$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft File: IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json) Hash identifier: 32d3JPwzWMe/QRKo9MaWG4Y5Yg0qKiLP72jvckQQPio= Subject key identifier: A2:79:AA:85:A4:C5:BC:38:88:77:C6:74:39:2B:5B:C9:7A:0A:4C:73 Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: 8F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft Manifest number: 8E Signing time: Thu 18 Sep 2025 17:48:45 +0000 Manifest this update: Thu 18 Sep 2025 17:48:45 +0000 Manifest next update: Thu 25 Sep 2025 17:48:45 +0000 Files and hashes: 1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: YSKTM0KdhfR6QTIgtj+t1U+KrXPbiF6GrrKRTeuK8G4=) 2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 17:48:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Validity Not Before: Sep 18 17:48:45 2025 GMT Not After : Sep 25 17:48:45 2025 GMT Subject: CN=68cc45fd-f736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f0:1e:ef:8e:58:38:b8:46:76:44:a8:71:b9: f3:b5:d2:3e:87:3a:d7:d3:8f:b9:01:21:23:8e:5e: d3:af:b1:d1:66:2c:89:48:08:73:dc:ca:fb:b8:5b: e1:9e:a6:30:d5:3b:2b:e3:68:a4:e7:6c:05:95:64: 73:b7:a3:9a:9e:1b:75:b9:5c:cf:ea:b8:1d:00:b7: da:54:df:4f:f2:90:f8:7d:50:10:76:ca:ad:79:57: 44:a4:58:df:99:74:04:d3:69:7d:de:63:7c:aa:21: c6:7b:8a:0f:7c:f8:42:1a:62:ee:a4:dd:54:10:f7: f6:57:ae:f6:4c:cd:c3:93:64:10:ef:22:a8:f0:09: 14:17:a3:f2:8f:ec:b8:1f:87:ba:4d:cd:38:03:80: ec:18:3c:a7:23:7e:90:d4:5d:ff:20:a0:fa:b3:eb: 01:10:13:75:a3:11:e7:d8:cf:7d:26:61:6b:84:db: 8e:a8:0a:de:b8:12:6f:82:63:68:cc:59:37:d0:ee: f9:54:0c:f6:7b:1d:ac:23:91:86:bb:70:6f:16:6d: 3e:78:b8:ef:1d:09:b2:12:51:20:04:31:21:22:e7: 32:e3:aa:35:4e:8b:98:1f:7d:87:54:57:da:99:8a: bd:89:7c:3e:8e:52:d3:0f:11:69:58:49:63:43:32: 1e:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:79:AA:85:A4:C5:BC:38:88:77:C6:74:39:2B:5B:C9:7A:0A:4C:73 X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:7d:7b:43:ea:0d:54:f1:01:01:83:4c:93:4a:71:58:1a:b5: 05:ff:b6:90:cd:06:b8:16:b6:dc:7b:b7:50:2b:b3:98:80:69: fd:55:7e:bd:af:5e:c8:9c:6c:84:42:ad:d4:2a:4a:da:73:dc: 2b:ae:7c:c5:dc:9f:fa:a1:30:38:5f:07:cb:02:e8:52:31:bf: eb:7f:0a:56:0e:8d:63:7b:88:ee:f5:8c:fc:42:39:5a:39:1b: 60:ad:c0:33:dd:d0:76:f5:13:a2:f9:61:30:61:c5:9e:62:3b: 2d:d6:e2:53:0b:24:c7:8e:1d:a6:38:b7:fd:0e:6b:ef:ff:78: c4:92:d5:e4:0a:2d:5f:20:d7:84:c5:53:d4:4d:99:02:74:4d: a3:a0:ee:36:89:f6:4f:9b:9a:ba:27:4a:0e:ae:7f:d9:4c:dc: d0:b3:47:ab:68:b2:73:b8:b9:1a:b0:59:c9:09:e0:7d:5d:07: 9f:53:d2:f0:41:74:54:7a:e8:88:67:36:2c:26:52:d4:6e:b3: bf:88:6e:e3:f9:33:b0:05:ab:f9:31:97:66:cc:2f:67:66:38: a4:c9:40:b1:e6:56:01:57:5d:20:4d:b2:73:96:a0:51:0f:f1: df:c5:52:2b:9b:70:56:7c:4b:03:27:c4:3d:5b:45:d0:e2:78: 4a:28:d7:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUMyMjUxMTAvBgNVBAUTKDIyQzdFQzNDRDlFRDRDNTBFODk0QTExQkNENzBEMDMx MENENUY4NTkwHhcNMjUwOTE4MTc0ODQ1WhcNMjUwOTI1MTc0ODQ1WjAYMRYwFAYD VQQDEw02OGNjNDVmZC1mNzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/Ae745YOLhGdkSocbnztdI+hzrX04+5ASEjjl7Tr7HRZiyJSAhz3Mr7uFvh nqYw1Tsr42ik52wFlWRzt6Oanht1uVzP6rgdALfaVN9P8pD4fVAQdsqteVdEpFjf mXQE02l93mN8qiHGe4oPfPhCGmLupN1UEPf2V672TM3Dk2QQ7yKo8AkUF6Pyj+y4 H4e6Tc04A4DsGDynI36Q1F3/IKD6s+sBEBN1oxHn2M99JmFrhNuOqAreuBJvgmNo zFk30O75VAz2ex2sI5GGu3BvFm0+eLjvHQmyElEgBDEhIucy46o1TouYH32HVFfa mYq9iXw+jlLTDxFpWEljQzIemwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKJ5qoWk xbw4iHfGdDkrW8l6CkxzMB8GA1UdIwQYMBaAFCLH7DzZ7UxQ6JShG81w0DEM1fhZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzIyNS9DOTQ0N0ZGMEJF RjkxMUVGQkNGNjg5NDRDNEY5QUUwMi9Jc2ZzUE5udFRGRG9sS0VielhEUU1RelYt RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1Gay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzIyNS9DOTQ0N0ZGMEJFRjkxMUVGQkNGNjg5NDRDNEY5QUUwMi9Jc2ZzUE5udFRG RG9sS0VielhEUU1RelYtRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAefXtD6g1U8QEBg0yTSnFYGrUF/7aQzQa4Frbce7dQK7OYgGn9VX69 r17InGyEQq3UKkrac9wrrnzF3J/6oTA4XwfLAuhSMb/rfwpWDo1je4ju9Yz8Qjla ORtgrcAz3dB29ROi+WEwYcWeYjst1uJTCyTHjh2mOLf9Dmvv/3jEktXkCi1fINeE xVPUTZkCdE2joO42ifZPm5q6J0oOrn/ZTNzQs0eraLJzuLkasFnJCeB9XQefU9Lw QXRUeuiIZzYsJlLUbrO/iG7j+TOwBav5MZdmzC9nZjikyUCx5lYBV10gTbJzlqBR D/HfxVIrm3BWfEsDJ8Q9W0XQ4nhKKNe2 -----END CERTIFICATE-----Generated at Fri Sep 19 18:33:41 2025 by rpki-client