZBbkV2MHl0ODhyN05Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0IyNS83RTg5MkNDMkY2MTUxMUU3QjgzMDA5NkRDNEY5QUUwMi90bFRkWDFzVklM TWx2QW5FdjB5dDg4cjdOQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1Eq99kz0ANP+9ULOfmDuKDo0JH3uc54LvVlrxbkBe4U5J7v53mDPG tcdZq2SSkoVszMZ0VeLmQDaoBud6FmXdQuzMq2xrycUTyD9Y4zWqa4NnYc0xp4n0 svEgPSFy5pAqw1gK8NpLhxkLGe/UIjfQ3+JfdLuMWgfJxrYg1tCr542ivS31K82G dqatoIZbwto3kWR/iLbu3aPgY//qcu2KQFSbFNoj0HGXlctBphEzeFh3Fkzuwj7C CgOvU5WoCIj/ov4bvaRf/8ihLlvL5P+w0ZtskvoxoFdMtys033ZB/RdwOC7YN77G blTiw+h/xlLznEg8WBRpK620QsTw/gO1 -----END CERTIFICATE-----Generated at Thu Sep 18 21:58:09 2025 by rpki-client