$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: pc/aOng6N8BTQJH4Gh9NM7e+9rGvILBE9lIPRVLgc6I= Subject key identifier: C7:28:8C:FF:0C:0C:54:95:A1:51:A8:A3:3E:DB:15:4C:B6:F2:65:6B Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: A0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 9E Signing time: Fri 05 Sep 2025 06:46:28 +0000 Manifest this update: Fri 05 Sep 2025 06:46:27 +0000 Manifest next update: Fri 12 Sep 2025 06:46:27 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: x4o7VuiQuCp8cEZcrHRYWUei661uGy7oZlDvBbo9NJ8=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:46:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 160 (0xa0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Sep 5 06:46:27 2025 GMT Not After : Sep 12 06:46:27 2025 GMT Subject: CN=68ba8743-da7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:9c:76:4e:b0:e6:44:cf:be:84:d6:05:08:7a: fd:e5:c5:f7:ca:d7:d2:5d:ae:b8:8d:f2:16:64:1e: 74:f2:17:02:6f:19:9c:55:9f:a3:b6:38:da:3a:17: 02:97:6d:d4:d2:c5:95:a7:a8:54:2f:61:ab:24:7e: da:cf:d0:69:83:45:81:96:f8:05:1f:13:39:89:cd: 4b:9c:97:6f:4d:b5:02:5c:a6:de:a9:3c:34:5b:f9: e6:39:12:46:34:16:27:3e:0f:00:44:0e:23:f2:47: 83:b8:f5:ba:50:30:a1:b0:83:5c:ed:8a:09:77:80: 23:d8:39:fe:f5:8b:19:7d:fe:83:51:cc:c8:3f:d9: 0c:a3:82:fe:cd:38:b2:71:20:7c:38:fe:d5:3e:e7: 60:df:25:06:35:40:8d:4b:47:56:3a:90:6b:1e:f0: 7c:f4:f3:06:d5:68:9a:63:43:6f:57:52:1a:3d:6f: 64:82:7b:8b:fe:58:3e:aa:b2:08:2a:14:fd:95:0f: e5:ab:62:4c:94:c0:b6:2b:2b:63:64:dd:4e:e0:57: 6b:b7:e9:46:e6:b4:ca:53:aa:36:04:53:25:52:e8: d0:bf:4d:67:76:ad:68:87:75:5d:8b:27:54:55:b6: e2:14:3b:fe:5d:1f:86:48:33:49:a6:3c:d8:ef:15: 6c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:28:8C:FF:0C:0C:54:95:A1:51:A8:A3:3E:DB:15:4C:B6:F2:65:6B X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:5a:89:f7:6e:72:e3:81:de:65:e9:7d:f0:79:5a:6c:2d:68: f5:fe:d9:09:7d:14:68:ce:cf:f5:c6:d0:d4:72:d8:50:f1:d4: 1a:59:77:5d:f8:94:ef:4b:25:ac:3f:d9:99:46:77:b3:25:ac: 25:18:17:8f:47:37:17:94:c4:12:28:9e:3c:84:fd:bd:38:6f: fa:10:db:ef:43:56:dd:7c:ca:59:59:04:12:73:a0:1b:c5:98: 1b:a8:a6:c3:09:96:53:64:0a:37:a4:d9:9b:9c:d3:4b:2f:b6: 62:28:03:ba:81:f4:a7:b6:37:ac:01:a8:7c:18:86:d7:24:08: 4e:77:0b:42:d6:c6:be:9b:4a:37:3c:aa:e9:90:47:7e:4d:44: 5c:2c:37:c7:3d:c0:5c:8e:27:a1:90:05:34:80:bc:0f:5c:9e: b1:df:12:c9:05:51:ea:0f:44:ab:c3:c4:23:ae:b9:d8:a7:38: a5:13:fb:bd:31:ec:5d:91:6e:9c:5d:08:d4:09:42:34:45:2e: 0b:42:09:23:6d:c4:b9:e2:f3:ad:96:5f:56:25:3a:ec:ef:9e: 83:68:a3:42:82:3b:67:1e:ae:42:2a:f0:4f:42:b4:a6:71:b2: 41:7e:71:46:4e:93:ff:ba:42:82:9d:97:db:de:2c:dc:15:b6: 68:28:b6:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUwOTA1MDY0NjI3WhcNMjUwOTEyMDY0NjI3WjAYMRYwFAYD VQQDEw02OGJhODc0My1kYTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1px2TrDmRM++hNYFCHr95cX3ytfSXa64jfIWZB508hcCbxmcVZ+jtjjaOhcC l23U0sWVp6hUL2GrJH7az9Bpg0WBlvgFHxM5ic1LnJdvTbUCXKbeqTw0W/nmORJG NBYnPg8ARA4j8keDuPW6UDChsINc7YoJd4Aj2Dn+9YsZff6DUczIP9kMo4L+zTiy cSB8OP7VPudg3yUGNUCNS0dWOpBrHvB89PMG1WiaY0NvV1IaPW9kgnuL/lg+qrII KhT9lQ/lq2JMlMC2KytjZN1O4Fdrt+lG5rTKU6o2BFMlUujQv01ndq1oh3VdiydU VbbiFDv+XR+GSDNJpjzY7xVs3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMcojP8M DFSVoVGooz7bFUy28mVrMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnWon3bnLjgd5l6X3weVpsLWj1/tkJfRRozs/1xtDUcthQ8dQaWXdd +JTvSyWsP9mZRnezJawlGBePRzcXlMQSKJ48hP29OG/6ENvvQ1bdfMpZWQQSc6Ab xZgbqKbDCZZTZAo3pNmbnNNLL7ZiKAO6gfSntjesAah8GIbXJAhOdwtC1sa+m0o3 PKrpkEd+TURcLDfHPcBcjiehkAU0gLwPXJ6x3xLJBVHqD0Srw8QjrrnYpzilE/u9 MexdkW6cXQjUCUI0RS4LQgkjbcS54vOtll9WJTrs756DaKNCgjtnHq5CKvBPQrSm cbJBfnFGTpP/ukKCnZfb3izcFbZoKLYm -----END CERTIFICATE-----Generated at Sat Sep 6 21:04:36 2025 by rpki-client