$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: WK4upZStIUA3KwmYuP8EwfekCX/Gdw34ZD2CLtG95L4= Subject key identifier: 6A:CF:B8:57:47:0C:43:CD:23:B9:55:80:F1:99:30:DC:63:4F:F1:F9 Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0D35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0D2D Signing time: Fri 22 Aug 2025 18:09:01 +0000 Manifest this update: Fri 22 Aug 2025 18:09:00 +0000 Manifest next update: Fri 29 Aug 2025 18:09:00 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: rxY4K33XNPW1x8lHbLe7ddESVmmqqqmMIYNUK6o72eM=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3381 (0xd35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Aug 22 18:09:00 2025 GMT Not After : Aug 29 18:09:00 2025 GMT Subject: CN=68a8b23d-5a0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:17:ab:fc:02:23:a0:4d:56:82:fc:36:36:dc: 03:19:66:45:a6:85:1b:07:4f:cb:ce:1e:68:ea:66: 54:89:0b:60:5f:69:30:af:e5:1d:09:d8:2f:25:cf: 60:83:71:e5:c7:31:c1:3b:2c:81:0e:51:33:b8:05: e5:43:67:77:44:d6:cf:13:dd:c6:59:cd:d8:d3:17: 1f:66:58:72:41:3d:f4:2c:9f:23:00:2e:cf:70:b0: 5a:30:85:be:b6:22:ee:15:dd:57:95:fe:c4:11:d0: 8d:5a:4a:82:62:5f:2b:72:f6:d8:37:5e:37:a0:68: 92:30:5f:94:47:75:87:f3:85:0e:ec:79:2c:48:76: 81:0c:9d:b0:d6:ce:72:c5:dc:16:6b:79:72:cb:32: ef:c1:79:d7:bf:c3:53:2c:52:4b:e8:32:8e:a2:1d: ce:60:44:3b:1e:38:c5:98:73:0d:dd:76:30:94:bb: 44:63:58:95:62:41:5c:1c:36:e2:b2:c4:9e:7d:87: 95:b9:c0:16:3a:ef:82:5b:6c:72:46:e8:b7:2c:4e: ff:17:d8:90:4a:65:9a:cf:16:b2:20:86:cf:bd:47: d9:61:68:f7:bb:58:ef:d6:1e:52:72:68:d4:5c:cd: b0:81:06:a3:6c:9f:a5:ee:b6:11:b2:fe:67:3a:20: 40:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:CF:B8:57:47:0C:43:CD:23:B9:55:80:F1:99:30:DC:63:4F:F1:F9 X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:5f:30:44:92:a1:08:3d:a9:ec:d3:32:7c:94:f0:0d:b5:fa: 19:59:67:90:78:9e:5f:2e:be:fc:9a:33:bc:16:0b:88:4b:54: 41:56:97:d2:06:d0:e7:74:f0:2e:c9:93:79:80:b9:6b:f1:72: ed:08:06:02:b6:54:51:f5:4b:c6:eb:30:60:67:cc:28:b6:04: e2:59:ae:54:52:79:51:a1:3e:9c:ae:11:a8:95:46:97:36:38: e0:20:09:60:65:f1:1d:93:ff:c2:5a:8f:aa:ef:82:42:82:47: de:3d:e3:6a:63:aa:f7:10:87:fa:a4:b1:fd:fd:5b:13:57:04: f1:ff:02:94:eb:f6:ed:f2:8b:9d:91:3b:f7:0b:72:01:fe:3c: 46:f4:f7:86:41:31:9e:76:5e:aa:36:8c:a9:9f:08:14:19:4b: 0e:ea:b9:ea:db:5c:cc:e6:fb:c0:cd:13:76:ce:5d:40:25:27: 75:54:83:8e:2b:63:03:ed:ae:dc:d9:19:c5:0d:60:af:09:46: 52:62:56:77:f2:7e:b9:6b:f9:0e:32:bf:21:9a:ae:a0:19:6a: 84:f0:e1:0e:40:0c:8b:ed:7a:2b:3e:a0:24:55:80:17:ed:ca: f1:9f:56:d4:35:6d:21:c5:5e:e6:3a:92:cb:27:21:13:88:bd: b4:c3:75:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjUwODIyMTgwOTAwWhcNMjUwODI5MTgwOTAwWjAYMRYwFAYD VQQDEw02OGE4YjIzZC01YTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyRer/AIjoE1Wgvw2NtwDGWZFpoUbB0/Lzh5o6mZUiQtgX2kwr+UdCdgvJc9g g3HlxzHBOyyBDlEzuAXlQ2d3RNbPE93GWc3Y0xcfZlhyQT30LJ8jAC7PcLBaMIW+ tiLuFd1Xlf7EEdCNWkqCYl8rcvbYN143oGiSMF+UR3WH84UO7HksSHaBDJ2w1s5y xdwWa3lyyzLvwXnXv8NTLFJL6DKOoh3OYEQ7HjjFmHMN3XYwlLtEY1iVYkFcHDbi ssSefYeVucAWOu+CW2xyRui3LE7/F9iQSmWazxayIIbPvUfZYWj3u1jv1h5ScmjU XM2wgQajbJ+l7rYRsv5nOiBAyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGrPuFdH DEPNI7lVgPGZMNxjT/H5MB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYXzBEkqEIPans0zJ8lPANtfoZWWeQeJ5fLr78mjO8FguIS1RBVpfS BtDndPAuyZN5gLlr8XLtCAYCtlRR9UvG6zBgZ8wotgTiWa5UUnlRoT6crhGolUaX NjjgIAlgZfEdk//CWo+q74JCgkfePeNqY6r3EIf6pLH9/VsTVwTx/wKU6/bt8oud kTv3C3IB/jxG9PeGQTGedl6qNoypnwgUGUsO6rnq21zM5vvAzRN2zl1AJSd1VIOO K2MD7a7c2RnFDWCvCUZSYlZ38n65a/kOMr8hmq6gGWqE8OEOQAyL7XorPqAkVYAX 7crxn1bUNW0hxV7mOpLLJyETiL20w3XO -----END CERTIFICATE-----Generated at Sun Aug 24 00:50:09 2025 by rpki-client