$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft File: XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft (raw, json) Hash identifier: oak1+jzfTUKsris0U68pOhmc/yK9GVzEjc8M3yxQQfA= Subject key identifier: 4E:79:C6:4B:79:4F:A5:19:4E:62:29:1B:B7:06:4C:2D:6F:BE:CB:61 Authority key identifier: 5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 Certificate issuer: /CN=A91E9F89/serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Certificate serial: 08A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft Manifest number: 089B Signing time: Tue 16 Sep 2025 20:47:01 +0000 Manifest this update: Tue 16 Sep 2025 20:47:00 +0000 Manifest next update: Tue 23 Sep 2025 20:47:00 +0000 Files and hashes: 1: XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl (hash: czdk/+VKMJcxsdHjWNC/OHob1Zo8zo3yKgNciMYHqu8=) 2: 05B67AF8C6A011EAA70D183FC4F9AE02.roa (hash: uyDMO7ckw/0z5jl/cntcgb/65TbIdBVdA1r68qbPTT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Sep 2025 20:47:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2210 (0x8a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9F89, serialNumber=5F307E6274AC39E54E99866DABB85C2C9EFD16B1 Validity Not Before: Sep 16 20:47:00 2025 GMT Not After : Sep 23 20:47:00 2025 GMT Subject: CN=68c9ccc5-690d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:df:40:1b:8a:5b:1d:22:df:44:35:8e:9d:ae: 9b:60:aa:f2:aa:74:76:39:d0:d7:95:1a:96:b7:f0: 81:e0:f7:63:6d:1a:9b:8a:c1:78:64:e2:75:3e:a1: 71:cb:28:99:29:4e:7c:41:ea:65:8d:2a:63:a1:81: 70:eb:13:71:ca:65:78:28:57:3e:51:b0:09:91:5c: 20:c7:6d:75:1f:d3:99:6c:2e:12:6a:1f:28:30:ef: 7b:db:97:b9:53:3d:49:9b:b8:32:1e:7f:e7:a7:d8: 02:59:af:7d:b1:d2:ea:fc:10:99:c4:ba:ec:c8:0d: e0:f1:98:4b:e8:f6:1b:95:51:59:69:cd:41:1c:b8: 10:a2:4f:0d:d4:08:7b:96:ea:0e:b3:4c:c4:72:ad: b3:23:5c:1c:91:47:10:1a:9b:07:5b:e4:d2:1c:ec: 7c:9a:35:02:cc:05:8a:cf:03:15:b0:d2:61:3b:5a: 81:a2:5c:ea:b9:ba:eb:e1:57:38:c7:cc:78:4f:40: 6f:3a:18:e3:76:ce:8a:88:58:14:a5:c3:5a:33:90: 7a:2a:b4:a1:58:17:89:6e:c9:82:ae:91:ba:6e:25: b9:a2:88:48:11:87:94:74:5c:4a:44:2c:5e:cc:5e: 5f:4b:31:5d:8a:c4:35:00:d0:e0:48:66:fe:ea:aa: 25:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:79:C6:4B:79:4F:A5:19:4E:62:29:1B:B7:06:4C:2D:6F:BE:CB:61 X509v3 Authority Key Identifier: keyid:5F:30:7E:62:74:AC:39:E5:4E:99:86:6D:AB:B8:5C:2C:9E:FD:16:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XzB-YnSsOeVOmYZtq7hcLJ79FrE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9F89/5BE74878C69E11EA9BF8A33CC4F9AE02/XzB-YnSsOeVOmYZtq7hcLJ79FrE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:95:82:16:dd:8b:38:0a:db:61:98:5d:b1:71:1f:13:f1:19: 52:ed:fc:8d:63:6b:01:f5:55:bd:99:95:47:de:f6:33:20:91: f4:ee:d5:39:af:82:f7:1d:34:3d:30:0a:f8:c7:7e:02:09:ea: 20:e5:68:f6:20:14:49:01:1d:5f:36:d0:b1:a7:b3:7d:ac:28: d5:c1:c9:65:3b:f2:78:1e:51:4b:73:e3:7d:f5:5c:45:cb:95: 7a:b7:2d:22:e9:b1:f6:54:32:ff:73:3b:e1:12:68:b8:d1:81: ad:65:81:7f:0d:ec:5d:15:26:e1:7f:a6:68:06:85:63:43:f9: 6f:dc:c8:46:e7:11:61:c4:8a:f5:ed:62:bd:db:a6:ef:89:d3: c0:9d:5a:55:ea:02:31:33:83:c3:7f:31:84:f6:f6:16:34:bf: 8c:a4:bf:5d:53:eb:62:e4:9e:cd:35:5b:94:5e:a9:2f:e9:ef: d9:e2:fe:c2:09:75:99:8a:a0:d9:69:33:e5:b1:5e:fe:88:c7: f3:bd:43:bf:89:29:d3:d4:57:75:54:a1:25:ca:43:59:44:5a: f9:df:bb:61:e7:e9:0f:46:7b:33:e5:6f:20:9e:6c:e1:06:ff: 2c:c6:97:22:ae:6a:9a:58:65:e0:dc:4a:b2:bd:f3:d5:4f:8b: f3:05:d6:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlGODkxMTAvBgNVBAUTKDVGMzA3RTYyNzRBQzM5RTU0RTk5ODY2REFCQjg1QzJD OUVGRDE2QjEwHhcNMjUwOTE2MjA0NzAwWhcNMjUwOTIzMjA0NzAwWjAYMRYwFAYD VQQDEw02OGM5Y2NjNS02OTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv99AG4pbHSLfRDWOna6bYKryqnR2OdDXlRqWt/CB4PdjbRqbisF4ZOJ1PqFx yyiZKU58QepljSpjoYFw6xNxymV4KFc+UbAJkVwgx211H9OZbC4Sah8oMO9725e5 Uz1Jm7gyHn/np9gCWa99sdLq/BCZxLrsyA3g8ZhL6PYblVFZac1BHLgQok8N1Ah7 luoOs0zEcq2zI1wckUcQGpsHW+TSHOx8mjUCzAWKzwMVsNJhO1qBolzqubrr4Vc4 x8x4T0BvOhjjds6KiFgUpcNaM5B6KrShWBeJbsmCrpG6biW5oohIEYeUdFxKRCxe zF5fSzFdisQ1ANDgSGb+6qoldQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE55xkt5 T6UZTmIpG7cGTC1vvsthMB8GA1UdIwQYMBaAFF8wfmJ0rDnlTpmGbau4XCye/Rax MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUY4OS81QkU3NDg3OEM2 OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09lVk9tWVp0cTdoY0xKNzlG ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h6Qi1ZblNzT2VWT21ZWnRxN2hjTEo3OUZyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUY4OS81QkU3NDg3OEM2OUUxMUVBOUJGOEEzM0NDNEY5QUUwMi9YekItWW5Tc09l Vk9tWVp0cTdoY0xKNzlGckUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUlYIW3Ys4CtthmF2xcR8T8RlS7fyNY2sB9VW9mZVH3vYzIJH07tU5 r4L3HTQ9MAr4x34CCeog5Wj2IBRJAR1fNtCxp7N9rCjVwcllO/J4HlFLc+N99VxF y5V6ty0i6bH2VDL/czvhEmi40YGtZYF/DexdFSbhf6ZoBoVjQ/lv3MhG5xFhxIr1 7WK926bvidPAnVpV6gIxM4PDfzGE9vYWNL+MpL9dU+ti5J7NNVuUXqkv6e/Z4v7C CXWZiqDZaTPlsV7+iMfzvUO/iSnT1Fd1VKElykNZRFr537th5+kPRnsz5W8gnmzh Bv8sxpcirmqaWGXg3EqyvfPVT4vzBdYp -----END CERTIFICATE-----Generated at Thu Sep 18 20:52:25 2025 by rpki-client