$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: zj4A/YUlR8qETfl0vESQjid4W3md0OV41UI7CrN7gZg= Subject key identifier: 2B:06:B5:FF:77:08:E9:3F:37:65:D7:30:5F:D9:18:69:12:05:12:4C Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CC0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CBA Signing time: Tue 02 Sep 2025 18:24:02 +0000 Manifest this update: Tue 02 Sep 2025 18:24:01 +0000 Manifest next update: Tue 09 Sep 2025 18:24:01 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: gxg1DAJshkouTk6oUB0ZL1WNP8f38l+CuVSYYIoicJY=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:24:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3264 (0xcc0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Sep 2 18:24:01 2025 GMT Not After : Sep 9 18:24:01 2025 GMT Subject: CN=68b73641-7e6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:10:5a:5d:24:ab:a8:77:28:a5:71:f7:f2:f6: c8:f6:f4:4e:d3:ce:f0:9b:38:7e:8f:10:62:01:35: 16:bc:f1:b2:72:7d:d0:73:5a:6d:b9:8e:52:c5:9d: 24:b6:77:33:41:97:d0:c0:c1:ef:85:f3:d9:f7:84: ce:0b:f0:1e:be:92:62:68:e6:fe:3c:47:11:64:ae: ce:5d:18:ca:35:d0:99:d2:09:67:63:8a:29:3b:5e: 18:0e:03:30:79:96:86:5e:06:09:7d:29:8e:49:79: 7f:b3:44:db:f7:f1:38:e8:62:92:dd:22:0e:ae:9d: 02:ee:da:dd:07:fa:66:a6:03:37:38:d9:28:e8:aa: 1c:75:43:fa:77:0f:d8:41:6c:ce:ef:ef:44:a1:81: 0c:ba:b8:56:26:c1:a9:4a:ef:ef:3b:c2:99:5e:fe: 81:37:de:58:64:5a:b8:f3:e0:62:63:61:2f:e0:f9: b4:7c:8a:3b:fc:8e:91:e3:e2:5d:d9:10:51:bc:ac: 58:82:21:f4:2b:d6:f8:6c:ae:2b:97:d8:05:a4:19: a4:b9:c3:5a:25:21:b6:a7:c8:d8:58:65:49:78:99: 06:bb:17:9e:d3:82:e8:0b:9b:8f:4d:4a:b7:fc:31: b3:a4:4d:11:93:7e:55:8e:cb:eb:76:21:14:8a:67: 91:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:06:B5:FF:77:08:E9:3F:37:65:D7:30:5F:D9:18:69:12:05:12:4C X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:46:22:41:85:9a:c3:83:39:70:48:53:63:d6:f9:32:6e:37: 14:ba:37:c6:38:47:8b:c9:c4:7f:ca:a2:d2:34:d8:99:47:b5: 10:50:24:43:18:27:a7:24:f5:df:77:7f:be:fb:75:d2:99:22: cc:6c:c4:78:0c:3f:e3:c4:7c:06:a4:d2:de:fb:5e:7f:fe:71: 32:e1:13:ab:63:f3:e2:44:26:0b:68:09:66:84:39:60:10:06: f6:dc:4b:41:18:e3:f3:9a:ee:86:6c:ac:e7:85:08:66:35:69: eb:6b:0c:7b:c2:62:75:f0:de:e0:ba:03:c2:15:05:8e:25:d0: 2b:95:a3:06:f7:90:d1:c0:be:1d:33:b3:d3:14:95:bb:35:d0: 87:18:ef:c6:09:a5:30:85:a5:e2:ca:34:3b:ce:3b:dc:ce:da: 1d:77:0c:d5:cc:07:43:97:81:48:b4:db:68:65:90:84:59:c4: 5c:cb:3b:48:d3:5f:22:5c:fb:b5:f1:b2:43:f0:f1:39:9c:86: 69:05:c9:39:e6:09:b6:fa:0f:90:c5:7e:a2:71:52:63:b5:fa: cb:01:85:0d:7d:9f:a8:d9:01:ce:92:36:bc:91:79:fe:fb:d4: e0:07:4b:63:98:15:a8:19:ce:95:95:18:78:6d:44:18:1c:9d: 76:1a:0e:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUwOTAyMTgyNDAxWhcNMjUwOTA5MTgyNDAxWjAYMRYwFAYD VQQDEw02OGI3MzY0MS03ZTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzBBaXSSrqHcopXH38vbI9vRO087wmzh+jxBiATUWvPGycn3Qc1ptuY5SxZ0k tnczQZfQwMHvhfPZ94TOC/AevpJiaOb+PEcRZK7OXRjKNdCZ0glnY4opO14YDgMw eZaGXgYJfSmOSXl/s0Tb9/E46GKS3SIOrp0C7trdB/pmpgM3ONko6KocdUP6dw/Y QWzO7+9EoYEMurhWJsGpSu/vO8KZXv6BN95YZFq48+BiY2Ev4Pm0fIo7/I6R4+Jd 2RBRvKxYgiH0K9b4bK4rl9gFpBmkucNaJSG2p8jYWGVJeJkGuxee04LoC5uPTUq3 /DGzpE0Rk35VjsvrdiEUimeRMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCsGtf93 COk/N2XXMF/ZGGkSBRJMMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+RiJBhZrDgzlwSFNj1vkybjcUujfGOEeLycR/yqLSNNiZR7UQUCRD GCenJPXfd3+++3XSmSLMbMR4DD/jxHwGpNLe+15//nEy4ROrY/PiRCYLaAlmhDlg EAb23EtBGOPzmu6GbKznhQhmNWnrawx7wmJ18N7gugPCFQWOJdArlaMG95DRwL4d M7PTFJW7NdCHGO/GCaUwhaXiyjQ7zjvcztoddwzVzAdDl4FItNtoZZCEWcRcyztI 018iXPu18bJD8PE5nIZpBck55gm2+g+QxX6icVJjtfrLAYUNfZ+o2QHOkja8kXn+ +9TgB0tjmBWoGc6VlRh4bUQYHJ12Gg4i -----END CERTIFICATE-----Generated at Thu Sep 4 13:56:46 2025 by rpki-client